TL;DR: C2PA (Coalition for Content Provenance and Authenticity) is a cryptographically signed metadata standard embedded inside media files. AI tools like Midjourney, Suno, Runway, and ElevenLabs write a manifest into every export naming the model, the tool, and the timestamp. Platforms — Spotify, TikTok, Instagram, YouTube, LinkedIn — read those manifests at upload and automatically apply AI-content labels that downrank reach and shape monetization. The manifest sits inside a JUMBF block (JPEG APP11 for images, the udta box for MP4/MOV, ID3 frames for MP3). Removing the JUMBF block before upload removes the highest-confidence signal platforms use to label content as AI. The audio or visual content stays the same; the signed wrapper around it doesn't.
If you've made anything with an AI tool in the last two years, every platform you upload to is reading a cryptographically signed receipt your file is carrying about itself. Most creators don't know it's there. The receipt is called C2PA, and this post is the explainer.
C2PA — Coalition for Content Provenance and Authenticity — is a technical standard for embedding tamper-evident, signed metadata inside media files. Adobe, Microsoft, Google, OpenAI, Sony, the BBC, the New York Times, Leica, Canon, and Arm built it. By 2026, it's in every commercial AI tool's exports and every major platform's ingestion pipeline. The decisions platforms make about your content — labels, distribution weighting, monetization eligibility — flow downstream of what your file's C2PA manifest says.
This is the canonical reference for creators. What C2PA is, how it works, why it exists, what it does to your reach, and what your options are.
The Coalition
The Coalition for Content Provenance and Authenticity launched in 2021 as a joint initiative between Adobe's Content Authenticity Initiative and Microsoft's Project Origin. The original purpose was a deepfake counter-measure for journalism — Adobe and the New York Times and the BBC wanted a cryptographic way to prove a photograph or video was an unaltered record of a real moment.
The current member roster is broader than journalism. Tool makers like Adobe, Microsoft, Google, OpenAI, Anthropic, and Stability AI ship it. Platform companies (Meta, TikTok, LinkedIn, X, Reddit — status varies by year) read it. Hardware vendors (Sony, Leica, Canon, Nikon, Qualcomm, Arm) embed it at the sensor level. Publishers (BBC, New York Times, Reuters, AFP) treat it as a chain of custody for evidentiary photography. ISO and IEC working groups handle the formal standardization track.
Membership matters because it tells you who's incentivized for the standard to win. Tool makers ship it because customers and regulators want provenance. Platforms read it because it's a defensible, cheap source of truth for classification. Hardware vendors embed it because authentic-camera certification is a marketing differentiator. Publishers want it for evidentiary chain of custody.
The party not at the table: individual creators. The standard was built by organizations large enough to negotiate technical specifications. The creator perspective — the person whose Suno track now carries a manifest reducing their reach — is downstream of decisions already made.
Photo by cottonbro studio on Pexels.
The Three Parties: Tool, Platform, Reader
Every C2PA interaction has three roles. Understanding which is which clarifies what's happening when you upload an AI export.
The Tool writes the manifest. Suno's exporter, Midjourney's renderer, Runway's API, Adobe Photoshop's save dialog — these are signers. They have a cryptographic certificate issued by a C2PA root authority, and they use it to sign assertions about what they just produced. ("This image was generated by DALL-E 3 on 2026-04-23 at 14:32 UTC.")
The Platform reads the manifest. Spotify's ingestion pipeline, TikTok's upload handler, Instagram's media processor — these are verifiers. They walk the file structure, find the JUMBF box, parse the manifest, validate the signature, and act on the assertion.
The Reader is anyone with a metadata viewer. metadata2go.com, ExifTool, the Content Credentials browser plugin — these expose the manifest content to humans. This role is mostly for transparency and verification, not platform action.
Stripping a C2PA manifest before upload is targeted at the platform-as-verifier — you're removing the input the platform's verifier reads, before it reads it.
What Goes Into a C2PA Manifest
A C2PA manifest is a structured document — JSON-ish, formatted as a JUMBF (JPEG Universal Metadata Box Format) block — containing several distinct pieces.
Assertions are factual claims about the content. "Generated by Suno, model chirp-v4, on 2026-04-23." "Edited in Photoshop with a generative fill applied to coordinates X,Y." "Captured on Sony A9 III, GPS 37.7749 -122.4194." Each assertion is a discrete, machine-readable claim downstream tools can act on independently.
Actions are a log of what was done to the file: capture, edit, AI-generate, redact. Each action has a timestamp and a signing tool, and they stack — a file captured on a Leica, edited in Lightroom, then exported through Photoshop's generative fill carries a three-step action log.
Ingredients are references to source files this content was derived from — useful for chain-of-custody tracking on composites. Claim signature is a cryptographic signature over all of the above. Certificate is the public certificate of the signing tool, used to validate the signature against a root authority.
A typical AI image export has 5–10 assertions, one or two actions, no ingredients (it's purely generated, not derived), one signature, and one certificate. A heavily edited Photoshop file might have 20+ actions, multiple ingredients (each layer's source), multiple signatures (one per saving session), and a manifest history showing how the file evolved over time.
The manifest is human-readable in the sense that ExifTool and metadata viewers can decode and display it. It's not human-readable in the wrapper structure — JUMBF is binary, and reading raw JUMBF requires a parser.
Photo by Anton Gofman on Pexels.
How C2PA Lives in Different File Formats
The standard covers all major media formats. Where the manifest physically sits inside the file varies by container.
For JPEG, PNG, WebP, and TIFF images, the JUMBF box sits inside the file's metadata region. For JPEG specifically, that's an APP11 marker segment — a dedicated extension slot the JPEG spec reserves for application-specific data.
For MP4, MOV, and M4A (all built on the ISO Base Media File Format), the JUMBF box sits inside the file's udta (User Data) box, which exists specifically to hold metadata that isn't part of the core media stream.
For MP3 audio, the JUMBF box is referenced by an ID3v2 frame or carried as a sidecar file. For WAV and FLAC, format-specific extensions handle embedding — some tools write JUMBF in custom RIFF chunks, others extend the BWF (Broadcast Wave Format) metadata structure. PDF has native metadata extensions that support embedded signed manifests.
The pattern: every container format has a metadata region, and C2PA defines how to fit a JUMBF block inside that region. (For audio specifically, we wrote a deeper post on C2PA in audio files.)
What this means practically: stripping C2PA from a file means removing the JUMBF block from wherever it lives in that file's structure. The cleanup logic is format-specific. A naive "remove EXIF" tool that doesn't understand the container's box tree will leave the JUMBF block in place — and the platform's verifier will still find it.
What Platforms Do With C2PA
| Platform | Reads C2PA on | Action when AI assertion present |
|---|---|---|
| Spotify | Audio (M4A primarily) | AI label, lower distribution weighting |
| Apple Music | Audio | AI label |
| Tidal | Audio | AI label |
| TikTok | Video, image | Visible AI label, lower For You weighting |
| Instagram, Threads | Video, image | Visible label, account-history weighting |
| YouTube, Shorts | Video | Visible label, Shorts feed weighting, monetization category |
| Image, video | Visible label, lower business-feed distribution | |
| Image, video | Visible label, lower distribution | |
| X (Twitter) | Limited support | Inconsistent labeling |
| Getty, Shutterstock | Image, video | Rejection of submission if AI |
| Adobe Stock | Image, video | Rejection if AI without disclosure |
The pattern is consistent: every platform with a content-classification policy reads C2PA. Stock-photo and stock-video sites use it as a hard rejection filter. Social platforms use it as a soft signal influencing distribution. Music DSPs use it as a labeling input. For a deeper look at the upload-time detection mechanics, we covered how TikTok, Instagram, and YouTube read AI metadata at upload.
Photo by Kaique Rocha on Pexels.
The Critique: What C2PA Got Wrong (Or Right, But Hard for Creators)
C2PA was designed for journalism — for cases where you want to prove your file is what you say it is. The standard is excellent at that job. The friction emerges because the same infrastructure is now applied to creators who don't want to prove anything except that their work is good.
Three specific critiques. First, it's not opt-out at the consumer tool level. When you generate an image in Midjourney, you don't get a checkbox to skip C2PA. The manifest is written into every export, and removing it is your separate problem.
Second, it privileges signed assertions over unsigned reality. A platform that reads "no C2PA" treats the file as conventional/non-AI, even if the file is AI-generated by a tool that doesn't ship C2PA (most open-source models). A platform that reads "C2PA says AI" applies the label even if the AI assist was minimal — Photoshop's AI-aware fill, for instance. The signal is binary; the underlying reality has gradations.
Third, it's tamper-evident, not tamper-proof. Editing the manifest invalidates the signature, which platforms detect. But removing the whole block cleanly is a recognized state in the spec — the platform reads it as "no manifest." This is the leverage creators have.
And the honest limits: stripping the C2PA manifest from a file doesn't fix every AI-detection signal a platform might use. Audible watermarks embedded in AI music survive metadata stripping — they live in the audio waveform itself, not the file wrapper. Distributor-level disclosure flags (DDEX metadata your music distributor adds when you check "AI-generated" at upload) are separate from C2PA and travel through a different pipeline. Acoustic and visual fingerprinting models can flag content based on statistical patterns no metadata operation can change. Removing C2PA is the one creator-controlled lever on the highest-confidence signal; it isn't a universal cloak.
The standard isn't malicious. It's working as designed. The design just doesn't optimize for the creator who wants their AI-assisted work judged on the merits.
Reading and Removing C2PA on Your Own Files
To read what's in your file, metadata2go.com is the easiest path — drag the file in and look for the C2PA section if present. For command-line use, ExifTool with C2PA support handles it: exiftool -G1 -C2PA: yourfile.png lists every C2PA-tagged assertion. The Content Credentials browser plugin for Chrome and Firefox visualizes manifests on supported sites without you having to download the file.
To remove C2PA cleanly, open Metadata Cleaner in any browser. No login. Drop your file — image, video, or audio. Click Clean; the tool walks the file's container structure, removes the JUMBF block from wherever it lives in that format, and rewrites parent box lengths so the file still parses cleanly. Click Download. The cleaned file has identical content and no C2PA assertion.
Everything runs in the browser; the file never uploads to a server. The clean handles all three formats consistently because the underlying mechanism is the same — find the JUMBF block, remove it, fix parent-box bookkeeping.
FAQ
Is C2PA the same as Content Credentials?
Yes, in current usage. "Content Credentials" is Adobe's branded name for the C2PA standard. They're the same thing. Some platform documentation uses one term; some uses the other. They're interchangeable.
Can I generate a C2PA manifest myself?
You can, with a developer toolkit (the C2PA SDK is open source) and a self-issued certificate. Self-signed manifests will validate as having a signature, but the signature won't trace back to a recognized C2PA root authority — platforms typically treat self-signed manifests as untrusted and either ignore them or treat them as suspicious. C2PA is designed for trust to flow from a small set of root authorities; self-issued is technically possible but not platform-actionable.
Will C2PA become required by law?
Possibly. The EU AI Act includes provisions for AI-content disclosure that map closely to C2PA's design, and U.S. AI Disclosure Act discussions are heading similar directions. As of mid-2026, C2PA is voluntary in most jurisdictions but increasingly required in specific contexts: political advertising, journalism credentials, stock-content distribution.
If I strip C2PA from my file, am I lying?
You're removing a piece of metadata. Whether that constitutes "lying" depends on context. If you also self-disclose AI use elsewhere (at your distributor, in a video description), the removal of file-level metadata is consistent with that. If you also affirmatively claim the work is non-AI, the removal becomes misrepresentation. The technical action is morally neutral; the surrounding context determines what it means. (How the file-strip and distributor-disclosure decisions interact for music.)
Does removing C2PA destroy the file's authenticity for legitimate purposes?
It removes the signed proof of provenance, yes. If you ever need to prove the file is what you say it is — for a court case, a journalism authentication, a stock-content audit — a stripped file gives you nothing to prove with. Two different goals (privacy vs provenance) require two different workflows. Choose which one applies to which file.
Why don't AI tools just stop writing C2PA?
Regulatory pressure (EU AI Act), platform partnerships, alignment with industry frameworks. AI tools have economic and reputational incentives to ship C2PA. The pressure flows toward more thorough provenance, not less.
Does C2PA work with deepfakes?
C2PA was designed partly as a deepfake counter-measure. A signed manifest from a recognized AI tool says "this is AI-generated," which marks the content as not-real. The hard problem is the inverse: deepfakes that lack a manifest because the bad actor used a tool that doesn't ship C2PA, then upload to platforms that treat "no manifest" as "non-AI." The standard handles the cooperative case well; it's poor at the adversarial case.
The standard exists. The platforms read it. Your file declares itself. Read what's in your file at metadata2go.com, and when you need to strip the manifest cleanly, Try Metadata Cleaner free.