Brendan Quinn of IPTC presented alongside Leonard Rosenthol of C2PA at the World-Wide Web Consortium (W3C)’s Authentic Web workshop series this week.

This was the second in a series of online workshops run by the W3C in an effort to bring together the various work on trust, provenance, credibility and authenticity. The first part of the Authentic Web workshop was run in March 2025.

Leonard presented C2PA, its motivations and work done so far, including describing how C2PA technology is currently used by platforms such as LinkedIn and TikTok, and by most generative AI tools to signal AI-generated content.

Then Brendan went on to describe how the IPTC’s Media Provenance Committee has established the Verified News Publisher programme, an industry specific “trust list” of media organisations who are using C2PA certificates to sign their published content.

W3C events mostly run in the open, so the session agenda,  pre-read material, minutes and even a video recording of the presentation part of the workshop are all available online, even to non-members. As per W3C policy, the discussion portion of the event was not recorded. This allows for more open discussion.

Present at the workshop were representatives of Google Chrome and Mozilla, the W3C’s Technical Architecture Group (TAG), hardware and software vendors, and others with an interest in the idea of implementing content provenance solutions in their tools.

Depending on the outcome of discussions within the group and at further workshops, this work may lead to a physical meeting later this year.

The following is a guest post from Helge O. Svela, CEO of Media Cluster Norway. Media Cluster Norway joined the IPTC as Associate Members of IPTC in 2024 and Helge is the lead of the Provenance Best Practices and Implementation Working Group, where news publishers work together to talk about their progress in implementing C2PA and the IPTC Verified News Publisher programme within their organisations.

In this article, Helge introduces Project Reynir, an initiative to bring secure media signing technology to the Norwegian media industry.

The journalistic institution must rethink how it develops and applies technology if society is to stand a chance against the deluge of fake images and video from generative AI. Never before in human history has it been easier to produce realistic, but fake, images and video, and spread them around the world. The rapid technological development of generative artificial intelligence has turbocharged the engines of disinformation, and caught both society and journalism off-guard. Never have we been more vulnerable.

Disinformation is destabilising our democracies, and spreading erroneous information. This potentially has severe consequences for both democratic processes and for the public in the face of natural disasters and other crises. The first round of the Romanian elections in 2024 was annulled due to what was dubbed an “algorithmic invasion” of social media disinformation. In the aftermath of the earthquake in Myanmar in March, AI-generated videos of the devastating destruction shared by so called “engagement farmers”, likely with financial motives, got millions of views on social media.

Generative AI has given humanity the ability to create realistic videos and images simply by typing a few words into a website. However, these tools also quickly became a part of the arsenal for enemies of democracy. As a result, disinformation is becoming more prevalent, appearing more professional and costing almost nothing to produce. Generative AI is an industrial revolution also for the troll factories in Russia and others who seek to manipulate our perception of the world and sow doubt about what is true.

This is not a media problem. It is a democratic problem, and a dangerous one at that. Disinformation created by troll factories and generative artificial intelligence and spread by bots pose an immediate threat to our democracies. We might end up doubting absolutely everything. When anyone can claim anything is generated and fake, the liars come out on top. This could destroy the foundation of our democracies: trust in each other and in our institutions. One thing is current news, another is history. Imagine a dictator using fake historical footage of a hunger catastrophe in order to justify an ethnic cleansing of a minority. An internet flooded with claims and visual “proof” of what happened in the past, all of which looks authentic. As a result of generative AI this is no longer just a dystopian science fiction scenario. It is a real possibility. Never before have we needed editorial media more. However, the signal strength of editorial media risks being drowned out by an ever growing cacophony of junk content and disinformation.

Project Reynir is our response to the threat Generative AI poses. Because Generative AI makes it so easy to fake both content and sender, editorial media are under threat on two fronts. In Project Reynir, we aim to solve this problem using technical solutions.

The goal is to create something that makes it easier for ordinary people to distinguish between what is fake and what is real. By using cryptographically secured images and video, based on the open C2PA specification, it is possible for both newsrooms and regular media users to be confident that the images we are seeing have not been tampered with on their journey from the photographer’s lens to the mobile screen. Moreover, using the same technology, authenticity markers can be added to the images and videos from news publishers when they post stories on social media and other third party platforms. Thus guaranteeing that content that appears to be the BBC and AFP actually is from these news organisations and not someone impersonating them. If we succeed, we will be a significant step closer to solving the problem of artificially created noise for our present moment. Project Reynir unites newsrooms, media technology companies and academic researchers in the fight against disinformation. Our goal is an 80 percent adoption in the Norwegian news ecosystem, and to serve as a beacon of best practices for the rest of the world of news.

We believe that time is critical, and that all good forces now must unite. The technological development has moved rapidly in the last few years, and the adoption of technology has sometimes been irresponsible. If our democracies are to stand firm in the face of the disinformation tsunami we are facing, quality journalism must be empowered. Only then can we enable citizens to make informed choices free of manipulation and interference, in an environment where facts can be easily distinguished from lies. We call for the democratic governments of the world to invest in innovation in the news media space. The time for responsible tech innovation, made with resilient democracies in mind, is now.

This article was originally published in the report Seeking Truth, Ensuring Quality: Journalistic Weapons in the Age of Disinformation, published by the University of Bergen in collaboration with Media Cluster Norway, as a part of the Journalistic Weapons conference organised in Brussels on April 28 2025. The full report, including articles from Faktisk, the European Federation of Journalists, London School of Economics, the Center for Investigative Journalism Norway and others, is available at https://www.uib.no/sites/w3.uib.no/files/attachments/publication_seeking_truth_ensuring_quality.pdf.

“It has never been more important to safeguard authentic news media,” say the organisers. 

“We must strengthen our voice and hold our ground against the big tech players. It is critical that the industry works together,” said Fabrice Fries, Chief Executive Officer at AFP, in his opening remarks for the workshop in Paris.

“At AFP we are committed to ensure that both news organisations and the general public can inspect the provenance of our images. This transparency builds trust,” said Eric Baradat, the global news deputy director for photo and archives at AFP.

AFP, BBC and Media Cluster Norway jointly organised the workshop, which was hosted by AFP and supported by the International Press Telecommunications Council (IPTC). The workshop focused on image metadata and how the C2PA standard, also known as Content Credentials, can safeguard it. 

“The challenges the news industry are facing are so great that we can only succeed if we work together. Making sure the public can discern between authentic media and content made by generative AI is vital not only for news organisations, but for democratic societies,” said Helge O. Svela, CEO of Media Cluster Norway.

More than 40 people from over 20 news organisations participated in the full day workshop. Among the presentations was a study commissioned by Media Cluster Norway’s Project Reynir on how media consumers respond to being shown more detailed information about an image. The study was conducted by MediaFutures at the University of Bergen, and built on a user study conducted by the BBC.

“Trust is earned. At the BBC we have seen that users really engage when we show them how their news was made. Extra media provenance details such as when and where an image was taken, or the steps used to verify it, make a real difference to how users trust their news. The C2PA standard can allow us to share this information with the users in a secure and trustworthy way,” said Judy Parnall, Principal Technologist, BBC Research and Development.

Among the participants in the workshop were CBC-Radio Canada, Deutsche Welle, France TV, ITV, NHK and Al Jazeera. Topics discussed included carrying provenance metadata from glass to glass versus adding it at the point of publishing, as well as the importance of redaction to the media industry and content provenance for media archives.

“It is vital that the needs of the news media ecosystem are heard as this technology and standards are further developed and refined,” said Brendan Quinn, Managing Director at IPTC.

The IPTC Media Provenance Committee works on several initiatives for implementing and furthering the development of the C2PA technology for the media industry. Many of the speakers and participants of the Paris workshop are actively involved in this work.

For more information on IPTC and the Media Provenance Committee, contact the IPTC via this site.

The IPTC has developed a WordPress plugin that automatically signs all images and video content published on a WordPress site. It has been put to use to automatically sign all images attached to IPTC news posts, such as this one, at the moment of publishing. 

Based on our library of signing tools which are available to IPTC members, the “C2PA Signer” plugin  takes action when a WordPress user publishes a new post. The plugin automatically retrieves all images (in all available sizes) and signs each image using the private key associated with the publisher.

The tool also extracts relevant metadata from WordPress. Each image’s caption, alt text, image upload date and publish date are embedded into the signed C2PA Manifest using an early version of the Origin IPTC Verified News Publisher metadata assertion. The specification of this assertion is currently in flux and the example assertion should not be relied on for production use, although the assertion is supported by the IPTC’s C2PA validator tool, Origin Verify.

Click here to view the image’s signed metadata using the  Origin Verify tool.

This is in line with the goals of our IPTC Origin Verified News Publisher project, whereby publishers sign their own content using their own certificate. This enables publishers to take ownership of their content and to assert important facts about their content at the time of publishing.

In related news, the IPTC now has its own C2PA certificate, issued by GlobalSign under the IPTC’s official name, “Comite International des Telecommunications de Presse.” This means that the IPTC can be the first entity to use the new plugin.

“We are very happy to launch the new WordPress plugin, which we of course are using on our own website,” says Brendan Quinn, Managing Director, IPTC. “We believe that this makes us the first organisation to routinely sign all images that we publish using our C2PA credentials.” 

The certificates, manifests and the signed content are fully compatible with the latest version of C2PA, version 2.1. Images that we publish (including the image on this post) can be verified using the Origin Verify validator or the C2PA Content Credentials Verify validator.

For more information, contact IPTC using the Contact Us form.

AMSTERDAM, 13 September 2024 — The International Press Telecommunications Council (IPTC) has announced Phase 1 of the IPTC Verified News Publishers List at the International Broadcast Convention (IBC).

The list uses C2PA technology to enable verified provenance for the news media industry. News outlets apply for a certificate from a partner Certificate Authority (currently Truepic), with the IPTC verifying the identity of the publisher. The certificate is then used by the news outlet to sign content, in accordance with the C2PA specification’s handling of “additional trust anchor stores”. This means that the news publisher is the signer of the content. This is a key requirement for many media outlets.

Currently the BBC (UK), CBC / Radio Canada (Canada) and broadcaster WDR (Germany) have certificates on the Verified News Publishers List. Many more publishers and broadcasters are currently in the process of obtaining a certificate. To register your interest as a news publisher, please fill out the Verified News Publisher expression of interest form.

To make the process of verifying and approving certificate requests transparent and accountable, the IPTC has released a set of policies for issuing Verified News Publisher certificates covering Phase 1 of the project. The process includes a “fast track” process for media organisations that are already well known to IPTC, and also a self-certification track. The policies were approved by the IPTC membership at a recent meeting of the IPTC Media Provenance Committee.

Verifying publisher identity, not trustworthiness

Note: as we have always made clear, the IPTC is making no claims about the truth or trustworthiness of content published by news publishers on the IPTC Verified News Publisher List. We simply verify that the publisher is “who they say they are”, and then the signature will verify that the content was published by that publisher, and has not been tampered with since the point of publishing.

We make it clear in the governance policies that a certificate can be revoked if the certificate’s private key has been compromised in some way, but we will not revoke certificates for editorial reasons.

Online verifier tool

The IPTC has worked with the BBC to launch a simple Verified News Publisher content verifier tool hosted at https://originverify.iptc.org. The tool displays a special indicator when content has been signed by an organisation whose certificate is on the Verified News Publisher list. The IPTC has also published a set of Verified News Publisher sample content that can be used with the verifier to demonstrate the process in action.

Sharing best practices, resources and knowledge among news publishers

For IPTC members, the Media Provenance Committee has created an internal members-only wiki detailing best practices and lessons learned while implementing C2PA and the Verified News Publisher List at broadcasters and publishers. Information on the wiki includes technical details on how to generate a certificate signing request to obtain a certificate, how to sign content with open-source and commercial tools, how to deal with publishing and distribution technology such as streaming servers and content delivery networks, and how to add metadata to C2PA assertions embedded in media content.

The Committee has also created a public-facing area of the IPTC site describing IPTC’s work in the area of Media Provenance, helping news publishers to get up to speed and understand how C2PA technology works and how it can be implemented in publishing workflows.

Other IPTC and Media Provenance-related events at IBC this weekend:

• Judy Parnall (BBC), Lead of the IPTC Media Provenance Advocacy Working Group, spoke on a panel on “Content Tracing and Provenance” this morning (Friday) at the AI Zone.
• Judy is also presenting a paper at the IBC Conference on Saturday 14 September: Provenance: What can we Trust?, along with IPTC Individual Member John Simmons.
• Combating disinformation in News: A critical year for democracies at the IPTC Conference on Saturday. Laura Ellis (BBC) is on the panel along with representatives from CBS and GLOBO.
• On Sunday 15 September, Judy presents IBC’s Accelerator Project “Design Your Weapons in Fight Against Disinformation” on the IBC Innovation Stage, along with tech leaders from CBS, Associated Press and ITN.

A few months in, things are going very well for the IPTC’s new Media Provenance Committee.

The IPTC Committee was initiated to continue the work started by Project Origin to bring the benefits of C2PA provenance technology to the news media industry. The Committee is chaired by Bruce MacCormack of CBC / Radio Canada.

The Committee has initiated three Working Groups who will be looking at specific issues:

• The Provenance Governance Working Group, led by Charlie Halford of the BBC.
• The Provenance Best Practices and Implementation Working Group, led by Helge O. Svela of Media City Bergen.
• The Provenance Advocacy and Education Working Group, led by Judy Parnall of the BBC.

We have also started the process of onboarding participants for the next phase of the Origin Verified News Publishers List, and have had several organisations already apply.

The first publishers on the list, BBC and CBC/Radio Canada, have already published some C2PA-signed content:

• The BBC has published some images and video with C2PA-embedded metadata showing the fact-checking process that has been undertaken by the BBC Verify fact-checking team.
• CBC / Radio Canada has published images signed with the CBC certificate on the cbc.ca website.

We are planning several events in the future to promote our work and encourage more in the media industry to get involved. Look out for news about IPTC Media Provenance work at the IBC Conference in Amsterdam in September and at other events.

If your organisation would like to be added to the list in the next phase or in the future, please get in touch!

The International Press Telecommunications Council, in conjunction with Project Origin, has established a working group to create and manage a C2PA compatible list of verified news publishers.

The open C2PA 2.0 Content Credentials standard for media provenance is widely supported as a strong defence against misinformation. Recent announcements by OpenAI, Meta, Google and others have confirmed the value of an interoperable, tamper-evident way of confirming the source and technical integrity of digital media content.

Project Origin, as a co-founder of the C2PA, has brought the needs of the news publishing community to the forefront of the creation of this standard. This now includes the creation of a C2PA 2.0 compatible Origin Verified Publisher Certificate to be used by publishers to securely create a cryptographic seal on their content. The signing certificates will be available through the IPTC, who will work with C2PA validators to gain widespread acceptance. These signing certificates will be issued by the IPTC to broadcast, print and digital native media publishers.

Origin Verified Publisher Certificates will ensure that the identity of established news organisations are protected from imposters. The certificates confirm organisational identity and do not make any judgement on editorial position. Liaison agreements with other groups in the media ecosystem will be used to accelerate the distribution of certificates.

The initial implementation uses TruePic as a certificate authority, with the BBC and CBC/Radio-Canada as trial participants.

“As a founding partner of Project Origin, CBC/Radio-Canada is proud to be one of the first media organisations to trial Origin Verified Publisher Certificates,” said Claude Galipeau, Executive Vice-President, Corporate Development, CBC/Radio-Canada. “This initiative will provide our audiences with a new and easy way of confirming that the content they’re consuming is legitimately from Canada’s national public broadcaster. It’s an important step in our adoption of the Content Credentials standard and in our fight against misinformation and disinformation.”

Jatin Aythora, Director of BBC R&D, and vice chair for Partnership on AI, said “Media provenance increases trust and transparency in news, and so is an essential tool in the fight against disinformation. That fight has never been more important, and so we hope many more media organisations will join us in securing their own Origin Verified Publisher Certificate.”

Publishers interested in working cooperatively to advance the implementation of the C2PA standard in the news ecosystem are invited to join the Media Provenance Committee of the IPTC.

For further information please contact:

• Judy Parnall –  judy.parnall@bbc.co.uk – representing the BBC
• Bruce MacCormack – bruce@neuraltransform.com – representing CBC/Radio-Canada
• Brendan Quinn – mdirector@iptc.org – representing the IPTC

The IPTC is proud to announce that after intense work by most of its Working Groups, we have published version 1.0 of our guidelines document: Expressing Trust and Credibility Information in IPTC Standards.

The culmination of a large amount of work over the past several years across many of IPTC’s Working Groups, the document represents a guide for news providers as to how to express signals of trust known as “Trust Indicators” into their content.

Trust Indicators are ways that news organisations can signal to their readers and viewers that they should be considered as trustworthy publishers of news content. For example, one Trust Indicator is a news outlet’s corrections policy. If the news outlet provides (and follows) a clear guideline regarding when and how it updates its news content.

The IPTC guideline does not define these trust indicators: they were taken from existing work by other groups, mainly the Journalism Trust Initiative (an initiative from Reporters Sans Frontières / Reporters Without Borders) and The Trust Project (a non-profit founded by Sally Lehrman of UC Santa Cruz).

The first part of the guideline document shows how trust indicators created by these standards can be embedded into IPTC-formatted news content, using IPTC’s NewsML-G2 and ninjs standards which are both widely used for storing and distributing news content.

The second part of the IPTC guidelines document describes how cryptographically verifiable metadata can be added to media content. This metadata may express trust indicators but also more traditional metadata such as copyright, licensing, description and accessibility information. This can be achieved using the C2PA specification, which implements the requirements of the news industry via Project Origin and of the wider creative industry via the Content Authenticity Initiative. The IPTC guidelines show how both IPTC Photo Metadata and IPTC Video Metadata Hub metadata can be included in a cryptographically signed “assertion” 

We expect these guidelines to evolve as trust and credibility standards and specifications change, particularly in light of recent developments in signalling content created by generative AI engines. We welcome feedback and will be happy to make changes and clarifications based on recommendations.

The IPTC sends its thanks to all IPTC Working Groups that were involved in creating the guidelines, and to all organisations who created the trust indicators and the frameworks upon which this work is based.

Feedback can be shared using the IPTC Contact Us form.

Following the recent announcements of Google’s signalling of generative AI content and Midjourney and Shutterstock the day after, Microsoft has now announced that it will also be signalling the provenance of content created by Microsoft’s generative AI tools such as Bing Image Creator.

Microsoft’s efforts go one step beyond those of Google and Midjourney, because they are adding the image metadata in a way that can be verified using digital certificates. This means that not only is the signal added to the image metadata, but verifiable information is added on who added the metadata and when.

As TechCrunch puts it, “Using cryptographic methods, the capabilities, scheduled to roll out in the coming months, will mark and sign AI-generated content with metadata about the origin of the image or video.”

The system uses the specification created by the Coalition for Content Provenance and Authenticity. a joint project of Project Origin and the Content Authenticity Initiative.

The 1.3 version of the C2PA Specification specifies how a C2PA Action can be used to signal provenance of Generative AI content. This uses the IPTC DigitalSourceType vocabulary – the same vocabulary used by the Google and Midjourney implementations.

This follows IPTC’s guidance on how to use the DigitalSourceType property, published earlier this month.

We had a great Photo Metadata Conference last Thursday. Thanks to those who attended. For those who didn’t, or those who would like to go over some detail again, here we publish full recordings of all sessions.

First up, Brendan Quinn, IPTC Managing Director introduced the day and gave an overview of what was to come:

Next was a great panel on adoption of the accessibility properties added in the 2021.1 update to the IPTC Photo Metadata Standard. We are very happy to share that the fields are now supported in many popular photo creating and editing tools, with more to come:

Next was David Riecks and Michael Steidl, co-leads of the IPTC Photo Metadata Working Group, presenting the work done by the Working Group since the last Photo Metadata Conference:

Then came a session on real-world implementations of the C2PA specification for content authenticity, including presentations from Microsoft, CBC / Radio Canada, the BBC and Adobe / Content Authenticity Initiative:

The last session was a panel discussion on Metadata for AI Images, looking at questions around the ethics of using copyrighted content to train a machine learning engine to generate AI images, and how the IPTC Photo Metadata Standard could be extended to support metadata appropriate for AI-generated images:

We had a great session and a packed conference! We look forward to seeing everyone again at next year’s event.