C2PA Investigations (www.tbray.org)

At the IPTC Photo Metadata talk (blogged version), the speaker audited C2PA “Content Credentials” in the wild (2025) and found a mixed, early-stage picture. Real-world credentials are rare—platforms and publishers routinely strip metadata—yet when present they can be very rich: Lightroom and Leica claims embed dozens of EXIF fields (e.g., ApertureValue, BitsPerSample, BodySerialNumber) and detailed processing actions (crop, exposure, Dehaze, Sharpness) exported raw with c2patool. Inspectors are inconsistent and buggy (Chrome-only plug-ins, broken Adobe inspector) and interoperability gaps remain (Adobe tools initially failed to read Pixel 10 credentials). The Pixel 10 marks a big inflection point because mass-market phones are shipping C2PA, but Google’s implementation is minimal (device labeled generically, “computationalCapture”, timestamp marked “untrusted”, provenance intentionally minimized for privacy). The significance is twofold: provenance is both powerful and sensitive. Lightroom’s OAuth-driven provenance chain (Adobe → LinkedIn → Clear ID → government ID) demonstrates strong identity claims but raises privacy and policy concerns; EXIF serial numbers similarly risk leaking sensitive data. There’s ambiguity around AI disclosure—Lightroom’s Select Sky/Subject (AI-assisted) aren’t flagged as generative AI, while fully synthetic content is being labeled. Practical implications: stop publishers stripping credentials, improve cross-vendor tooling and UI (drill-down vs simple flags), standardize what processing must disclose (especially genAI), and prioritize provenance semantics over trivial capture metadata.