Content Authenticity Initiative

The Content Authenticity Initiative (CAI) is an association founded in November 2019 by Adobe, the New York Times and Twitter. The CAI promotes an industry standard for provenance metadata (also known as Content Credentials ) defined by the C2PA. The CAI cites curbing disinformation as one motivation for its activities.

Cooperation with the C2PA
Together with arm, BBC, Intel, Microsoft and Truepic, Adobe co-founded the "Coalition for Content Provenance and Authenticity" (C2PA) in February 2021. The C2PA is tasked with the formulation of an open, royalty-free technical standard that serves as a basis for the C2PA member's efforts against disinformation. While the C2PA's work applies to the technical aspects of implementing a provenance metadata standard, the CAI sees its task in the dissemination and promotion of the standard.

Provenance of information
The procedures proposed by CAI and C2PA address the widespread occurrence of disinformation with a set of additional data (metadata) containing details about the provenance of information displayed on a digital device. Such information can be, for example, a photo, video, sound or text file. The C2PA metadata for this information can include, among other things, the publisher of the information, the device used to record the information, the location and time of the recording or editing steps that altered the information. To make sure that the C2PA metadata can not be changed unnoticed, it is secured with hashcodes and certified digital signatures. The same applies to main content of the information, such as a picture or a text. A hash code of that data is stored in the C2PA metadata section and then, as part of that metadata, secured with the digital signature.

Securing metadata and the main content with certified signatures enables users to reliably identify the provenance of a file they are currently viewing. If the C2PA metadata names, for example, a certain TV station as the publisher of a file, it is very unlikely that the file originated from another source.

Files with C2PA-compliant metadata that are copied from a publisher's website and then published unaltered on social media (or elsewhere) still retain the full set of tamper-proof provenance information. Users seeing that content on social media can examine such a file with an online tool offered by the CAI or, if present, with C2PA-compliant inspection tools offered by the social media site. Standard-compliant tools will detect whether there were any unauthorized modifications to the file or the metadata. If there were no such modifications, the user can trust the metadata as well as the main content to be exactly as they were published.

The methods proposed by CAI and C2PA do not allow for statements whether a content is "true", i.e., contains authentic information that faithfully reflects reality. Instead, C2PA-compliant metadata only offers reliable information about the origin of a piece of information. Whether users wants to trust this information depends solely on their trust in its sources.

Members of the CAI
As of August 2022, the list of CAI members includes more than 200 entries. In addition to the three founding members Adobe, the New York Times and Twitter, these include Arm, BBC, Microsoft, Nikon, Qualcomm and The Washington Post.