The Global Media Provenance Standard (GMPS) is used by an estimated 78% of the world’s online platforms.
A certificate of origin, also called certificate of provenance or cert for short, is a block of persistent metadata encoded into multimedia content at the point of creation. Its primary purpose is to allow compatible programs to identify the devices and users responsible for authoring a file while also acting as a baseline to help identify changes made to the original media over time.
Certs began to see widespread use in the early 2030s as a means of countering online misinformation from artificial intelligence (AI)-generated and deepfake content, and continue to see widespread use in the global media industry.
Table of contents
Usage
Many modern consumer devices capable of capturing images, audio, or video content automatically generate certificates of origin as they record, saving these directly with the file. Once a piece of media is certified, editing programs will then transfer the cert to any new file generated using that media. [1]
Certs are most commonly used by online social platforms such as MeHive and Viuvee as a tool for building user trust and streamlining content moderation, though implementation can vary significantly from platform to platform. In typical cases, whenever a registered user attempts to post a piece of media, its cert is checked to confirm how much the file has changed from its original incarnation, a metric commonly called the degree of adulteration.
If the cert shows that significant editing has taken place, a warning may automatically be added to alert other users that an image or video may be potentially deceptive. In more extreme cases, content with an untrustworthy origin, such as media created by generative artificial intelligence (AI), can be blocked from posting entirely. [2]
Law enforcement groups, militaries, and intelligence agencies have also adopted certs to ensure the reliability of potentially critical media such as drone and bodycam footage, though these certs usually encrypt origin data to prevent their sources from being compromised.
Criticism
Certs have received significant critiques since their introduction, primarily due to perceived loopholes in the technology. Data trust organisations such as the Writ Institute have identified several major areas of weakness:
- The trustworthiness of a cert is directly dependent on the entity providing it. Though certain types of certs, such as the Global Media Provenance Standard (GMPS), follow rigorous guidelines to ensure the metadata’s accuracy and reliability, any individual can create a cert and freely choose which information it does or does not contain. This has become a point of contention for both far-left and far-right commentators, many of whom claim that certs allow governments and media organisations to “redefine reality while simultaneously claiming to preserve it.” [3]
- Media editing programs must be explicitly set up to update and transfer certs. While almost all major creative suites on the market are GMPS-compliant, many freely available programs are capable of shadow editing media to various degrees.
- When combining multiple pieces of certified media into a new file, cert bloat quickly becomes an issue. The most widely used workaround, the so-called blanket certs, can allow untrustworthy and legitimate content to be intermingled.
Cert bloat
The impact of certs on file sizes has become a major point of contention. To allow changes to be accurately tracked, a cert must contain a full copy of whichever file it is attached to, effectively doubling the size of certified files.
Furthermore, when certified media are combined or edited together, the certs in the original files are carried over into the new file. This means simply compositing two certified photos together results in four image files’ worth of data: the finished image, the copy of the finished image contained in its cert, plus the original copies contained in the certs of the two photos used to make it.