Digital Seals: A New Hope for Rebuilding Trust in News Media

Imagine you're sitting in a subway, browsing your news feed on your mobile phone. If you encountered these children in Gaza, these influencers, or this survivor of Hurricane Helene, would you have guessed they're all AI-generated?

According to the Reuters Digital News Report 2024, "concern about what is real and what is fake on the internet when it comes to online news has risen by 3 percentage points in the last year, with around six in ten (59%) saying they are concerned." 

Now there are different options to tackle the challenge of manipulated or synthetic media: Verification and digital forensics, general media and information literacy, and digital seals. The latter approach is about proving a piece of content originates from a reliable source, has not been tampered with – and therefore can be trusted.

C2PA, IPTC, and DW

Arguably the most important standard for digital seals is the Coalition for Content Provenance and Authenticity (C2PA). Launched as a collaborative effort by major tech companies (including Adobe, Microsoft, and Intel), it enables publishers and users to verify the authenticity and provenance of digital media. C2PA does so by establishing a framework that embeds metadata within digital files, thus providing information about the content's origin, authorship, editing history, and more.

The International Press Telecommunications Council (IPTC) plays an important role in shaping C2PA. DW has joined as a voting member – alongside the BBC, The New York Times, and CBC / Radio Canada. DW also aims to test the C2PA framework in a pilot project.

How Does C2PA Work?

To understand the concept, let's follow the journey of a photo featuring Sandra Petersmann and former Afghan President Hamid Karzai in an interview situation.

Petersmann is DW's South Asia correspondent. In 2022, she conducted an exclusive interview with Karzai in Kabul. According to the copyright label, the photo was taken by Ahmad Sear Yousfzai. It's of course up to users to decide whether they trust that information.

Let's now follow the C2PA workflow: If Ahmad, the photographer, uses the C2PA standard, he needs a camera with built-in C2PA features. This standard adds metadata, like location (Kabul), author (A. Yousfzai), and date (14.08.2022), right when the photo is taken. The image and its information are then cryptographically sealed together, making them tamper-evident. If an editor later makes changes to the photo, a new sealed manifest is created and added to the original. Adobe software supports C2PA and logs all edits, ensuring changes are tracked.

Once the C2PA-compliant photo is published on dw.com, a user could theoretically click on an interactive button with content credentials to view the information stored in the image.

Early use cases by the BBC (explainer post) and the CBC (article and additional content credentials) show possible user interfaces.

Dependency on third parties and specific hardware

The workflow is elaborate, with different layers of verification bound into a piece of content. However, if public broadcasters rely on this standard, they automatically depend on third-party companies.

The biggest pain point is C2PA-compliant reporter equipment. Currently, only a handful of cameras support the standard, and legacy hardware cannot be adapted. The five largest camera manufacturers – Sony, Canon, Nikon, Leica, and Fujifilm – have joined C2PA and committed to bringing devices to market with content credentials. However, achieving wider acceptance may take time.

Furthermore, C2PA may work for DW's own website, but DW reaches a major part of its audience through third-party social media platforms. Although they want to use content credentials,  their implementation is still in its early stages (s. posts by Facebook / Instagram / Threads,  TikTok, and YouTube)

What about the ISCC?

Another approach to content verification is the International Standard Content Code (ISCC). Adopted as an international standard in 2024, it is a unique identifier system for digital assets such as images, videos, audio, and text. Unlike other identifiers that focus on a publication, the ISCC refers to the media file itself, without relying on external databases or registries.

The ISCC consists of meta code (a similarity hash calculated from embedded metadata), content code (a  similarity hash based on content components), data code (a similarity hash generated from the raw binary stream), and instance code (an exact cryptographic hash to confirm data integrity).

Designed to be platform-agnostic, the ISCC promotes interoperability across different systems. For instance, DW could generate an ISCC for Ahmad's original photo, enabling users to verify its authenticity. Imagine a scenario where a user encounters two similar files: the original DW photo and a manipulated version where Hamid Karzai is digitally replaced by Bashar al-Assad. By comparing their ISCCs, the user could detect alterations – although this similarity rate indicates modification, not absolute authenticity.

The ISCC is fundamentally an identifier, not a comprehensive framework. It operates independently of the C2PA standard, with each technology serving distinct purposes. While ISCC creates unique digital fingerprints, C2PA embeds provenance metadata about authorship and editing history. These technologies can complement each other, as demonstrated by Liccium, a startup that offers tools combining both approaches.

Could a blockchain do the job?

Another approach to making content provenance transparent is through distributed ledgers (a.k.a. blockchains). In recent years, several promising projects have emerged. There's the Numbers Protocol, the Digital Media Passport, and the very promising ContentSign by Nodle, a decentralized infrastructure network provider that's also adapting the C2PA standard.

How does it work? Let's return to our colleague Ahmad: Using a camera or smartphone with ContentSign technology, he takes a photo. The technology stamps and signs the photo with a unique private key specific to that device. The photo's footprint is then stored on the Nodle blockchain. The signature validates that the content originates from a genuine source and hasn't been manipulated or artificially generated.

Similar to the C2PA workflow, the final step is making this information available to users. Media companies need to integrate a "View Provenance" button that connects to the Nodle blockchain record, displaying the image's C2PA metadata.

Trust layers and challenges

If public broadcasters want to provide an official trust seal, they need to understand the different layers of trust–and how to implement them in their workflows. It all starts with capturing and signing the right metadata, a crucial step that can be facilitated by C2PA-compliant cameras or C2PA-compliant blockchain software. A thing to keep in mind: The more people are involved in the editing of metadata, the higher the risk of errors. Another issue is the further processing, recording or storing of the metadata: If media organizations pick a public blockchain, they must rely on decentralization. If they pick a third-party provider, they must rely on its specific platform. And, of course, no framework can eliminate the need for human judgment in verifying digital content authenticity.

Putting news audiences first

Ultimately, news professionals who want to implement digital seals need to consider what their audiences want. Which workflow would they trust more? And would they even click on and check content credentials? 

Before deciding on a workflow, broadcasters should prioritize user needs and include them in the development process. Regular user testing can reveal expectations and preferred functionalities.