Under the name Content Authenticity Initiative (CAI), renowned media and technology companies, non-governmental organizations and scientists have joined forces to create an open industry standard for the authenticity and origin of content. The initiative’s initiator and patron is Adobe, a leading manufacturer of digital content editing software. Hundreds of organizations around the world have now joined the project, including hardware manufacturers such as Canon or Leica, major media houses such as the New York Times, Reuters or Stern, and technology companies such as Microsoft and nVidia.
The flood of digital content that pours in on us consumers via a wide variety of channels such as social media, messenger services and media platforms is constantly increasing. Unfortunately, this includes an increasing amount of misinformation. Politicians, conspiracy theorists, but also companies try to manipulate the opinion of society in their direction. In particular, sharing such fake news often creates a very high reach and the damage can be considerable. In retrospect, it is enormously difficult to expose the photos or videos as fake and to set the facts straight.
Artificial intelligence does not make it any better in this case. By means of so-called deep fakes, photos and videos can be produced that can hardly be distinguished from genuine content. These are often used to put quotes into the mouths of well-known personalities that they did not actually say. It is even more dangerous when it comes to concrete actions that may not have taken place at all.
Technologically, there is a race between the algorithms that create such deep fakes and those that are supposed to detect the fraud. Ultimately, it is a race that the “good guys” cannot win because they are always one step behind the fraudsters.
That’s why a different approach was needed. Instead of proving media false after the fact, a method was developed to certify the authenticity of content.
How it works
In principle, the aim is to create transparency about who or what the source of the medium is and how (often) the content has been edited. At the same time, it must be ensured that this information is also authentic, i.e. that it has not been manipulated.
The Content Authenticity Initiative has defined 4 steps in the lifecycle of a digital asset that must be covered:
- The creation of an asset
Directly during the creation of a photo or video, information such as the location (geolocation), the author (photographer), the camera model, etc. is stored as so-called content credentials in the metadata of the asset. This is done directly on the hardware side, i.e. in the camera. So far, so good, this is already happening today. The difference is that this time this information is encrypted and signed using “Cryptographic Asset Hashing”. The creator of the photo or video can decide what information to store in the image. In journalism, it is often important to protect the source.
- The asset editing
Digital content usually goes through dozens of editing steps before it is published. Professional programs such as Adobe Photoshop for image editing or Premiere Pro for video editing are used. As part of the CAI, these tools will add each editing step of the asset to the metadata in the future, so that the entire editing history can be viewed at any time.
- The publishing process
Mechanisms will be integrated into the platforms of the publishing media companies to allow readers to view all metadata as well as the editing history of the photos and videos. In the publishing workflow, the CAI metadata is read by the respective content management system (CMS) and prepared in a form that can be quickly and easily captured by content consumers.
- The Viewing
As a consumer of digital content, I can view the content credentials via a so-called verification page and even compare versions from the editing steps.
The whole framework was published as an open, technical standard under the name Coalition for Content Provenance and Authenticity (c2pa.org).
Open-source tools from the Content Authenticity Initiative
The CAI has developed several open source tools that can be used by anyone who wants to use the mechanisms to protect and verify content on their own website or app.
The C2PA Tool is a command line interface (CLI) that can be used to create, verify and display content credentials.
The Rust SDK can be used to develop applications and services that can create, verify and display content credentials.
Here you can find an comparison table that helps to choose the right tool for the right purpose.
The Content Authenticity Initiative is a great push to curb misinformation and establish credibility of web content. I’m very pleasantly surprised at how many organizations have already joined the initiative and hope that the standard will soon become widespread.