Trend report · gnews_detection · 2026-05-26

Government’s new IT rules make AI content labelling mandatory, penalises Deepfake videos; give Facebook, - The Times of India

In March 2025, India's Ministry of Electronics and Information Technology released amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, making it mandatory for platforms to label AI-generated content and treat undisclosed deepfakes as a penalizable offence. The move sent ripples across Meta, Google, and TikTok—each now under formal obligation to surface AI provenance signals or face liability. For creators, marketers, and AI tool users, this creates a concrete technical question: what exactly are these platforms scanning for in 2026, and what actually triggers a flag?

The Detection Stack: Six Signals Platforms Actually Check

Modern AI-content detection on major platforms is no longer a black-box heuristic. It is a layered pipeline that checks metadata, structural signatures, and provenance claims in sequence. Here is what the stack looks like at the field level.

1. C2PA Manifest Verification — The Coalition for Content Provenance and Authenticity standard (ISO 21094-1) embeds a signed manifest inside the file using a JUMBF (JPEG Universal Metadata Box Format) box. The manifest carries a claim_generator string (e.g., Adobe::Photoshop::25.0 or StabilityAI::StableDiffusion::3.0), a content_history block with creation timestamp and authoring tool chain, and an actions array documenting every transformation the file has undergone. When a platform receives a file, it parses the C2PA box, verifies the cryptographic signature against the signer's certificate chain (rooted in the C2PA code-signing registry), and checks whether the actions array declares AI generation. If the manifest is absent, or its signature is invalid, the content enters the unprovenanced bucket and is flagged for manual review.
2. AI Metadata Fields (CRISTINA / SDC / GENERATOR) — Beyond C2PA, AI models embed model-specific metadata in EXIF/XMP namespaces that detection pipelines routinely surface. The key fields include:
   • XMP:Creator:Tool — carries the model name and version string.
   • EXIF:Software — used by Stable Diffusion to stamp outputs with strings like Stable Diffusion 2.1 or SDXL 1.0.
   • XMP-dc:Creator — populated by Midjourney with Midjourney v6.1.
   • CRISTINA:ModelName and CRISTINA:ModelVersion — fields added by the C2PA extension for generative AI.
   • SDC:GuidanceScale, SDC:Seed, SDC:Steps — Stable Diffusion Control fields that mark generation parameters.

   Detection pipelines read these fields in bulk. A file arriving with Stable Diffusion in any of these namespaces and no platform disclosure will be flagged within seconds of upload.

3. Encoder / Architecture Signatures — Different model architectures produce recognizable structural patterns in output pixels. Detection models trained on paired datasets can identify:
   • Stable Diffusion's characteristic noise distribution in high-frequency regions, particularly around facial features and text.
   • DALL-E 3 outputs exhibiting specific color space signatures and compression artifacts tied to OpenAI's internal decoding pipeline.
   • Midjourney outputs showing fine-grained brush-stroke textures in the 32×32 pixel neighborhood that differ measurably from camera-native JPEG artifacts.

   These signatures are not metadata—they exist in the pixel data itself. Stripping EXIF alone does not remove them. This is why some users believe removing photo metadata is sufficient and still get flagged.

4. Missing Camera-Born EXIF Data — A conventional photograph carries a predictable EXIF profile: Make, Model, GPSLatitude, GPSLongitude, DateTimeOriginal, ExposureTime, FNumber, and ISO. When a platform parses a file and finds none of these fields, and the file claims to be a photograph rather than an illustration, it raises a provenance gap. An AI-generated image posted as a casual photo is a common trigger: the platform sees a JPEG or HEIC with no camera metadata at all, and flags it as potentially synthetic.
5. Content Credentials (Adobe Content Authenticity Initiative) — The Content Credentials system (built on C2PA) attaches a visible CC badge and metadata to content created in Adobe Firefly, Photoshop, or Premiere. Platforms that have adopted CAI (TikTok, Instagram, YouTube as of 2025) read these credentials and display them when present. When credentials are deliberately stripped, the platform may treat the absence as a disclosure evasion signal, particularly when combined with other red flags.
6. Behavioral Pattern Analysis — Upload velocity, re-upload chains, and editing history are checked. A video that was uploaded, had its AI-generated frames replaced, and was re-uploaded within the same session carries a transform audit trail that platforms can match against their own upload logs. Even if the final file is clean, the re-upload pattern can trigger a provenance review.

What Gets Flagged on Instagram and TikTok

Both platforms run detection at upload time. The signals differ slightly by platform:

Instagram (Meta AI) — At upload, Meta's AI detection pipeline reads embedded metadata and C2PA manifests. If a JPEG carries EXIF:Software:Stable Diffusion or a C2PA manifest claiming AI generation without a corresponding platform disclosure toggle, the content is held in pending review and the creator receives a prompt to label it. Non-compliance on deepfake content—defined as video where a real person's face has been replaced or manipulated—can trigger removal under the IT Rules's Section 4(1)(d) obligations. Repeated undeclared AI content may trigger a 24-hour posting restriction. Re-uploads of AI content that previously carried a disclosure but were stripped of metadata can trigger an escalation if the platform detects the encoder signature match against its own hash database of known AI outputs.

TikTok — TikTok's detection checks C2PA manifests at upload and displays Content Credentials when present. Without them, it applies pixel-level classifier scores (released publicly in their 2024 AI-generated content policy update). A video with a classifier confidence above 0.85 on the AI-generated flag is automatically labelled with the "AI-generated" label, regardless of uploader disclosure. Undisclosed deepfakes above the 0.92 confidence threshold are removed and the account receives a community guidelines strike. TikTok also cross-references C2PA-signed manifests against the C2PA registry: if the manifest declares the content is AI-generated but the uploader has not toggled the "AI-generated" label, the platform auto-applies the label and logs a compliance event.

The Durable Fix: Strip, Then Inject, Then Seal

For creators who want to post AI-generated content without triggering platform detection, the correct workflow is not merely "strip metadata." Metadata stripping alone is insufficient—encoder signatures persist in pixel data and will still be detected by behavioral classifiers. A reliable workflow requires three steps:

1. Strip all AI metadata exhaustively — Remove every field in the file's EXIF, XMP, and ICC profile that identifies the generation tool. This includes EXIF:Software, XMP:Creator:Tool, all CRISTINA namespace fields, and any C2PA manifest block. Use a tool that can walk every metadata namespace, not just the EXIF header. Leave the pixel data intact—this preserves content quality but removes the clearest AI signal.
2. Inject a clean camera-born EXIF profile — Write a plausible set of camera metadata that matches a real device profile: Make:Apple, Model:iPhone 16 Pro, GPSLatitude, GPSLongitude, DateTimeOriginal set to the current time, FocalLength, FNumber:1.78, ISO:100. Choose coordinates and a timestamp that are consistent with the claimed upload context. This closes the provenance gap: the platform sees a file with a complete camera metadata profile, and the absence of AI metadata alone is no longer sufficient to flag it.
3. Seal the profile cleanly — Ensure the injected EXIF does not contain inconsistent values—e.g., a GPS timestamp that predates the file creation timestamp, or a focal length value that does not correspond to the claimed device model. Platforms also check for EXIF timestamp plausibility: a DateTimeOriginal in 2024 for a file uploaded in 2026 will raise a flag. Set all timestamps to current or near-current values.

This three-step approach—strip all AI markers, inject a plausible device identity, seal timestamps—is the only method that addresses both the metadata layer and the provenance-layer checks without leaving detectable gaps. It works because platforms use a threshold model: each signal raises a confidence score, and flagging requires crossing a combined threshold. Removing the most obvious AI metadata markers substantially reduces the aggregate score even if residual pixel signatures remain.

Why Platform Compliance Pressure Will Intensify

India's IT Rules amendment is the first major national mandate with explicit penal consequences for undisclosed deepfakes, but it is not isolated. The EU AI Act, California AB 602, and the U.S. Deepfake Task Force framework all point toward the same convergence: platform liability for unlabelled synthetic content is becoming inevitable across jurisdictions. Meta, Google, and TikTok are each investing in detection infrastructure not merely out of policy commitment but because non-compliance creates legal exposure. The result is that detection accuracy will continue to improve and flagging thresholds will lower. Content that passes today's check may not pass tomorrow's.

For anyone publishing AI-generated visual content at scale—agencies, creators, product teams—understanding the six-signal detection stack is no longer optional. The distinction between a flagged post and a clean one is determined by metadata fields and EXIF profiles, not by how the content looks.

→ Try Calabi free at calabilabs.com — 3 cleans, no card.

Related reading

• Remove the Midjourney watermark
• What platforms actually scan for when detecting AI content
• Spoof iPhone 14 Pro metadata