EU AI Act Art. 50 — 2 Aug 2026 — up to €15M

Original
Pictures

The record behind content

Sign, watermark, and anchor every AI output. C2PA manifest + invisible watermark + blockchain proof. One POST.

Standards
C2PA v2.2
IPTC Photo Metadata
OTS OpenTimestamps
CAI Content Authenticity Initiative
CAWG Identity v1.2

Three layers. No single one is enough.

Full docs →
01

Sign

C2PA manifest under our DigiCert cert.

SHA-256 hard binding + CAWG identity assertion naming your platform + RFC 3161 sigTst2 v2 timestamp. Mathematically valid forever, even if our servers are dark.

02

Watermark

TrustMark today; AudioSeal + VideoSeal at GA.

Invisible 100-bit payload surviving JPEG re-encode, crop, and screenshot. Decoded server-side to recover the manifest pointer when metadata is stripped.

03

Anchor

OpenTimestamps — BTC + Arbitrum.

Daily Merkle root anchored to Bitcoin and Arbitrum. No proprietary tokens. Verifiable offline with ots verify, independent of our servers.

# Sign + watermark + anchor in one POST
curl -X POST https://api.originalpictures.com/v1/sign \
  -H "Authorization: Bearer $OP_KEY" \
  -F "[email protected]" \
  -F 'assertions={"c2pa.created":{"actions":[{"action":"c2pa.ai_generated","softwareAgent":"your-model"}]}}'

Five regimes. One POST covers all three code layers.

Regime
Effective
Bite

LIVE EU AI Act Article 50(2)

Machine-readable marking of AI outputs; Art. 50(4) deployer labelling of deepfakes.

2 Aug 2026

€15M or 3% worldwide turnover

UK Online Safety Act

Deepfake intimate imagery offence in force.

2024–2025 phased

10% qualifying worldwide revenue

LIVE US TAKE IT DOWN Act (S.146)

Notice-and-takedown for NCII and digital forgeries. Signed 19 May 2025.

19 May 2026

FTC UDAP authority

LIVE California SB 942 / AB 853

AI Transparency Act. Machine-readable disclosure required.

2 Aug 2026

$5,000 per violation

China CAC Deep Synthesis

Explicit and implicit labelling of AI-generated content.

In force since Jan 2023

Service suspension, fines

CISA / NSA / FBI Joint CSI

Jan 2025 advisory recommends C2PA adoption for multimedia integrity.

Live

Federal procurement signal

  • Arup, Jan 2024

    HK$200M lost across 15 transfers to a deepfake CFO video call.

  • Romania, Dec 2024

    Constitutional Court annulled presidential election first round after AI-amplified TikTok campaign.

  • Pentagon image, May 2023

    AI-generated explosion photo sent S&P 500 down 0.3% before AP and Bloomberg debunked it.

Each of these would have been disprovable with one missing manifest.

The trace is gone. Diffusion models render light that never fell, voices that never spoke. The cost of generating a plausible memory has collapsed to fractions of a cent.

Detection is a treadmill. Every classifier trains the next forger. So we stopped trying to detect what is false and started signing what is real, at the moment it is real.

We are the notary. We are not in the picture. If we die, every manifest we ever signed remains mathematically valid — the RFC 3161 timestamp and the blockchain block are facts.

Sign once. Outlive the company.

Eight questions, answered plainly.

+ What is C2PA?

The Coalition for Content Provenance and Authenticity is an open standard from Adobe, Microsoft, BBC, Intel, and others. It attaches a cryptographically signed manifest — assertions about how an asset was made, plus a hash of the asset — to image, video, audio, and PDF files. Current spec: v2.2 at spec.c2pa.org.

+ What is EU AI Act Article 50?

From 2 August 2026, providers of generative AI systems on the EU market must mark synthetic outputs in machine-readable form (Art. 50(2)); deployers must label deepfakes (Art. 50(4)). Penalties reach €15M or 3% of worldwide annual turnover. We deliver signed metadata + invisible watermark + fingerprint logging — the three-layer baseline named in the 5 March 2026 Code of Practice.

+ Why Original Pictures vs Adobe Content Credentials or Truepic?

Adobe ships an SDK — you still need your own CA, key custody, and pipeline. Truepic is a vertical capture stack for insurance and journalism. We are a horizontal signer-as-a-service: one POST /v1/sign, your name in the CAWG identity assertion, OpenTimestamps anchor, TrustMark watermark. Stack-agnostic and chain-minimal.

+ What happens when metadata is stripped?

Social platforms strip C2PA from JPEG today. That is why we layer a TrustMark watermark inside the pixels (100-bit payload, >96% bit accuracy under severe degradation per Adobe TrustMark FAQ) plus an OpenTimestamps proof. The watermark contains a pointer to our manifest store — a stripped image still leads back to its signed origin.

+ How do I integrate?

Two paths: API (POST /v1/sign, send media + assertions JSON, get signed asset back), or Capture SDK (React Native, on-device c2pa-rust with Android Keystore / iOS Secure Enclave, server co-sign). 30-line quickstart at docs.originalpictures.com.

+ What does it cost?

Free: 1,000 signatures/month, all modalities. Builder: $99/month, 25K sigs included, $0.005/sig after. Scale: $999/month, 250K included, $0.002/sig after, 99.9% SLA. Enterprise: from $50K ACV with custom pricing and DPA.

+ What if Original Pictures shuts down?

Every manifest carries an RFC 3161 sigTst2 v2 timestamp from a TSA on the C2PA Trust List, so validation works indefinitely per C2PA Spec v2.2 §1.3.1. The verifier is open-source MIT-licensed; every customer can export a portable offline tarball; a daily Merkle root is anchored to Bitcoin and Arbitrum.

+ How robust is the watermark?

TrustMark variant Q exceeds 96% bit accuracy at 42–45 dB PSNR under severe degradation; survives JPEG re-encoding, resize, crop, screenshot, and mild color shift. Does not survive dedicated removal pipelines or diffusion re-synthesis — which is exactly why we layer the manifest and the blockchain anchor.

More at docs.originalpictures.com

Start free. Scale when you need to.

Free

For solo developers and experiments

$0

forever

1,000 signatures / month

  • 1,000 signing operations/month
  • 100 watermarks/month
  • OTS anchor batched daily
  • All modalities: image, audio, video
  • Public verification
  • Community Slack
Start building →

Builder

For startups shipping to production

$99

/month + usage

$0.005 / sig after 25K included

  • 25,000 sigs/month included
  • $0.005/sig after · $0.002/watermark
  • All modalities + watermarking
  • Webhook integration
  • Email support
Start free trial →
Most popular

Scale

For production deployments at volume

$999

/month + usage

$0.002 / sig after 250K included

  • 250,000 sigs/month included
  • $0.002/sig after · $0.001/watermark
  • 99.9% SLA · dedicated subnet
  • All modalities + soft-binding
  • Business-hours support
  • Admin console + audit log
Start free trial →

Enterprise

For regulated and hyperscale deployments

From $50K

ACV

$0.0005 / sig at volume

  • Volume pricing from $0.0005/sig
  • CAWG identity-provider integration
  • Dedicated SE · custom SLA
  • Iron Mountain escrow access
  • DPA + named-entity MSA
  • EU-resident processing region
Talk to our team →

Anchor is included free at all tiers. Self-hosted deployment on our roadmap.

See full feature comparison →

Sign once. Outlive the company.

Free: 1,000 signatures. No credit card. EU AI Act ready.