The Content Authenticity Initiative

The Content Authenticity Initiative is building systems to provide provenance for digital media, giving creators tools to express objective reality and empowering consumers to evaluate whether what they are seeing is trustworthy.

I came across this today and it’s really cool that people are implementing this stuff. Expand the idea from ‘content’ to ‘any data from any sensor’ and it begins to really become very powerful.

Not only can we have data provenance but also calibration provenance and modifier provenance (ie store the type of filtering, statistical methods, editing, up-sampling, whatever has been done to the original data). We can also apply retroactive confidence levels if we learn something that affects the provenance (eg if a calibration tool is found to have drifted over time, any prior data from sensors calibrated using that calibration tool can be marked as such).

Some big names are working on it (for better or worse): Members — Content Authenticity Initiative

To me this is could be a very strong basis for SN app. I’m super excited to see people working on this.


Content Authenticity is a two edge sword that is already been wielded to censor viewpoints that are not approved by mainstream media. How would a SN App address what it has already become: “Authentic Journalism” = “Mainstream Journalism”? Prickly problem. Here is some takes on Content Authenticity Initiative and similar from some sources that are already labelled unapproved/inauthentic by Google, Bing etc:

Not on the authentic list, SE de-ranked:


Combine this with the methodology of Five-Thirty-Eight (give more weight to sources, in their case polls, who have gotten it right in the past), Sportspicker AI (the power of demonstrative opinions of an informed crowd) and the immediacy/reach of Safe Network and you have Super App! This could truly realize some of the benefits of SN we only dream of now.


The whole concept fits perfectly with Safe Network. Immutable data from the source, tied to a SafeID, versioning to any edit, perpetual and no link rot. Showing what has changed where on any data can provide a lot of context and help fight misinformation. It would be great to see this come to or be compatible with Safe Network.


Perhaps not in the same vision that CAI envisage.

There is a media war going on right now being used to establish “truthfulness” of online media. Never to let a good crisis go to waste, COVID/Vaccines are the most recently cited example as the reason for urgency as a supposed clear cut case of the “experts” Vs misinformation leading to massive Youtube, FB, Twitter censorship/shadow banning of ideas not approved by the World Health Organisation. The video link above is still censored in most areas even though the non-mainstream yet still scientific results expressed in it have now been even more scientifically validated than they were when it was made (you can still find a longer form unedited original video here luckily in this one particular case there is a place they could not censor by law, most other ideas are not so lucky). So here is a case where “authentic” expert consensus views were promoted and “inauthentic” view were purged en-mass from social media sites. This mistake has cost, and is still costing countless lives.

The CAI and their solutions appear to be coming just from the establishment POV. For example: They cite digital identification systems of real world people or blanket approval of some organisations such as the NY times (which itself has a long list of “approved” news stories that killed a lot of people: WMDs, while the inauthentic views were censored). I won’t dig up references now but real world identification even when only known to a subset of participants ignores the way to high and climbing number of deaths and threats around the world every year against people publishing online (notice I did not say “journalist”). I don’t believe that some organisation/s need to know who the real world identity as a prerequisite for “authenticity”, or that identity needs to be piped through choke points to be approved Aussie style for us to solve this problem. None of their proposals appear truly decentralised or let people decide for themselves.

Would love to hear any ideas on ways SN could take this in new directions @mav and make it truly decentralised, not falling into the obvious traps being set to reinforce and preserve the status quo by CAI, C2PA, Trust Service and similar. If I had to cite one simple basic tech that the SN would need to even start tackling this I’d say it would be verifiable decentralised timestamp service. Signed messages with timestamps where the authenticity of the timestamp cannot be called into question. Perhaps timestamping would be the best first use-case for a blockchain over SN? Higher level would be marketplace of trust providers where the user can always override and advertise their particular lack of confidence in any providers to other participants. Retroactive confidence levels of course but again it will be a spectrum: You can still find plenty of authentic mainstream sources saying such and such a decision, although it retrospect turned out to be an utter disaster, was actually still a good idea.


Do you consider ‘truthfulness’ the same as ‘objectivity’?

I feel the aim of CAI would be to establish the lack-of-modification to content, not necessarily the ‘truth’ that is derived from it. Truth is a slippery concept so maybe it ends up being the same thing in the end?

When ‘trust’ is thrown into the arena alongside ‘truth’ and ‘objectivity’ we get even more slippery. ‘Authority’ is another tough concept to throw into the mix. I’m going to mainly focus on ‘objectivity’.

Censorship is definitely an issue. So are bubbles (censorship by too much content). But to me these issues are outside the scope of content provenance. They’re connected for sure, but further enough down the chain that I don’t feel it should lead us to doubt the usefulness of content provenance.

I feel this is a problem of the platform policies, not a problem of content provenance though.

Content provenance will hopefully help this problem, since it gives consumers a lever to push back against removal. If the content has a solid provenance then there’s even less reason for it to be removed.

Provenance may be from the device itself (content signed by the camera, sensor, manufacturer, whatever), but it also may have further reinforcing factors like signatures from the owner of the device, or from the device operators, or from the device calibrators, or other sensors that were nearby that original sensor, etc.

The provenance doesn’t determine ‘truth’ or ‘trust’, it just establishes ‘objectivity’. We have some level of confidence (high or low) that what we see hasn’t been modified. What we decide from the information is a separate thing. In this case, social media sites decide to remove content. Including some provenance information should [hopefully] improve that decision process. And if it doesn’t improve the decisions of social media companies, then maybe it will improve the decisions of consumers (to leave those platforms). Provenance will (hopefully) improve decisions.

Yeah. The implementation matters. And this is my main concern with the involvement of big companies in the standards process. I feel like they could easily screw it up. Hopefully they do a good job of it.

I feel a reliable provenance layer will strengthen the trust layer above it. Provenance doesn’t need to erode privacy (although it could) and it doesn’t need to erode truth (although it could). So hopefully the provenance layer strengthens the ones above it. In reality it may not.

We’ve seen DRM fail. Hopefully this effort doesn’t fail in the same way. I feel it probably won’t. Parts of the provenance chain can fail without all others also failing (we simply update/reduce our confidence rather than lose provenance completely), whereas drm has a single point of failure that once ‘failed’ the feature is lost completely.

I suppose a key point here is the idea of confidence being a spectrum rather than a yes/no true/false state.

I reckon a solid content provenance system will allow people to improve their consumption patterns. Like how google/facebook/twitter produced an explosion in content discovery because of the link-graph and social-graph, data provenance will add another dimension to the graph. We will be able to choose our authorities (journalists or publications or politicians or political parties or scientists or doctors or friends or family or any person/institution that can represent us) and then remix their content streams for our own best purposes (provenance is not just at the point of creation but also at the point of sharing) in a really meaningful way that isn’t subject to hidden-in-the-server content priority algorithms.

It’ll change what we see online and why we see it. But we need provenance to be much broader than mere institutional authority. Safe Network can hopefully provide the ecosystem to nourish a broadness of authority and provenance.


They are distinctly different. To approach true objectivity we would need to be free from biases or personal opinion to increase neutrality or “fairness”. Science attempts to provide a framework/standards to approximate true objectivity. Truth on the other hand… well that is all a matter of each individuals perception of it (which hopefully but not always lines up with reality aka “a fact”).

One thing I note is missing from your reply:

In your opinion does provenance need to tie back to real world identities? 

CAI, (like C2PA, Trust Service and other initiatives) believe: Trust needs provenance == real world identity. Unless your NY Times in which blanket trust of an organisation is ok too in the hierarchical sense (emphasis mine):

We balance simplicity in use of the system with security against tampering and strong links to identity. Identity can be that of an individual, where prudent, or that of the trusted cryptographic signing entity.

You mention for example camera provenance. We could be a very small step from all cameras coming by law with “provenance” data, and your identity tied to at at the point of sale. Indeed all photocopiers already secretly have had this tech since forever and it has led to whistleblowers acting in the public good being put away for daring to challenge the abuses of power. Where I currently live a raft of laws have been passed in recent years criminalising any footage of police “performing their duties”… laws passed right after that very type of footage has led to criminal proceedings against police for abuse of power. Camera provenance in this context is a wholly negative thing for society and solely aids authoritarian goals.

I think there is sufficient evidence to say: they are not screwing it up. It has undergone various iterations and they have heard all the objections from credible NGOs already, yet it is still being engineered exactly as intended. It is a trap, and pretty obviously so IMO. This is what CAI, TP, C2PA are aiming for it has come out in various interviews, Davos notes etc over the years. Their intent is clear and you can see locally Australia is testing the waters on a possible pilot: Require identity verification provenance for every Social Media post. It may fail the first and fifth time around but these entities are certainly persistent.

I believe there is a more decentralised and safer way for society. I agree that provenance is an important layer to implement and agree with you points of all that it can enable… but with major caveats. So where could SN take provenance? First IMO Provenance should never have to equal a real world identity and any service like CAI that tries to draw that equivalence should be rejected outright. Pen names have a long positive history in journalism. On the SN I think a good base layer would be for anyone publishing material to be able to optionally both sign and/or timestamp their content, verifying that “they” are the ones that put it up and/or the time it was put up. Anyone can verify that a series of content came from that same signing person/entity and the time it was published if “they” decide to sign and timestamp each piece of content in the same manner. If they wish to put a real name or company name to it in some kind of market of registration services, then that is their choice but it is not a requirement to gain trust as CAI maintain. Everything else higher level regarding “trust”, “objectivity” and tools to try and discern it can be built above on that secure base.

Interested to hear your take, and disagreement most welcome? For example do believe that any image/video can by cryptographically tied back to the camera and so the person that takes it is the best solution? Do the positives outweigh the negatives?

1 Like

Ah sorry I missed this.

It must not need to tie back to real world identities. Provenance can come from some consistent-but-unknown entity, eg Satoshi signing messages is this kind of provenance.

For some entities, real world identity is critical to provenance since the provenance is perhaps tied to legal (and thus financial) consequences.

I can appreciate the risk that platforms requiring provenance can act as another type of censorship, especially if conditions of provenance are very strict (eg real world identity must be attached). But I feel this is a platform policy issue, not a provenance issue.

This is obviously a worrying direction, much like what happens with SIM cards right now. But again, I see this as a policy problem not a provenance problem.

This sounds like a sensible direction. But there seems to me a pretty clear separation between the technology of provenance and the policy around how provenance can/must be used. I prefer to see maximum flexibility with provenance. Hopefully SN can push us in that direction.

Possibly some sort of zero-knowledge system might help us separate the identity part from provenance, allowing those who need legal certainty to compute if content is ‘legal or not’ without exposing the underlying provenance/owner.


If a user has no control over the technology, then there can also be no separation of technology and policy. With camera example: Say the technology steganographs provenance signatures into every photo/video and there is no user choice, then any policy on how, when or who that info is used by is also out of the users control. Various publishing platforms may or may not have a policy to reject the display any images/videos that do not also come with valid hardware provenance signatures but that policy is besides the point and irrelevant, the technology has already included it. How it is used or abused by policy can’t be avoided or controlled by the user.

Some people might think this could never happen but they would be wrong. All photocopiers already do this today, going back decades. Try turn it off next time you go to make a photocopy. Since you can’t, try instead to control the policy of its use when you publish the photocopy. You also can’t do that. Previously a more informed user might try to cut out or obscure the provenance info but modern cryptography is making that near impossible. Whistle blowers acting in the public good are currently in jail on dubious charges as the technology has made the policy.

So there is only a clear separation of technology and policy when it is optional. It is also not enough if the option is just “on” or “off” when laws are in place to require “on” for publishing as Australia is trying to legislate now. Technology would need to be able to generate and select from unlimited numbers of completely independent provenance signatures, as many as the user wants.
This is not the stance taken by CAI and similar they want technology to include provenance signatures automatically without choice, “its just technology”. Later politicians legislate around it, Aussie style.

Its a trap, a big gaping one.

1 Like

@moderators Would it be possible to get a standalone thread for mav and krnelson’s discussion here? Seems interesting and worth being clearly readable. Thanks

1 Like

@JayBird sorry for the delay, sometimes it seems that the moderators do not do a lot of work, but in the background at the same time there are heated discussions, which are a priority or we just all expect another to do the work… :wink:

If there is no reaction from us within 24 hours just remind us again, sorry again :love:

Privacy. Security. Freedom


For people who want more info on this see Machine Identification Code - Wikipedia

This is definitely an abusive implementation of provenance. I hope we can avoid this.

One of the words that comes to mind is ‘protectionism’. How can we have provenance without it devolving into a tool for protectionism?

I completely agree.

Many sites that deal with photos will scrub exif data for privacy purposes, and I feel that’s a good example of why provenance should be optional. If those sites and their users are seeing some benefit from removing exif, they would also see similar benefits from optional content provenance.

Maybe it’d be useful to have a hierarchy of provenance at the hardware level, eg like how ssl certificates have a bunch of layers-of-authority that ends up at the root certificates. It would be great for me to be able to upload a photo saying it came from a certain product, or a certain manufacturer, or a certain class of products, without necessarily exposing the exact individual sensor that was being used. This may be possible by using a hierarchy of provenance signatures, eg

>this sensor
>-- from this warehouse at this time
>----in this country ← I want to expose here down, but not the warehouse or sensor level
>------by this manufacturer

Content distributors could right now mandate digital signatures attached to all media, eg photographers sign their photographs, journalists sign their articles etc. But they don’t because it’s (probably) cumbersome to manage. In this way, technology has led to the [lack of] policy. And in a similar way, if there was a standard default digital signature system then it invites a policy that mandates it. So I see what you mean when you say technology makes the policy.

Society currently has considerable freedom to decide the direction for both the policy and the technology. Hopefully we can do a good job of it.


I hope so too but it will be a tough road the odds look to be stacking against it. CAI, C2PA, Trust Service… hatched out of oligarch old boy networks, Davos backrooms. Extremely well funded with very deep political and tech industry connections, large influence over the manufacturing side. They have made their position pretty clear: “Protectionist” provenance chains for our own good, to protect us from [insert latest fear here]. Currently its misinformation over Covid. Tomorrow it will be save the children, communists again or whatever else suspends peoples thought process long enough to ram protectionist-provenance standards through. Really slick feel good marketing though, many sign on without realising the danger.
The SN will have a hard job fending off the encroachment, lets see how it goes.