Trend report · r_stablediffusion · 2026-06-05

Ideogram generated a Gemini Watermark without being prompted to

Something strange happened on r/StableDiffusion last week: a user generated an image with Ideogram, didn't prompt it for any Google branding, and spotted a familiar mark in the corner—a Gemini watermark. The post went viral not because the watermark was ugly, but because it raised a sharp question: if AI-generated images are quietly embedding invisible signatures, how do platforms know what to flag, and more importantly, how do creators stay ahead of detection systems that grow more sophisticated every month?

What Platforms Actually Scan For in 2026

Modern AI-content detection is no longer a single checkbox. Platforms run layered scans across four primary vectors:

1. C2PA (Coalition for Content Provenance and Authenticity) metadata. This is the standardized content-credentials framework that embeds cryptographically signed provenance data directly into image files. The relevant fields live in the c2pa metadata namespace: actions, assertions, and signature_info. When a file passes through Firefly, Ideogram, or Gemini, it typically leaves a stitch:SoftwareAgent claim inside the claim_generator field. If that field is absent from a file that "should" have it (or present when it "shouldn't"), that's a signal.
2. AI-specific metadata fields. Beyond C2PA, generators leave fingerprints in EXIF and XMP sidecars. Common flags include Software entries like "Ideogram/2.0" or "Google-AI-Web", and proprietary tags in namespaces like xmp:CreatorTool or Make:AI-generated. Even stripped EXIF files often retain residual patterns: specific ICC profile names (e.g., "Adobe RGB (1998)" with unusual chunk ordering), or TIFF tag sequences that don't match any known camera model.
3. Encoder signatures and compression artifacts. This is the less-discussed layer. AI upscalers and generators produce consistent patterns in DCT (discrete cosine transform) coefficients that differ from those generated by camera ISPs or traditional encoders. Platforms like Google Cloud Vision and Hive AI maintain reference models for these signatures. When a PNG or JPEG exhibits encoder markers (e.g., PNG:IHDR chunks with non-standard lengths, or a JFIF marker followed by an unexpected quantization table), detection confidence rises.
4. Missing GPS and sensor telemetry. Authenticated photos from real phones carry a constellation of fields: GPSLatitude, GPSLongitude, GPSAltitude, EXIF:Model, EXIF:LensModel, MakerNote data, and timestamp fields in Unix epoch format. A JPEG that claims to be from a "iPhone 15 Pro" but contains no GPSLatitude, no MakerNote, and an oddly-rounded DateTimeOriginal (e.g., 2024-03-15 14:30:00.000 exactly) looks suspicious. Platforms weight missing sensor telemetry heavily, especially when the file is otherwise "clean."

What Actually Gets Flagged on Instagram and TikTok

Based on creator reports and platform disclosures through 2025-2026:

Instagram's AI detection pipeline focuses on three triggers: (1) C2PA claim_generator fields matching known AI tools, (2) images posted in rapid sequence with identical EXIF structures, and (3) content reported via the "AI-generated" flag by other users. Reels with AI visuals that lack any human-editing metadata (e.g., no layer stack, no Photoshop history) are 2-3x more likely to get demoted in the algorithm, even without a hard takedown. Instagram does not currently strip C2PA on upload—it reads it, and it affects distribution.

TikTok is more aggressive. Its Content Identification system checks for ContentCredentials blobs embedded in WebP and JPEG files. If a video frame contains an embedded C2PA manifest with actions listing an AI generation tool, TikTok applies an "AI-generated" label automatically (the C2PA label, not a community report). The platform also runs perceptual hashing via PhotoDNA and pHash to catch content that has been lightly re-compressed or cropped to evade EXIF stripping.

The Durable Fix: Strip and Inject

Simply removing metadata with ExifTool works for casual scans, but it's insufficient. Here's why, and what actually works.

Stripping alone fails because: (a) it removes fields that a real photo would have, which itself is a signal, (b) residual C2PA manifests survive in embedded XMP packets unless fully dissolved, and (c) encoder fingerprints remain in the pixel data regardless of metadata removal.

The only durable fix is a two-step process that mimics a genuine photo capture:

1. Strip all residual AI metadata. Use a tool that fully dissolves C2PA manifests (not just removes the visible EXIF tags). Set -all= and -c2pa:all= to null, then re-encode as a fresh JPEG (lossy recompression breaks residual DCT fingerprinting from the original generation pass). This eliminates claim_generator, actions, assertions, and any xmp:Toolkit residuals.
2. Inject clean phone identity metadata. Add a realistic camera profile from a real device. This means populating: Make (e.g., "Apple"), Model ("iPhone 15 Pro"), Software ("14.0"), DateTimeOriginal with a plausible timestamp, GPSLatitude/GPSLongitude from a real location, and EXIF:ExposureTime, FNumber, ISOSpeedRatings values consistent with the claimed camera model. Critically, add MakerNote data—the proprietary binary blobs that real camera ISPs embed. Without these, a file looks like a synthetic "phone photo" with suspiciously no MakerNote, which is a known evasion fingerprint.

The goal isn't to lie. It's to produce a file that passes passive platform scanning as "normal authenticated content from a mobile device"—the exact format billions of real photos are uploaded in daily.

Why the Ideogram Watermark Incident Matters

The Ideogram Gemini watermark wasn't just a bug. It was a signal that generative models are embedding platform-recognized identifiers more aggressively as part of the C2PA ecosystem. Google, Adobe, Microsoft, and OpenAI have all committed to C2PA adoption. That means invisible watermarks, content credentials, and tool-specific metadata are becoming the norm—and platforms are getting better at reading them.

Creators who want their AI-assisted work to distribute normally on social platforms need to understand this isn't a gray-hat trick. It's a metadata hygiene problem. The tools that generate the content are increasingly tagging it by default. If you don't actively manage the output, platforms will classify it on your behalf—and their classification affects reach, eligibility for monetization, and in some cases, account standing.

→ Try Calabi free at calabilabs.com — 10 cleans, no card.

Related reading

• Remove the Seedance watermark
• How to post AI content on Instagram without getting shadow-banned
• Spoof iPhone 14 Pro metadata