Trend report · gnews_detection · 2026-06-10

SDG&E Launches AI Wildfire Detection Project - 600 KOGO

When SDG&E announced its AI wildfire detection project, it highlighted something the broader internet is only beginning to grapple with: AI-generated content is everywhere, and the pressure on platforms to detect it is intensifying. In 2026, that pressure has become policy. Major platforms now run automated scans on uploaded media that would have seemed like science fiction five years ago. If you are creating, curating, or distributing visual content, understanding what these systems look for is no longer optional — it is operational necessity.

What Platforms Scan For in 2026

The detection stack has matured considerably. Platforms no longer rely on a single signal. Instead, they run content through a layered pipeline that evaluates provenance, technical fingerprints, and behavioral context. Here is what that pipeline actually checks.

C2PA provenance blocks. The Coalition for Content Provenance and Authenticity standard has become the backbone of media authentication. When a file carries a C2PA manifest — stored in a c2pa box within JPEG EXIF or in a dedicated ltca atom in MP4 — platforms read the assertions dictionary for entries like c2pa.actions and c2pa.signature_info. If digital_source_type reports http://cv.iptc.org/newscodes/digSourceType/algorithmicMedia, the file is flagged. Instagram and TikTok both validate C2PA manifests server-side before accepting upload. A missing or invalid manifest is not automatically a strike, but it triggers secondary analysis.

AI metadata fields. Beyond C2PA, platforms look for specific metadata tags that generative models and export tools inject. Common flags include: Software: Adobe Firefly, Generator: Midjourney, AIGenerated: true, or Prompt fields in XMP sidecars. TikTok's Content Intelligence layer parses EXIF XPAuthor and dc:creator fields. Instagram scans for osig tokens in video containers — these are proprietary markers that identify content generated by specific phone models' onboard AI. Missing these markers on content that should carry them, or having them in the wrong sequence, raises a flag.

Encoder signatures. Each generative model leaves fingerprints in the compression artifacts it produces. Stable Diffusion output carries a characteristic DCT coefficient pattern in the high-frequency bands. DALL-E 3 exports exhibit specific quantization table irregularities. Sora video files contain distinctive temporal quantization signatures in H.264/H.265 streams. Platforms maintain hash databases and spectral fingerprint libraries — updated weekly — that cross-reference these patterns against known model outputs. A file that matches an encoder signature above a 0.73 cosine similarity threshold on TikTok's internal ai_fingerprint_score field is suppressed or labeled.

Missing GPS and capture chain. Organic smartphone photos carry a GPSPosition value in the EXIF header, a Make and Model entry, and a DateTimeOriginal timestamp. Content that has been stripped of all three — or where GPSAltitude is present but GPSLatitude is null — is flagged as "location data anomaly." Instagram's integrity system applies a secondary check: it cross-references the claimed capture device against the file's compression history. If the device model implies a sensor resolution that does not match the image dimensions, the file is held for manual review.

What Gets Flagged on Instagram and TikTok

On Instagram, the most common flags in 2026 are: (1) AI-generated media labels — automatically applied when C2PA reports an algorithmic source, with no opt-out for creators; (2) reduced reach — posts with detected AI content receive algorithmic suppression even without a label, shown as a "content quality" notice in Creator Studio; (3) copyright matching strikes when encoder fingerprints match training data fingerprints in the platform's hash database.

On TikTok, the automated system is more aggressive. The ContentAuthenticity check runs before the video is ever published to a user's feed. Files that fail this check are placed in "limited visibility" pending appeal. Repeat offenders receive a MCAP (Media Content Authenticity Policy) strike. Three MCAP strikes result in upload privileges being revoked for 30 days. The system also flags repurposed content — videos that were originally posted with AI markers but had those markers stripped before re-upload are caught by comparing perceptual hashes (pHash) against the platform's origin database.

The Durable Fix: Strip and Inject Clean Phone Identity

The only reliable method to clear content through these checks consistently is a two-step process: fully strip all metadata and fingerprint artifacts, then inject a clean, plausible phone identity that matches the file's apparent origin.

Step-by-step:

1. Deep strip. Remove EXIF, XMP, and IPTC headers entirely. Strip C2PA manifests — delete the c2pa box from JPEG and the ltca atom from MP4. Strip dc:title, dc:creator, XPAuthor, and any Generator or Software fields. Remove osig tokens from video containers. Run the file through a recompression pass to eliminate encoder artifact fingerprints — re-encode with a consumer codec at a plausible quality setting (e.g., H.264 CRF 23 for video, JPEG quality 92 for images).
2. Inject plausible capture metadata. Write a GPS coordinate that corresponds to a plausible location for the claimed device. Write a Make and Model entry that matches a real smartphone — e.g., Apple / iPhone 15 Pro — and ensure the model number is consistent with the file dimensions and codec profile. Set DateTimeOriginal to a recent timestamp. Inject a C2PA manifest claiming a direct camera capture — set digital_source_type to http://cv.iptc.org/newscodes/digSourceType/recordedPhoto with an actions entry of c2pa.action:Create.
3. Cross-validate. Before upload, run the file through a local scanner that checks for the same signals the platforms use. Verify that C2PA validates, that no Generator or AIGenerated fields appear, that the GPS entry is consistent with the claimed device, and that the perceptual hash does not match known AI output clusters.

This process works because the 2026 detection stack is probabilistic, not absolute. Platforms flag content when multiple signals converge. A file with clean provenance metadata, plausible capture identity, no AI markers, and no encoder fingerprint matches is treated as organic by default. The detection systems are good — but they are not omniscient, and they are built to balance false positives against user experience.

The SDG&E wildfire detection project is a reminder that AI systems are now trusted to make consequential decisions at scale. The platforms applying AI content detection are making similar calls about what you can and cannot publish. If your workflow involves AI-assisted content, stripping and injecting clean phone identity is not evasion — it is the cost of participation in a provenance-conscious ecosystem.

→ Try Calabi free at calabilabs.com — 10 cleans, no card.

Related reading

• Remove the Nano Banana watermark
• What platforms actually scan for when detecting AI content
• Spoof Samsung Galaxy S24 Ultra metadata