Encypher

Today, we're open sourcing two tools we built to make the C2PA specification programmable: C2PA Knowledge Graph converts every published version of the C2PA spec (v0.7 through v2.4) into structured, machine-readable artifacts: entities, validation rules, conformance predicates, RDF/OWL ontologies, and JSON-LD contexts. 148 entities, 237 validation rules, 145 deterministic predicates at 100% normative rule coverage for v2.4. Includes an MCP server so AI agents can query the spec directly. Try running a C2PA Q&A session with and without the graph in place. C2PA Conformance Suite uses those predicates to test whether a C2PA implementation actually conforms to the specification. It ships a JUMBF parser, COSE Sign1 verifier, X.509 chain validator, and format extractors for 16 container formats. 768 tests, 91 evaluation operators, zero manual interpretation. We validated against official C2PA interop test assets from Google Pixel Camera, Google Photos, and NotebookLM with zero unexpected failures. NOTE: this is an internal tool, and NOT the official C2PA conformance program. However, it will be very helpful for anyone trying to go through the conformance program. This is the tooling we use internally to verify that Encypher's signed assets meet the C2PA specification across all supported formats. We decided to clean it up and release it because programmable access to the spec benefits the entire ecosystem. Both repos are Apache 2.0 licensed: https://lnkd.in/e5dfEZsj https://lnkd.in/eUEg88-h Contributions and feedback welcome. #C2PA #ContentProvenance #ContentAuthenticity #OpenSource #AI

The EU Parliament voted 460-71 on March 10 to recommend fair remuneration for copyrighted works used in AI training, itemized disclosure of training data, and opt-out rights for creators. Three things worth noting for anyone in the content licensing space: First, this goes well beyond the AI Act's existing transparency requirements. The shift from "publish a sufficiently detailed summary" to "disclose every copyrighted work used" is a fundamental change in what's expected of AI providers. Second, every one of these recommendations assumes provenance infrastructure that doesn't exist yet for text. Fair remuneration requires proof of use. Opt-out requires content that can be identified after ingestion. Itemized disclosure requires a chain of custody from publisher to training pipeline. Unmarked text has none of this. Third, the timeline is real. The AI Act's first GPAI compliance deadline is August 2026. That's seventeen months from standard publication to enforcement. The C2PA text provenance specification published January 8th, the standard I co-chair alongside Google, BBC, OpenAI, Adobe, and Microsoft, is built to close this gap. And at Encypher, we embed cryptographic signatures at the sentence level that survive redistribution. The regulatory intent is no longer ambiguous. The infrastructure question is whether publishers will be ready to prove what's theirs when enforcement begins. #ContentLicensing #EUAIAct #C2PA

Excited announce that we've been invited to attend Prebid.org's Ascent London Summit next week. The question at the center of Prebid's LLM Taskforce, how publishers participate meaningfully in the AI ecosystem without giving away the store, is the same question that led us to co-chair the C2PA Text Provenance Task Force. Access and integration matter. But so does proof. Right now there's no standardized way for a bid request to signal that the underlying content is verified human-authored work. That's a problem for publishers, and it's a problem for buyers who want to pay a premium for authentic inventory. Content provenance as a programmatic signal is where these two efforts converge. Looking forward to this session and the conversations around it.

The Library of Congress is organizing the cultural heritage community around content provenance and C2PA. That matters beyond archives. The same problem Kate Murray and her co-authors identify, provenance metadata gets stripped as content moves through aggregators, platforms, and distribution chains, is exactly what publishers and news organizations face when their content enters AI training pipelines. Repository-centric provenance doesn't travel. Embedded provenance does. Text provenance is the least developed part of this conversation. It shouldn't be. The C2PA 2.3 text specification published January 8. The frameworks being set now will govern how content authenticity works across sectors for years. Worth reading regardless of which side of the content economy you sit on.

Congrats to the Freestar team on the #pubOS launch󠇟󠇠󠇡󠇢󠆲󠅱︌󠆄󠇀󠄵󠄱󠆤󠆌󠄢󠆔󠆪󠅕󠇐󠄪󠇅󠇙󠆥󠄁󠅠󠄎󠆟󠆾︋󠄻󠆩󠆏󠅻󠇂󠆝󠅨󠅟󠅖󠆋󠆬󠅨󠄔󠄩󠆒󠄐. Publishers need this kind of integrated infrastructure, especially as AI licensing becomes a defining challenge for the industry󠇟󠇠󠇡󠇢󠄄󠅰󠄠󠄵󠅶︊󠄻󠇨󠆕󠄤󠇡󠆗󠄙󠄬󠅅︊󠇢󠄏󠄳󠆉󠇠󠇦󠆚󠆆󠅜󠄴󠅢󠅬󠇭󠇩󠆹󠇟󠅡󠆻︃︊︍󠄀󠅫󠅿. Excited to see this approach to giving publishers the tools they need in one place󠇟󠇠󠇡󠇢󠇑︇󠄳󠅗󠅹󠇀󠄽󠄾󠅼󠄥󠄴󠇙󠆹󠄽󠄸󠅑󠇟󠇉󠇇󠅆󠆎󠅝󠇓️󠇍︃󠅧󠇋󠇌󠄰󠄌󠆦󠅓󠆨󠅮󠆂󠅍󠄏󠅟󠇇.

This post is cryptographically signed. You can verify that yourself in about 30 seconds. We just published Encypher Verify on the Chrome Web Store. It's a browser extension that detects invisible cryptographic proof of origin embedded in text, and shows you who authored it, when, and whether it's been modified. Install it, then come back to this post. You'll see the verification status inline. The same works across our blog at encypherai.com/blog and the About section of my LinkedIn page. I co-chair the C2PA Text Provenance Task Force and authored the specification (Section A.7, published January 8, 2026) that makes this possible. The extension is the consumer-facing layer of that standard, it surfaces what's already embedded in the text without requiring any platform cooperation. What publishers should know: signing is free. Every article you publish can carry this proof. It survives copy-paste, wire service distribution, aggregator scraping. Anywhere your content travels, the signature follows. When people start using your content without your consent, you now have proof. Try it yourself: Chrome Web Store: https://lnkd.in/eMxQiSvC Blog: https://lnkd.in/eAEd_KMx #C2PA #ContentProvenance #ContentAuthenticity #AIcopyright #CopyrightLaw #ContentLicensing #PublishingIndustry #CryptographicWatermarking #ChromeExtension #AIgovernance󠇟󠇠󠇡󠇢󠆴󠅂󠅎󠅪󠇌󠄒󠄰󠆠󠅾󠅒󠄽󠅁󠅓󠆬󠆀󠆢󠄶󠅽︊󠆩󠅴󠆮󠇪󠆤󠆲󠄉󠆒󠄛󠆮󠆃󠄈󠅑󠅕󠅾󠅣󠆚󠆟󠇁󠇞󠄉

I’ve been thinking a lot about how we protect our content once it’s live on a website. Erik Svilich shared a great analogy with me the other day that really puts it into perspective. Imagine you spent years building a home. You’ve filled it with meaningful artwork, custom furniture, and years of hard work. You have a sturdy lock on the front door. You feel safe. A great lock is essential, but it isn't everything. If a back window is left open, or if someone gets past the gate, that lock doesn't matter anymore. Once your valuables leave the house, they’re gone. No way to prove they were yours. No way to find them. This is exactly how most of us treat our websites. We focus so much on the house that we forget to protect the valuables (the content). Once someone scrapes your data or copies your work, the front door security becomes irrelevant. That’s why Erik built Encypher. We aren't here to replace the lock on your door; we work right alongside it. Encypher places an "invisible GPS" on everything inside. By putting invisible watermarks on your content, we ensure your work carries your signature wherever it goes. It’s the peace of mind that comes with knowing that if your work is ever taken, you have the map to find it. The best part? Protection shouldn't have a barrier to entry. We’re making this available for free because every creator deserves to truly own what they build. If you are interested in learning more about Encypher, reach out!