A Record Is Not a Reason Content Credentials and the Worth of a Photograph

Cameras have started signing their own pictures. What that signature proves is a separate question.

In October 2023, Leica shipped the M11-P, the first consumer camera built to sign its photographs at the moment of capture. The idea spread quickly. Canon added it to professional bodies by firmware update in 2025. Sony rolled it across its mirrorless and broadcast lines. Samsung put it in the Galaxy S25, the first major smartphone to carry it, and Google followed in the Pixel. What each one writes is a Content Credential, a small cryptographic record produced under a standard called C2PA, founded in 2021 by Adobe, Microsoft, the BBC, Sony, and others. These terms are not loose synonyms, and it is worth keeping them apart. The signature is the act of marking the file.

The credential is the record that act leaves and that travels with the file. C2PA is the standard that governs how the record is written. Provenance is the older idea all three serve: that an image should carry a documented account of where it came from. Adobe's editing tools write the credential. So now does OpenAI, which signs the images its models generate. Rules taking effect in the European Union in August 2026 require machine-readable disclosure on AI-generated content, which moves the apparatus from a voluntary experiment toward something closer to law.

The promise is simple, and in its place it is reasonable. A signed file carries a record of where it came from and what touched it along the way. A viewer can check that record. In a year when a convincing fake costs nothing to make, the record sounds like exactly the reassurance an image needs.

Then the reassurance starts doing more work than it was built for.

Authenticity is the word everyone reaches for, and it has quietly been asked to carry three loads at once. The first is factual reliability: whether the image shows what it claims to show. The second is technical traceability: a documented account of who made the file, which device captured it, which edits followed, and whether that account holds up. This is the question the whole apparatus was built to answer, and it answers it well.

A signed file says, in effect, here is where I came from and here is what has happened to me since, and for anyone who needs to trust a file as a source, that is real information. The third load is artistic merit: whether the image is any good. A certification system answers the second question well, gestures at the first, and has nothing whatever to say about the third. The system is not the problem. The problem is treating a tool built for the second question as a verdict on all three.

What a credential can claim

TFor documentary work, a chain of custody is worth a great deal. A news photograph carries a contract with the viewer: this happened, this is how it looked, you may rely on it. A record that shows a file came straight from a sensor, unaltered, serves that contract directly. Provenance belongs in the newsroom, the archive, and the marketplace, where the real question is where a file came from and whether it can be trusted as a source.

Fine art owes no such contract. Its history is full of intervention treated as craft rather than fraud, and that argument does not need making again here. What matters is the distinction the certification debate steps over: authorship in art has never lived in the path an image took. It lives in the choices made along it.

A Content Credential records the path. It can log that a file was captured on a given body, opened in a given editor, adjusted, exported. It cannot log why any of it was done. It does not know that the long exposure was chosen to dissolve a crowd into a single blurred presence, or that the frame was held until the light failed on purpose, or that a generated element was kept because it carried a meaning the captured ones could not. The record sees the route. It is blind to the reason. And the reason is the work.

Compliance is not merit

A certification standard oversteps the moment it is read as a measure of art rather than a record of files. If a credential reads as a mark of quality, and its absence reads as grounds for suspicion, the auditable image starts to outrank the considered one. The credential would reward what is easiest to verify over what is hardest to account for, which is the opposite of how art has ever been judged.

The pressure to make that mistake is about to rise, not ease. Governments are reaching for provenance because it is the part of the problem that can be measured, and rules requiring machine-readable disclosure are arriving faster than the thinking behind them. The aim is real enough, a defense against synthetic deception, but the tool itself was built to log a file's history, not to weigh a picture's worth. As those rules make credentials a baseline, the temptation will be to treat a clean record as a clean bill of artistic health. It is administratively convenient. It gives a gallery or a competition a box to check, and lets a hard judgment, is this any good, hide behind an easy one, is this verified. The convenience is real. So is the cost.

The cost is that the work most worth keeping is often the work that resists a clean procedural account. A picture that unsettles, that will not resolve, that exceeds the system trying to describe it, looks no different in a verification report from a picture that does none of those things. The report cannot see the difference, because the difference is not in the file. To build that difference out of our standards, in the name of trust, would be a quiet way of valuing the wrong thing on purpose.

None of this argues against provenance. It argues for keeping it in its place. A credential is context, useful to the people who need to know where a file came from. It is not a judgment, and a record of how a thing was made is not a reason the thing matters

A Content Credential can prove a camera was present. It cannot prove a photographer was. That gap is the whole of the matter, and no signature will close it. The work earns its meaning in the choices a mind made, and those are the one thing the machine does not sign.