Home · Synthesis · cl-ai-content-provenance

AI-generated content provenance — C2PA, watermarking, SGI

MeitY AINIST AI RMFEU AI ActISO 42001CERT-In

Primary statement

AI content provenance per MeitY AIGG2025.11 (C2PA-aligned provenance) + ITR2026.1 + ITR2026.3 (SGI identification and watermarking for significant intermediaries) + NIST GenAI Profile MS-6 (information integrity, deepfakes, election synthetic) + EU AI Act Art 50.2 (machine-readable AI-generated content marking from Dec 2026) + ISO 42001 + CERT-In. Watermarking + cryptographic provenance is the technical anchor.

Audit-fatigue payoff

A unified content provenance implementation — C2PA + watermarking + SGI labelling — satisfies content provenance requirements across all 5 contributing frameworks. C2PA is the audit-defensible technical standard.

Strictness matrix

Scope
Scope: significant intermediaries facilitating AI generation tools shall implement durable watermarking and provenance signals embedded in AI outputs. Ceiling source: meity_ai:ITR2026.3 Rationale: MeitY ITR2026.3 specifies broadest scope for AI generation platforms.
Threshold
Threshold: synthetically generated information (SGI) labelled at source. Identification + labelling are binary obligations. Ceiling source: meity_ai:ITR2026.1 Rationale: MeitY ITR2026.1 SGI threshold is uniquely strict.
Method
Method: C2PA-aligned provenance signatures + watermarking embedded in outputs (visible + invisible) + cryptographic signing of provenance metadata + per-output traceability + integration with NIST GenAI Profile MS-6 information integrity. Ceiling source: meity_ai:AIGG2025.11 Rationale: MeitY AIGG2025.11 + ITR2026.x + EU AI Act Art 50.2 combined are the most prescriptive.
Frequency
Watermarking and provenance: per output generation. Programme review: annual + on regulatory change. Ceiling source: meity_ai:ITR2026.3 Rationale: Per-generation watermarking is the operational floor.
Evidence
Evidence: provenance specification + watermarking implementation + sample provenance metadata + C2PA conformance evidence + integration with SGI labelling. Ceiling source: meity_ai:AIGG2025.11 Rationale: MeitY AIGG2025.11 evidence is the audit-defensible specification.

Auditor test pattern

Step 1: Inspect provenance specification. Step 2: Generate sample AI output; verify watermarking + C2PA metadata. Step 3: Verify SGI labelling per ITR2026.1. Step 4: Verify EU AI Act Art 50.2 compliance.

Common findings

Common findings: (1) Watermarking visible-only without cryptographic provenance; (2) C2PA conformance absent; (3) SGI labelling missed for significant intermediaries; (4) EU AI Act Art 50.2 prep not started.