Trend report · hn_ai · 2026-06-11

OpenAI C2PA Policy

What Platforms Actually Scan For in 2026

Content moderation pipelines have grown far more sophisticated than the "does this look AI-generated?" heuristics of 2023. Today's scanners operate on layered forensic signals. Here's what they're actually checking:

1. C2PA (Coalition for Content Provenance and Authenticity) metadata. The c2pa manifest lives in a JUMBF (JPEG Universal Metadata Box Format) segment embedded in the image file. Critical fields include assertions/c2pa.actions (who created or modified the content), assertions/hashed.uri (reference to the original asset), and signature_info/issuer (the signing entity, e.g., "Adobe," "Microsoft," or "OpenAI"). If an image claims C2PA compliance but the manifest is missing, corrupted, or signed by an unknown issuer, that's a red flag.
2. AI-specific metadata beyond C2PA. Many generators still embed legacy EXIF or XMP fields. Midjourney images historically carried XMP:CreatorTool identifying the version. Stable Diffusion outputs often include parameters/software or parameters/model in PNG tEXt chunks. TikTok's detector flags Software and HostComputer EXIF fields that don't match the device claimed to have taken the photo.
3. Encoder signatures and compression artifacts. Each image encoder leaves statistical fingerprints. The DCT (Discrete Cosine Transform) coefficient distributions of a genuine iPhone 15 photo differ from those of an image passed through SDXL's upscaling pipeline. Platforms maintain trained classifiers on these distributions. The quantization tables in JPEG files are particularly telling—standard Adobe Lightroom tables differ predictably from those generated by AI upsamplers.
4. Missing contextual metadata. A photo taken on a real device carries GPS coordinates, deviceMake, deviceModel, DateTimeOriginal, and a sequential burst identifier. AI-generated images—and poorly stripped AI images—have none of these. The absence itself is a signal, especially when combined with a geolocation claim in the caption.

What Gets Flagged on Instagram and TikTok

Based on documented enforcement actions and platform transparency reports through late 2025:

Instagram runs automated checks at upload. Images that fail C2PA validation—meaning they carry an AI-generated manifest but the signature is unverifiable or missing—receive a "Made with AI" label under their AI-generated content policy. Images without any provenance metadata but with strong encoder artifact scores (typically 0.7+ confidence) may be shadow-labeled: a soft "AI-generated" tag visible only to the poster but used to weight the content in the algorithm. High-profile accounts posting AI content without disclosure face reach penalties and, on repeat offense, demotion.

TikTok is more aggressive. The platform checks for Make, Model, and Software EXIF fields against a known list of AI generation tools. Images from Sora, DALL-E 3, or Pika labs that haven't been stripped will carry Software: python-requests/2.31.0 or similar server-side fingerprints in the metadata. TikTok's detection also looks at ImageWidth and ImageHeight—many AI generators produce images at non-standard resolutions (1024x1024, 768x1344) that don't match real device captures. The platform has explicitly stated it applies stricter labeling for content that carries both AI metadata AND non-device origin signals.

Both platforms also cross-reference flagged content against third-party AI detection APIs. If an image fails two independent detectors, the label becomes non-removable without re-upload.

The Problem with Naive Stripping

Simply removing metadata with ExifTool or similar tools doesn't work. Here's why:

• Stripping corrupts the C2PA manifest in inconsistent ways, leaving ghost JUMBF boxes that are本身就是 a fingerprint.
• EXIF removal changes the file size by a predictable amount—detectors model this delta.
• Stripped files still carry encoder artifact signatures.
• The absence of GPS, DateTime, and device metadata becomes louder when the image claims to be a "spontaneous" phone photo.

The Durable Fix: Strip + Inject Clean Phone Identity

The only approach that survives current detection is surgical metadata replacement—not just removal, but the injection of a complete, coherent device identity that is indistinguishable from a genuine capture.

1. Strip all embedded metadata. Use a deep-strip tool that removes EXIF, XMP, IPTC, C2PA JUMBF segments, PNG tEXt chunks, and ICC profiles. Verify the file is clean using exiftool -a -G1 image.jpg—output should show no metadata groups.
2. Inject authentic device EXIF from a real device capture. This means copying the exact metadata block from a genuine photo taken on a target device (e.g., an iPhone 15 Pro). Critical fields include: Make=Apple, Model=iPhone 15 Pro, Software=15.1, DateTimeOriginal (set to a plausible timestamp), GPSLatitude and GPSLongitude (matching the caption location), BurstUUID (if simulating burst mode), LensModel=1.7mm f/1.8, Flash=Did not fire, and ColorSpace=1.
3. Inject a matching ICC profile. Copy the ICC profile from the genuine device photo (usually Display P3 for iPhone). Embed it using exiftool -icc_profile=.
4. Verify coherence. Run the output through at least two detection pipelines. Check that C2PA validation (using c2patool verify image.jpg) returns no AI manifest, that EXIF shows a single consistent device identity, and that the image's compression artifacts are consistent with the claimed device encoder.