Guides
Plain-English guides to watermarking, ownership and provenance for your media files: how a file can prove who made it, where it came from and how it has been handled and traced, plus honest tests of what actually holds up in the real world.
Are voice watermarks reliable?
Voice watermarks deter casual users but fall to a motivated remover. What the speech research shows about what holds, what breaks, and why reliability depends on the adversary.
Read guide ↗Can music watermarks be removed?
Yes, by a motivated remover. Music watermarks survive streaming and MP3 at reasonable bitrates but fall to overwriting and neural-codec re-synthesis, with Cinavia the copy-control outlier.
Read guide ↗Can text watermarks be removed?
Yes, and cheaply. Text watermarks resist light edits through n-gram leakage but fall to strong paraphrase and to watermark stealing for under $50. What the research shows.
Read guide ↗Can voice watermarks be removed?
Yes, by a motivated remover. Voice watermarks ride through ordinary MP3 but fall to overwriting, neural-codec re-synthesis and scheme-blind removal. What the speech research shows.
Read guide ↗Content Credentials not showing? A diagnostic checklist
Content Credentials usually are not showing because the file was re-saved, re-encoded, screenshotted, or uploaded to a platform that stripped or invalidated the manifest, so the first job is to tell no manifest from an invalid one.
Read guide ↗Content Credentials in Photoshop and Lightroom: what survives export, what breaks
Photoshop and Lightroom both attach Content Credentials on export, but they survive only inside the C2PA-aware chain: one ordinary re-save outside it strips or invalidates them.
Read guide ↗Can C2PA be removed, and is it secure? The limits
Yes, C2PA can be removed: stripping the manifest is trivial and silent. C2PA is tamper-evident, not tamper-proof, strong against forgery and weak against removal.
Read guide ↗EU AI Act Article 50: the AI watermarking and disclosure rules, explained
EU AI Act Article 50 requires providers to mark AI output as machine-readable and deployers to disclose deepfakes from 2 August 2026, with fines up to 15 million euros or 3 percent of turnover.
Read guide ↗Does ChatGPT watermark its images?
Yes, and twice. Every ChatGPT image carries C2PA Content Credentials naming GPT-4o as the source, and since May 2026 a SynthID invisible watermark in the pixels. What each proves, and what neither does.
Read guide ↗How leak tracing works: from a few frames or a phone photo
Leak tracing embeds a unique per-recipient watermark in each copy and builds it to survive recapture, so even a few frames or a phone photo of a screen can recover the recipient identifier. How it works, and where it breaks.
Read guide ↗Is my AI image watermarked?
Whether your AI image is watermarked depends entirely on which tool made it. Some embed C2PA metadata, some a SynthID pixel mark, some both, many nothing. How to check, and how to read the result.
Read guide ↗Watermark and provenance checker: what a reader can surface from a file
A watermark and provenance checker reports the machine-readable signals a file carries, a signed C2PA manifest and any detectable watermarks. What is openly readable, what is only detectable, and what a reader cannot tell you.
Read guide ↗Digital watermark vs copyright vs C2PA: what each one actually proves
A digital watermark is a technical signal in the content, copyright is a legal right that arises automatically at creation, and C2PA is a signed provenance record. They can support each other, but none replaces another.
Read guide ↗What is forensic watermarking? What it proves, and where it fails
Forensic watermarking marks every copy of a file with a unique per-recipient identifier, so a leak traces back to one recipient. What it proves, where it is used, and where collusion and re-encoding break it.
Read guide ↗Do Content Credentials survive social media or a screenshot?
A screenshot removes Content Credentials entirely, and most image and audio platforms strip or re-encode on upload, so a missing credential is the norm.
Read guide ↗Does an audio watermark survive MP3 or re-encoding?
A good audio watermark survives ordinary MP3 at a reasonable bitrate, but surviving MP3 is not surviving re-encoding: a neural-codec round-trip or overwrite erases it.
Read guide ↗Does an audio watermark prove ownership?
An audio watermark can support an ownership claim but cannot prove it alone. Why its payload is an arbitrary ID with no content binding, and what to pair it with.
Read guide ↗How reliable is audio watermarking?
Audio watermarking is reliable against everyday handling and weak against a determined remover. What the benchmarks show about which method survives which attack.
Read guide ↗How robust is digital watermarking?
How robust a digital watermark is depends on where the mark lives. The plain-English tier map: pixel-level, latent or seeded, and container-level, across image and audio.
Read guide ↗What is C2PA / Content Credentials? What it proves and what it doesn't
C2PA / Content Credentials is a cryptographically signed record of a file origin and edit history. It proves the record is intact, not that it is true.
Read guide ↗Trace who leaked my track with forensic audio watermarks
Leak tracing needs a per-recipient forensic watermark, a unique mark in each copy that identifies the source, and it works only while the mark survives.
Read guide ↗What is Cinavia? Message code 3 and how copy-control watermarks work
Cinavia is Verance's copy-control audio watermark. What message code 3 (Audio muted) means, why it is designed to survive the analog hole, and how it differs from AI marks.
Read guide ↗How AudioSeal works, audio watermarking for origin
AudioSeal is the per-sample audio watermark from Meta for AI speech. How the generator and detector work, why localization matters, and where reliability ends.
Read guide ↗C2PA vs SynthID, metadata vs watermark, and what survives when the other doesn't
C2PA signs metadata; SynthID hides a mark in the pixels. They fail under opposite conditions, which is why some generators ship both. A sourced comparison of what each proves.
Read guide ↗Invisible watermark detectors: what actually exists
Invisible-watermark detectors are scheme-specific, not universal. The image and audio schemes that actually exist, what each reads, and what a detector can never tell you.
Read guide ↗What is SynthID and how does it work?
SynthID is the invisible watermark from Google DeepMind for AI content. How the image scheme works, what its detector actually certifies, and where it stops.
Read guide ↗Can AI watermarks be removed? What the research actually shows
Yes, by a motivated adversary, and in some cases provably. A review of the removal research: regeneration, purification, adaptive attacks and decoder fine-tuning.
Read guide ↗Does SynthID survive editing, cropping and compression?
SynthID holds through everyday edits, but its makers flag re-generation as removable and a missing mark proves nothing. What survives, what does not, and why.
Read guide ↗Are AI watermarks reliable? What the research actually shows
AI watermarks deter casual users but fall to a motivated remover. The peer-reviewed evidence on what holds, what breaks, and why no method is attack-proof.
Read guide ↗Do content watermarks actually work? An independent robustness review
A sourced review of whether SynthID, C2PA and AudioSeal survive real-world handling: what each proves, where it holds, and where the research shows it breaks.
Read guide ↗Nothing matches this media type yet.