Article image
SEIKOURI Inc.

When Proof Becomes Power

How provenance became the missing infrastructure of AI, copyright, and trust

Markus Brinsa 7 May 13, 2026 17 17 min read Download Web Insights Edgefiles™ seikou.AI™

Sources

The old internet ran on belief

For most of the internet’s commercial life, digital trust was built on a remarkably fragile assumption. We saw something, we recognized the source, we accepted the context, and we moved on. A photo came from a newspaper. A quote came from a public figure. A song came from a label. A research report came from an institution. A brand campaign came from an agency. A press release came from a company account. A file attached to an email looked like the file we expected to receive.

That system was never perfect. It was simply good enough to function.

The internet did not need every image, sentence, voice, and video to carry a complete history because manipulation required effort, distribution had friction, and most fakery still left visible seams. A bad Photoshop job looked like a bad Photoshop job. A forged memo had to pass through human hands. A fake recording required specialized tools. A synthetic campaign needed money, time, and coordination.

Generative AI changed the economics. It did not invent deception. It industrialized plausible fabrication.

Now the basic unit of digital culture is no longer the file. It is the claim attached to the file. This photo shows what happened. This voice belongs to that person. This article was written by a human. This image was made from licensed material. This model was trained lawfully. This output is original enough to protect. This dataset is clean enough to use. This vendor can prove what it built.

The old internet asked whether we trusted the publisher. The new internet asks whether the publisher can prove the chain of creation.

That is the deeper reason digital authenticity deserves a second look. Until recently, digital authenticity was easy to frame as a media literacy problem: people needed better ways to judge whether the image, voice, or document in front of them was genuine. People needed to be careful before sharing viral images. Platforms needed labels. Creators needed better metadata. Cameras and editing tools needed durable receipts. All of that remains true, but it is no longer enough.

The argument has moved upstream, from the visible artifact to the hidden process that produced it.

Authenticity is no longer just about whether a finished piece of media was altered. It is about whether the entire production history can be inspected, defended, licensed, challenged, corrected, and audited. It now touches copyright law, AI governance, procurement, litigation, brand safety, journalism, entertainment, political communication, and enterprise risk.

The age of synthetic media did not merely create a problem of fake content. It created a problem of unverifiable creation.

Copyright exposed the deeper weakness

The copyright debate around generative AI has been useful because it forced a distinction the technology industry often prefers to blur. There is a difference between making something, instructing something, transforming something, selecting something, arranging something, and owning something.

That distinction matters because copyright has never protected mere effort. It has never protected vague involvement. It has never protected the emotional feeling of having caused something to exist. It protects human authorship expressed in a work. The harder generative AI made that boundary, the more obvious the old structure became.

The first wave of AI copyright arguments focused heavily on outputs. Could a fully AI-generated image be copyrighted? Could a prompt alone create authorship? Could a person claim ownership over a work produced by a system that made the expressive decisions? The answer, at least in the U.S. framework, has become increasingly clear. Human authorship remains the anchor. AI-assisted work can contain protectable human expression, but prompting alone is not a magic authorship machine.

That debate was important, but it was never the whole war.

The more consequential fight is now moving to the other side of the pipeline. Not who owns the output, but what the system consumed before it produced the output. Not whether a user wrote a clever prompt, but whether the model was trained on books, songs, images, journalism, code, scripts, photographs, forum posts, academic papers, and other protected materials without permission, compensation, or meaningful disclosure.

This is where digital authenticity becomes structurally important.

A finished image can carry a label saying it was AI-generated. A chatbot can disclose that its response was produced by a model. A creative tool can attach a credential showing that generative AI was used. But none of that answers the more difficult question. What was the machine made from?

If the output is the visible artifact, the training data is the hidden inheritance. Copyright law is now forcing the industry to confront that inheritance. Courts, regulators, publishers, authors, musicians, artists, agencies, enterprise buyers, and investors are all circling the same underlying weakness: the generative AI economy has produced extraordinary output volume without a reliable public chain of input accountability.

The industry built machines that can generate, remix, imitate, summarize, synthesize, and simulate at massive scale. What it often failed to build was a trustworthy receipt layer.

Provenance is not a label

One of the reasons the authenticity conversation keeps getting weaker in public is that people reduce it to labels.

Was this made by AI? Was this edited? Was this captured by a camera? Was this voice synthetic? Was this image manipulated? Did the platform put a little badge on it? Those questions matter, but they are not the whole issue. A label is an interface. Provenance is an evidentiary system.

A label tells the viewer what they are supposed to understand. Provenance gives the viewer, the publisher, the platform, the buyer, the regulator, or the court a way to inspect why that claim should be trusted. The difference is not cosmetic. It is the difference between a warning sticker and a chain of custody.

Content Credentials and the C2PA standard are important because they point toward that chain-of-custody model. A file can carry cryptographically signed information about its origin, edits, and production history. A camera can sign media at capture. Editing tools can add records as changes happen. Platforms can preserve and surface those records instead of stripping them out. The viewer does not have to trust the caption alone. The artifact can carry part of its own history.

That does not make the artifact true. A signed photograph can still be misleading. A real video can still be taken out of context. A properly labeled AI image can still be used dishonestly. Provenance is not truth. It is evidence about the artifact. That distinction is essential.

The next phase of digital trust will not be won by organizations promising that everything they publish is true. It will be won by organizations that can show what they know, what they do not know, what changed, who changed it, which systems touched it, and where the record begins.

The point is not to eliminate deception. That is impossible. The point is to make deception more expensive, more traceable, and less operationally convenient.

Detection is the wrong center of gravity

Detection is seductive because it promises a simple answer after the fact. Upload the image. Scan the text. Analyze the voice. Estimate whether it was machine-generated. Give the user a score. Call it solved. It is not solved.

Detection has a role, but it is a weak center of gravity for a synthetic media environment. Every detector becomes part of an arms race. Every watermark becomes a target. Every classifier has edge cases. Every platform-level enforcement system will face adversarial pressure, false positives, false negatives, laundering, compression, re-encoding, screenshotting, translation, paraphrasing, style transfer, and deliberate obfuscation.

Detection is useful when receipts are missing. It is not a substitute for receipts.

This is especially true for text. The public became obsessed with AI-writing detection long before the tools were reliable enough to justify the confidence placed in them. Schools, publishers, employers, and institutions wanted a mechanical way to determine whether a paragraph came from a person or a model. The deeper question was often ignored. Why was authorship being judged by forensic guesswork after submission instead of by a documented process before publication?

In serious settings, the future cannot be built around guessing. It has to be built around recorded creation.

That is where the old “digital authenticity” frame becomes too narrow. The issue is not merely whether someone can detect synthetic content. The issue is whether serious organizations can design workflows where important digital artifacts are born with records, retain those records, and pass them forward.

The center of gravity has to move from suspicion to provenance.

The training-data problem changes everything

Once we move upstream, authenticity stops being a media feature and becomes a supply-chain discipline. A model is not just software. It is software shaped by data, architecture, training runs, fine-tunes, reinforcement signals, evaluation choices, safety interventions, deployment constraints, and user feedback. Two systems with similar interfaces may have radically different histories. One may have been trained on licensed corpora, curated public-domain material, enterprise-owned data, and documented synthetic data. Another may have absorbed scraped, pirated, sensitive, copyrighted, low-quality, or poorly documented material at scale.

To the end user, both may look like a text box. To a rights holder, buyer, regulator, insurer, or board, they are not the same object.

This is why training-data transparency has become one of the central pressure points in AI governance. It is not only a moral demand from creators, although that matters. It is a business requirement for anyone who has to rely on the system. If a company uses an AI model to generate marketing, legal drafts, product concepts, code, research summaries, customer communications, medical content, or financial analysis, the model’s hidden history becomes part of the company’s risk environment.

A vague vendor assurance is no longer enough. “We use publicly available data” is not a provenance statement. “We respect copyright” is not a chain of creation. “Our model is safe” is not an audit record. “We do not memorize protected content” is not a license inventory. “We have filters” is not evidence of lawful training.

The serious question is not whether a model can produce impressive outputs. The serious question is whether the organization deploying it can defend the system’s origin, constraints, and use under pressure.

That pressure may come from litigation. It may come from regulators. It may come from procurement. It may come from investors. It may come from customers. It may come from journalists. It may come from creators whose work appears to have been absorbed without permission. It may come from internal counsel asking a very simple question after a very expensive mistake: What exactly did we buy?

The AI bill of materials becomes inevitable

Software already went through a version of this transition. For years, companies treated software dependencies as invisible plumbing. Then supply-chain attacks, open-source vulnerabilities, regulatory pressure, government procurement requirements, and security incidents made that invisibility unacceptable. The software bill of materials became a way to identify components, dependencies, licenses, and vulnerabilities inside software systems.

AI is now heading toward a similar moment, but the problem is harder. An AI bill of materials cannot simply list libraries. It has to describe the materials and processes that shaped a system’s behavior. It has to account for datasets, data sources, licenses, collection windows, filtering methods, synthetic-data generation, model architecture, training lineage, fine-tuning steps, evaluation benchmarks, safety layers, retrieval sources, tool integrations, deployment context, and update history.

That sounds bureaucratic only to people who have never had to defend a system after failure.

For executives, this is where authenticity becomes operational. A good AI bill of materials is not a decorative compliance attachment. It is a management tool. It tells the organization what the system is, where it came from, what it depends on, what it is allowed to do, what it should not be used for, and what evidence exists if the system is challenged.

For creators and rights holders, it creates leverage. It becomes harder for model providers to hide behind abstraction when the law, market, or procurement process demands a meaningful summary of training content. For buyers, it creates a basis for comparison. Two vendors may offer similar performance, but only one may be able to provide credible documentation. For regulators, it creates a path away from vague principles and toward inspectable records. For courts, it gives disputes something firmer than marketing language and technical mystique.

The AI bill of materials will not solve every copyright problem. It will not settle every fair use argument. It will not turn opaque foundation models into glass boxes overnight. But it moves the burden of proof in the right direction. It says that in a synthetic economy, serious actors do not merely generate. They document.

The new copyright question is who can prove the process

The output-side copyright debate revealed one problem. The input-side copyright debate reveals another. Together, they point toward the same missing layer.

On the output side, a claimant may need to show where the human authorship is. Did a person make expressive choices? Did they select, arrange, edit, transform, or materially shape the work? Can those choices be identified? Can they be separated from machine-generated material? Can the record support the claim?

On the input side, a model provider may need to show what material was used, how it was obtained, whether licensing mattered, whether opt-outs were honored, whether text-and-data-mining exceptions apply, whether pirated sources were included, whether copyrighted works were retained, and whether outputs create substitution, memorization, or market harm.

Both fights are fights over process. This is the point too many AI discussions miss.

Copyright is not becoming irrelevant because AI can generate endlessly. Copyright is becoming more evidentiary. It is becoming more dependent on records, logs, provenance, documentation, and auditability. The romance of authorship is colliding with the machinery of production. That collision will reshape creative industries.

Studios, publishers, agencies, brands, software companies, and AI vendors will increasingly need to know not only what was produced, but how. A campaign image that looks beautiful but cannot be cleared may be a liability. A voice clone with unclear consent may be a litigation trigger. A generated article with no human-authorship record may be commercially weaker than expected. A model trained on questionable data may become a procurement problem. A vendor that cannot document its pipeline may lose to one that can.

In the old creative economy, the asset mattered most. In the AI-mediated creative economy, the asset and its process history become inseparable.

Authenticity becomes market power

The provenance debate is often discussed as if it were only about ethics or safety. That misses the market structure. The ability to prove origin will become a competitive advantage.

Large platforms understand this. Camera makers understand this. Creative software companies understand this. News organizations understand this. Enterprise buyers are beginning to understand it. Governments certainly understand it. The organization that controls the verification layer controls more than a badge. It controls friction, distribution, trust, monetization, liability, and access.

If a platform decides which provenance signals are surfaced, it influences what audiences believe. If a creative tool decides which credentials are attached, it shapes how authorship and modification are understood. If a model provider decides how training-data summaries are written, it shapes the visibility of upstream rights. If a marketplace requires certain authenticity records, it determines which assets can move freely. If procurement teams demand model documentation, they change vendor economics.

The chain of creation is becoming a gatekeeping mechanism.

This does not mean every provenance system is inherently good. A badly designed system can exclude independent creators, favor incumbents, create surveillance risks, bury important context, or turn authenticity into another platform-controlled toll road. If only the largest companies can afford to generate trusted records, the authenticity layer could consolidate power rather than democratize trust.

That is why the architecture matters. An authenticity system that merely lets powerful institutions certify themselves will not be enough. A serious system needs open standards, durable records, privacy-sensitive implementation, independent verification, interoperability, and preservation across tools and platforms. It has to work for photographers, journalists, artists, publishers, agencies, researchers, software builders, and enterprise teams. It has to support disclosure without forcing every creator into a permanent surveillance file. It has to distinguish between provenance and truth. It has to leave room for anonymity, satire, sensitive reporting, and legitimate creative transformation.

The future of authenticity will not be decided only by technical standards. It will be decided by governance choices around who gets to issue trust, who gets to inspect it, who gets excluded, and who profits from the infrastructure.

Synthetic media makes weak institutions visible

Deepfakes are usually discussed as if they are the main problem. They are not. They are stress tests. A convincing fake image, voice, or video reveals whether an institution has a functioning trust architecture. Does the newsroom have verification procedures? Does the company have a crisis protocol? Does the platform preserve provenance? Does the campaign have authenticated communication channels? Does the financial institution have voice-based fraud controls? Does the executive team know how to respond before speculation becomes consensus? Does the public know what kind of evidence to expect?

Synthetic media does not create institutional weakness. It exposes it.

That is why the most dangerous failures are not always the most spectacular. The viral fake image that briefly moves attention is obvious in hindsight. The deeper risk is the slow degradation of evidentiary confidence. A real video is dismissed as fake. A fake document is believed because it confirms a suspicion. A brand statement is spoofed. A customer-service interaction is impersonated. A political recording circulates long enough to shape behavior before verification catches up. A company cannot prove that a controversial asset was licensed. A model provider cannot explain what a system learned from. A newsroom cannot show what happened between capture and publication.

The result is not simply misinformation. It is a rising trust tax. Every organization will pay it differently. Some will pay through legal review. Some through insurance. Some through lost audience confidence. Some through procurement delays. Some through political backlash. Some through platform enforcement. Some through court discovery. Some through brand damage. Some through internal paralysis because nobody can say what is safe to publish, deploy, buy, or trust.

Provenance reduces that tax. It does not eliminate it. But it gives serious actors a way to move faster without relying on vibes.

The audience is not the only stakeholder

The first wave of authenticity tools often framed the viewer as the primary beneficiary. Help people know what they are looking at. Help audiences understand whether content was generated or edited. Help citizens avoid being fooled.

That remains important, but the stakeholder map is wider now. The buyer needs provenance before signing a vendor contract. The publisher needs provenance before putting an image into circulation. The agency needs provenance before presenting campaign assets to a client. The client needs provenance before approving them. The insurer needs provenance before pricing risk. The regulator needs provenance before assessing compliance. The court needs provenance before evaluating claims. The creator needs provenance before asserting rights. The platform needs provenance before deciding whether to label, limit, remove, or monetize. The enterprise needs provenance before embedding a model into operations.

In that world, authenticity is not a consumer-facing label. It is a business control.

This is why the connection to AI governance is so direct. Governance without provenance becomes theater. A policy that says employees must use approved tools is weak if the company cannot track what tools were used. A copyright policy is weak if the company cannot record which assets entered the workflow. A responsible AI statement is weak if the vendor cannot document training data, fine-tuning, evaluation, and deployment boundaries. A disclosure rule is weak if the metadata disappears in the publishing pipeline.

The governance question is no longer whether an organization has principles. The question is whether the workflow produces evidence.

What serious organizations should build now

The practical direction is clear even if the standards are still evolving. Organizations that publish media need to preserve provenance from capture or creation through editing, approval, distribution, archiving, and reuse. That means configuring tools and content systems so authenticity records are not casually stripped away. It means treating provenance loss as a workflow failure, not an inconvenience. It means giving editors, clients, and legal teams access to the record before a disputed asset becomes public.

Organizations that buy AI systems need to demand documentation before deployment, not after controversy. They need to know what model they are using, what data categories shaped it, what restrictions apply, what evaluation evidence exists, what safety systems are in place, how updates are handled, and what the vendor will disclose if challenged. The question is not whether the vendor sounds responsible. The question is whether the vendor can produce records that survive scrutiny.

Organizations that create AI-assisted work need to document human contribution. That does not mean turning every creative act into paperwork. It means preserving enough process evidence to support authorship, licensing, disclosure, and client confidence. Drafts, edits, selections, source assets, prompts, human revisions, approvals, and final transformations may all matter when ownership or originality is questioned.

Organizations that operate platforms need to stop treating metadata as disposable. If provenance is stripped by default, the platform becomes part of the trust problem. If provenance is preserved and surfaced intelligently, the platform becomes part of the trust infrastructure.

Organizations that manage brands need to authenticate communication channels. A verified image is not enough if the account is compromised, the email is spoofed, or the executive voice can be cloned into a fraudulent instruction. Authenticity has to extend beyond media files into identity, access, messaging, and approval paths.

None of this requires mystical thinking. It requires treating digital creation as a supply chain.

The end of plausible deniability

The uncomfortable truth is that many organizations benefited from ambiguity. Ambiguity made it easier to use scraped data without asking too many questions. Ambiguity made it easier to publish AI-assisted work without documenting the human contribution. Ambiguity made it easier to buy tools without demanding provenance. Ambiguity made it easier to treat synthetic media as a novelty rather than an operational risk. Ambiguity made it easier to issue broad statements about responsible AI while leaving the actual workflow undocumented.

That era is closing. The direction of travel is visible. Copyright fights are becoming more concrete. Training-data transparency requirements are becoming more serious. Content provenance standards are maturing. AI governance frameworks are moving from values language toward documentation, accountability, and lifecycle management. Enterprise buyers are becoming more cautious. Creators are becoming more organized. Regulators are becoming more specific. Courts are beginning to separate output questions from input questions.

The organizations that wait for one perfect law or one universal standard will be late. The better strategy is to build the evidentiary habit now.

The question is not whether every future requirement is already clear. It is not. The question is whether your organization is learning how to preserve the chain of creation before someone else demands to see it.

Reality now needs paperwork

There is a temptation to mourn this as a loss. Reality should not need paperwork. A photograph should speak for itself. A voice should be recognized. A book should be attributable. A model should not require a passport. A creative process should not need an audit trail. A brand should not have to prove that its own statement is its own statement.

That world is gone. The better question is what replaces it. One possibility is permanent suspicion, where everything can be fake, every denial can be dismissed, every proof can be attacked, and every institution becomes just another contestant in the attention war. The other possibility is a more disciplined digital culture, where important artifacts carry receipts, serious claims come with inspectable records, and trust is rebuilt around evidence rather than familiarity.

That second future will not happen automatically. It has to be engineered into cameras, creative tools, publishing systems, AI models, procurement contracts, governance frameworks, and legal expectations. It has to be preserved across platforms. It has to be demanded by buyers. It has to be understood by executives. It has to be usable by creators. It has to be legible to audiences without reducing everything to simplistic badges.

The signature in the pixels was only the beginning. The real fight is the chain of creation.

In the synthetic economy, the organizations with receipts will not merely look more trustworthy. They will be more operationally resilient. They will move through disputes faster. They will negotiate from stronger ground. They will reduce legal ambiguity. They will protect creative value. They will separate professional practice from synthetic sludge.

The ones without receipts will still publish, generate, claim, deny, and explain. They will just be doing it on trust. And trust, without proof, is becoming a very expensive strategy.

About the Author: Markus Brinsa is the Founder & CEO of SEIKOURI Inc., an international strategy firm that gives enterprises and investors human-led access to pre-market AI—then converts first looks into rights and rollouts that scale. As an AI Risk & Governance Strategist, he created "Chatbots Behaving Badly," a platform and podcast that investigates AI’s failures, risks, and governance. With over 30 years of experience bridging technology, strategy, and cross-border growth in the U.S. and Europe, Markus partners with executives, investors, and founders to turn early signals into a durable advantage.

About the Author

Markus Brinsa is the Founder & CEO of SEIKOURI Inc., an international strategy firm that gives enterprises and investors human-led access to pre-market AI—then converts first looks into rights and rollouts that scale. As an AI Risk & Governance Strategist, he created "Chatbots Behaving Badly," a platform and podcast that investigates AI’s failures, risks, and governance. With over 30 years of experience bridging technology, strategy, and cross-border growth in the U.S. and Europe, Markus partners with executives, investors, and founders to turn early signals into a durable advantage.

©2026 Copyright by Markus Brinsa | SEIKOURI Inc.