Analysis and practical guidance on EU AI Act publishing duties, C2PA, metadata loss, and publisher proof workflows.
August 2, 2026 is when Article 50 becomes enforceable. What does it actually require? Who is responsible — the AI tool or the publisher? Why does embedded metadata fail in practice? And how do four independent protection layers fill the gap? Plain language. No jargon.
WordPress powers 43% of the web — and most of it publishes AI images without a valid publisher signature. Here is why WordPress creates a specific compliance gap, and how to close it before the deadline.
366 decode tests across real WordPress renditions and Cloudinary CDN transforms. Our experimental watermark candidate recovered 91% — but the honest story has more nuance than one number.
We ran a controlled benchmark: 11 original images, 3 watermark configurations, 11 transformations each. Our experimental approach cut failures by 71%. Here is what the data shows — and what we still need to test.
WordPress is only the most visible example. Here is why CMS workflows, CDNs, Shopify, image optimizers, and social platforms often deliver a transformed rendition that no longer preserves the original embedded provenance signals.
Three technologies, three jobs. C2PA for cryptographic identity, invisible watermarking for resilience, blockchain for long-term tamper-proof evidence. Here's exactly what each layer proves, where each one breaks, and why all four are needed to meet EU AI Act Article 50.
C2PA metadata gets stripped by every major social platform. Invisible watermarks live in the pixels — and that changes what survives. How TrustMark works, what gets encoded, and why the 'recovered' proof status after an Instagram upload is actually the system working as intended.
Everything publishers, compliance officers, and marketing leads need to know — EU AI Act obligations, why C2PA alone fails, how four protection layers work together, and what a compliant workflow looks like in practice. With links to all technical deep-dives.
Most people think 'signing an image' means adding a text tag to the metadata. That's trivial to fake and trivial to strip. A MarkMyAI publisher proof is a cryptographic signature, an audit record, and a blockchain anchor. Here's exactly what happens — and why it survives when text tags don't.
What happens to your compliance proof if we shut down? We asked ourselves that question and built the answer into the product. Every mark gets anchored on Polygon — verifiable forever, independent of any service provider.
August 2, 2026 is when Article 50 becomes enforceable. Germany's Bundesnetzagentur is already designated. Fines reach €15M or 3% of global turnover. Here's what 'ready' actually means — and a concrete checklist.
A DALL·E image with full C2PA metadata. Sent via WhatsApp. What survived? We ran the experiment across five platforms. The results show why embedded metadata alone cannot be the foundation of your compliance strategy.
The deadline is August 2, 2026. Here's what Article 50 actually requires, what 'machine-readable marking' means in practice, and why most AI-generated images are not compliant today — even if they have C2PA metadata.
C2PA from DALL·E or Adobe Firefly is the tool's signature, not yours. Under Article 50(4), you as the deployer must add your own publisher signature. Here's exactly why the AI tool's C2PA doesn't cover your obligation.
We read the December 2025 draft Code of Practice. Here's what it actually requires: layered marking, detection-as-a-service, a taxonomy for 'fully AI-generated' vs 'AI-assisted', and what it deliberately leaves open for the second draft.
JUMBF containers, assertion chains, ES256 signatures, the trust list, why self-signed certs get rejected — a clear technical guide to how C2PA actually works and what it takes to sign images correctly.
More articles coming soon.
Topics: CMS workflows, publisher proof patterns, fingerprint limits, monitoring, and more.
We use Google Analytics 4 only if you agree, to understand which pages bring traffic and where visitors drop off. No advertising features are enabled. You can change your choice at any time in the privacy settings.