Preserving trust in photojournalism through authentication technology

A general view shows damage to a residential building, following a deadly shelling of residential buildings, as Russia's invasion of Ukraine continues, in Kostiantynivka, Ukraine.

April 2, 2023

Photographer Violeta Santos Moura

Kostiantynivka, Ukraine

Reuters and Canon demonstrate end-to-end content authenticity system in the field

As the leading global news agency, Reuters works relentlessly to bring news from the source and provide readers and viewers with unbiased and reliable information from the world around us. Every day, our journalists capture the first draft of history, without bias or agenda, to inform billions of people.

Photojournalism plays a crucial role in documenting that history. Yet, with generative AI technology now available to anyone with internet access, it has become much easier to create visuals that can deceive or misinform. To make sure we can protect the trust we have built up over decades, we're always exploring innovative technologies. This is one big step forward.

Many photojournalists worldwide rely on Canon technologies. As a leading global camera manufacturer, Canon understands the role images play in society and recognises the importance of preserving image authenticity. Working as part of the Content Authenticity Initiative (CAI) alliance, Canon wants to take meaningful measures to protect image outputs that serve the news community worldwide.

The Challenge

We previously tested authentication workflows using a mobile phone and Canon camera connected by WiFi with a Starling Lab prototype app which allowed for photographic metadata to be digitally signed on the device at the point of capture. For the technology to have a practical application in news gathering, it must be embedded into the cameras used by photojournalists in the field.

The solution in detail:
How it worked

The solution in detail: How it worked

In our proof of concept, a picture taken by our photojournalist is digitally signed by a Canon camera using a device-specific key at the point of capture and attached to the image, forming the first version of the picture. The authenticated picture's pixels, GPS and other metadata, is sent to the Reuters system directly from the camera and registered onto a public blockchain as well as preserved on two cryptographic archives that use the Filecoin and Storj protocols.

Editors then work with the pictures, and each successive modification or edit creates a new record in a private database (ProvenDB) that is indexed to the original registration. This allows edit logs to be kept private, but these logs also have their authenticity records registered on the Hedera public ledger. The process continues until publication, where a final version is created and the photo is distributed with all the information about its original time, date, location and blockchain registration now embedded directly into the JPEG file using the C2PA standard.

A news consumer can check the validity of a picture by comparing its hash to the value in the public ledger system. The values should be the same, irrespective of where the consumer retrieves the picture. If they are not, the image has changed since Reuters published the picture, breaking the chain.

Testing the technology in Ukraine

Collaborating with the teams at Canon and Starling Lab, we tested the technology while covering the war in Ukraine, a story in which there has been significant mis- and dis-information. Reuters photographer Violeta Santos Moura captured pictures from the frontline using a prototype Canon camera which digitally signed every picture taken.

The scope of our proof of concept was two-fold:

1. To preserve the chain of integrity of a picture taken by a Reuters photographer from camera through to the point of publication.

2. To test the integration of authentication technology on our picture desk workflows.

What worked well

We successfully attached a digital signature to the images taken by the Canon camera which enabled us to verify that both the image and metadata are original. We also integrated the authentication technology to preserve the chain of integrity while edits are made by the picture desk through the entire workflow to the point of publication.

Lyubov Vasilivna, 71, reacts when listing economic vulnerability, old age, her animals and the house where the 71 year old was born as the reasons to remain in her home and not evacuate from the village of Semenivka, near the frontline town of Avdiivka, in the eastern Donetsk region, Ukraine

28th March, 2023

Avdiivka, Ukraine

Challenges

Speed

Generating the digital signature including hash value calculation, signing and injection into picture data required additional processing time on the test camera, increasing the difficulty for the photographer to capture the best quality pictures under the added pressure of operating in a conflict zone.

Every second counts in our picture editing and delivery pipeline, and the impact of integrating authentication workflows to our delivery speed was significant.

Minimizing the impact to delivery speed to the point that it is acceptable to our customers in the breaking news industry would require much greater effort than was in scope for this proof of concept.

Capturing every edit

In our standard FotoWare ingest workflows, minor automated edits are made to the picture metadata on upload. Since any change breaks the chain of authenticated C2PA information, we needed to find a way to capture these edits to avoid breaking the C2PA provenance history.

FotoWare developed a procedure to re-process the asset for C2PA signage through the Starling Lab system to maintain content authenticity for the proof of concept. With this important reference implementation, work can accelerate to ensure that all digital asset management (DAM) systems used by our customers can leverage the C2PA's open source standard end-to-end.

Photo information

Capture Date: 2023-04-02T14:47:25
Description: Photo uploaded through FotoWare and authenticated with Sig66
Caption: A general view shows damage to a residential building, following a deadly shelling of residential buildings, as Russia's invasion of Ukraine continues, in Kostiantynivka, Ukraine, April 2, 2023. REUTERS/Violeta Santos Moura
Dimensions: 6000 x 4000
Format: image/jpeg

Inspect View Manifest

Manifests / Ledger

Capture
Registered on
OpenTimestamps on Bitcoin
OpenTimestamps defines a set of operations for creating provable timestamps and later independently verifying them. The current implementation uses calendar servers anchoring on the Bitcoin blockchain.
SHA256: a98fe4b758098c9d7da580d4aa0e74b9e4f39bcc638579737b62b498199bb25a
Block: 783628
View
Numbers Protocol on Numbers
Numbers Protocol is an asset-driven protocol that makes digital media traceable and verifiable. This asset registration is recorded on the Numbers blockchain.
Transaction ID: 0x40dbde80fc663240ff42c00a011ad3c042c3f17155cce9b35978be45efd50c73
View
Numbers Protocol on Avalanche
Numbers Protocol is an asset-driven protocol that makes digital media traceable and verifiable. This asset registration is recorded on the Avalanche blockchain.
Transaction ID: 0x82f34405c88bf80e395cb9ac7effaa8cafa0536e1dc50049927d5aaceeee7be8
View
ISCN on LikeCoin
The International Standard Content Number helps to identify a specific digital content, records the content metadata, the intellectual property rights and the stakeholders of the creation. This asset registration is recorded on the LikeCoin blockchain.
ISCN ID: iscn://likecoin-chain/q83YLCFopweK50d-oB03q0gC-HnLU3ef16mBlkRcq-s/1
Transaction ID: E48DEE211BA384508B0106ED27EE84716506A18CDD306859284593256D77B5D2
View

Store
Preserved on
ipfs
The InterPlanetary File System is a peer-to-peer hypermedia protocol designed to preserve and grow humanity's knowledge by making the web upgradeable, resilient, and more open.
Content ID: bafybeietsrsaptvu5yrhmyhsby56iaxr4ex67t7dopwdp442rbf2fwgvvm
View
filecoin
Filecoin is a decentralized storage network designed to store humanity's most important information.
Piece Content ID: baga6ea4seaqlx5ou5m624sdmd5oykk5qn2b57gh7exr5vqqdajbe36i5jtljsia
View
storj
Storj is a distributed network of independent nodes where data is encrypted, split into smaller pieces, and then spread worldwide.
Path: /jxkihjhgcnzihfvipjjzfgdl36sq/reuters-v2%2F40b9327bd88fb980125c2353797b846973f17e9bfe578905a3a57636090a736c.encrypted
View
Verify
Verified changes
ProvenDB anchored on Hedera
ProvenDB is database service for certifying digital assets to public blockchains. The proofs in the current implementation are anchored on the Hedera blockchain.
Creation:
New metadata: 124A0699-create-new.json
Database proof file: 124A0699-create-proof.json
Public anchor transaction ID: 14f4006da6c51e2988e69415c9f60b33fb48cc0e4cdea66534d792fadc712c77eec038ce1ba2c524f3e5817b72319f5a
View
Photoshop modification
Change logs: 124A0699-photoshop-log.json
Database proof file: 124A0699-photoshop-proof.json
Public anchor transaction ID: 14f4006da6c51e2988e69415c9f60b33fb48cc0e4cdea66534d792fadc712c77eec038ce1ba2c524f3e5817b72319f5a
View
Metadata modification
New metadata: 124A0699-metadata-new.json
Old metadata: 124A0699-metadata-original.json
Change logs: 124A0699-metadata-delta.json
Database proof file: 124A0699-metadata-proof.json
Public anchor transaction ID: 2dab538681fe1f7b56609b0b06b5df93c2ae076e7679b1786b10ef77bf91ad361fc28c579a884cb9c9adfc09d9c3b71e
View

What next?

Given the complexity and degree of novelty of the technology applied in this proof of concept, we would like to hear from our customers about its potential application in their content ingest, editing and publication workflows.

Talk to Reuters about the implementation
Talk to Canon about your content authentication hardware requirements

Digital signature explained
Digital signature is a mathematical method for verifying the authenticity of digital contents. Using a hash function, a piece of digital information is converted into a hash value: a unique digital fingerprint that is basically a large number. Any two pieces of content that differ, no matter how small, will generate different hash values, making it very easy to detect if the information has changed.
A hash value is calculated from entire or parts of a target digital content and digitally signed using a private key for digital signing. The signature data can be used by a recipient to verify the origin of the digital content.
In the verification process, the signature is verified using a public key which was made along with the private key. Only a paired public key can verify the signature so it gives the recipient reason to believe the content was made by a certain person.
Blockchain explained
Blockchains are composed of blocks, whereby each block contains three pieces of information: data (or a reference to it), a hash value calculated from that data, and the previous block's hash value. Each new version of the data is included in a new block, and the "chain" of preceding values makes it possible to track every modification back to the original material.
Blocks are stored in public directories called ledgers. Public ledgers are distributed across multiple sources to prevent tampering. A malicious third party that wishes to tamper with the chain of blocks would have to do it across multiple systems that they would not have full access to, at the same time. This is extremely difficult to do. Finally, multiple publicly distributed ledgers can be used for the same data content for added security.
C2PA explained
The Coalition for Content Provenance and Authenticity (C2PA) is a Joint Development Foundation project to collectively build an end-to-end open technical standard to provide publishers, creators, and consumers with opt-in, flexible ways to understand the authenticity and provenance of different media types.
FotoWare provides the digital asset management (DAM) system used as a hub for Starling Lab's implementation of the C2PA specification. Media with provenance information uploaded to the DAM is automatically digitally signed to allow consumers to verify content credentials via the DAM web interface. FotoWare discovered the value of establishing trust in assets modified within the DAM by users or the system itself so a procedure was developed to re-process the C2PA signature through the Starling Lab system to maintain content authenticity.
The C2PA standard and its media signing tools are used throughout the system, to bundle and embed provenance information from various stages directly into the authenticated pictures in our final distribution.