
C2PA Adoption in the Tranco Top 1,000: May 2026 Snapshot
· Mahdi Kazempour, Founder, Original Pictures
Definition: An adoption snapshot measures how many high-traffic sites emit or preserve C2PA provenance, broken down by sector, as a point-in-time read on ecosystem momentum.
TL;DR: Adoption is concentrated in creative tools, large platforms, and camera and AI vendors, and thin almost everywhere else. The signal is direction, not saturation: the standard has crossed from pilot to production in a handful of sectors and is early in the rest.
Method, and its limits
We sampled the Tranco top 1,000 and checked for C2PA emission or preservation in served images and documented platform behavior. This is a coarse read: it catches sites that sign or preserve in obvious ways and misses private pipelines. Treat the percentages as directional, not precise.
Where adoption is real
Creative and AI vendors lead, because the tools generate signed output by default: Adobe across Creative Cloud, OpenAI on Sora 2, Google on Pixel and parts of its stack. Large platforms show preservation and labeling behavior, with Meta scanning for C2PA and IPTC and Cloudflare preserving through transforms. Camera makers ship signing on flagship bodies.
Where it is thin
Most of the long tail does not emit or preserve provenance yet. News sites are uneven, e-commerce is sparse, and many CMS-driven sites strip metadata without realizing it. That gap is the opportunity and the risk: regulation arrives in August 2026, and most sites are not ready.
Reading the trend
The shape matters more than the snapshot. Provenance improves with adoption, unlike detection, which degrades. A standard that is production-grade in the tools that create content, and increasingly preserved by the platforms that distribute it, is on the adoption curve that compounds.
FAQ
Is this a precise adoption rate?
No. It is a directional sample of high-traffic sites with known method limits. Use it to read momentum by sector, not as a census.
Where Original Pictures stands today
Original Pictures ships three things today: a Sign API, a Verify API, and the SDKs that wrap them. One POST /v1/sign attaches a C2PA-format manifest, an invisible TrustMark watermark, and an OpenTimestamps anchor. The open-source verifier checks any of it without calling us.
Two things are on the near roadmap, and we name them as roadmap, not as shipped: C2PA Conformance Program recognition (target Q3 2026, until then our manifests use the published C2PA v2.2 format and any C2PA-aware validator can read them, but third-party validators will show our signer as not-yet-listed), and a consumer capture app (Q3 2026). We do not sell a capture SDK, and we do not claim Trust-List membership we do not yet hold.
Bottom line: C2PA is production-grade in creative and AI tools and early everywhere else. With Article 50 landing in August 2026, the unprepared long tail is where the next wave of adoption has to happen.
Related
Original Pictures is progressing through the C2PA Conformance Program; our signing certificate is not yet on the official C2PA Trust List. Target: Q3 2026. We will not describe ourselves as "C2PA-certified" until it is true.
Original Pictures provides content-provenance infrastructure. It does not by itself constitute legal compliance with the EU AI Act or any other regime; compliance depends on how you deploy it, your disclosures, and your governance. Figures are drawn from public reporting, verify against primary sources before citing in regulated materials. Nothing here is legal advice.
Last verified 2026-05-25. Author: Mahdi Kazempour, Founder, Original Pictures.