Have you ever wondered if that image you saw was real? Or whether someone’s corporate headshot was actually generated by AI? If you have, you’re experiencing what I want to call the digital trust crisis

Everyone thinks it and you’re definitely not alone.

As someone who’s spent years working with content management at scale, I’m watching organisations grapple with a fundamental question: in an age where AI can generate photorealistic images, convincing videos, and human-like audio, how do we know what’s real anymore?

The answer might surprise you. It’s not about getting better at detecting fakes – it’s about getting better at proving authenticity. And there’s a new standard called C2PA that’s about to change everything.

The trust problem we all face

Let me start with a scenario that’s probably familiar. The marketing team receives what looks like perfect product imagery from a supplier.

It’s professional, well-lit, exactly what you need. But in the back of your mind, there’s that nagging question: is this real, or is this AI-generated?

This isn’t paranoia – it’s the new reality. AI tools can now create content that’s virtually indistinguishable from authentic material. That’s opened up incredible creative possibilities. However, it’s also created a trust problem that goes far beyond just “fake news.”

For businesses, this means:

• Legal liability if you unknowingly use manipulated evidence
• Brand damage if your content appears inauthentic
• Compliance risks as regulations tighten around AI-generated content
• Operational overhead from manual verification processes

The traditional approach – trying to detect what’s fake – is playing defensive. What if we play offensive instead?

Enter C2PA: The “Nutrition Label” for Digital Content

This is where C2PA comes in. Think of it as a “nutrition label” for digital content that travels with every file, everywhere it goes.

Here’s how it works in simple terms:

• Content Creation: When content is created (photo taken, document written, video recorded), C2PA captures the “birth certificate” – what device was used, when, by whom
• Edit History: Every modification is recorded – what software was used, what changes were made, by whom
• Cryptographic Proof: All this information is cryptographically signed, making it tamper-evident
• Persistent Provenance: The provenance data travels with the content, even when shared across platforms

The brilliant part? You can verify this information instantly. If someone tries to tamper with either the content or its provenance data, the cryptographic signatures will show that tampering has occurred.

How Content Hub Is Already Preparing for C2PA

This isn’t just theory. Platforms like Sitecore Content Hub are already moving in this direction. As Rob Reilley recently highlighted in his blog on detecting AI-generated images in Content Hub, the platform now inspects every asset uploaded for embedded C2PA metadata.

If that metadata is present, Content Hub will:

• Flag the asset with a visible indicator if it was created or edited using AI tools
• Extract provenance details like the software agent, timestamps, or AI service used (for example, “Google AI” or “OpenAI”)
• Surface provenance in the UI with a dedicated “Gen AI” tab and metadata fields, so asset managers don’t need to dig into raw metadata
• Enable governance at scale by letting teams filter and search by “AI-created” or “AI-edited” assets

In practice, that means if your supplier sends over what looks like flawless product photography, you can instantly see whether the file carries C2PA provenance. If it does, you’ll know whether the image originated from a camera, or whether it was created or modified by an AI tool.

It’s not a silver bullet – adoption of C2PA across all creative tools is still uneven, and cryptographic signature verification is the next frontier – but Content Hub shows how organisations can start operationalising provenance today.

Instead of manually guessing what’s authentic, your CMS itself becomes the proving ground for trust.

Why This Matters Now

The digital trust crisis isn’t a distant problem – it’s already here. Every business that creates, shares, or relies on digital content is exposed to the risks of inauthentic media. Regulations are catching up, consumers are growing more skeptical, and the operational overhead of manually checking assets is only going to rise.

The solution isn’t better fake detection. It’s better authenticity proof. That’s what C2PA offers, and it’s why forward-looking platforms like Sitecore Content Hub are already building provenance into the heart of content operations.

By automatically detecting and surfacing C2PA metadata, Content Hub turns provenance into a first-class citizen of your digital supply chain. Teams can instantly see whether an asset was AI-generated or camera-captured, trace the software used in edits, and build governance processes around trustworthy content.

It won’t solve everything overnight – provenance is only as strong as the ecosystem that supports it, and not every tool is embedding C2PA yet. But the direction of travel is clear. The organisations that embrace provenance standards today will be the ones best prepared for tomorrow.

Because in the age of generative AI, the most valuable asset your brand has isn’t just content. It’s trust.