Two Provenances: Decision Audit vs C2PA Content Authenticity

1. One Word, Two Different Proofs

“Provenance” gets used for two genuinely different properties, and a lot of confused architecture comes from treating them as one:

• Content provenance proves that an artifact — an image, a document, a file — is authentic and has not been altered since it was created, and records how it was produced and edited.
• Decision provenance proves how an AI decision was reached — the reasoning path, the evidence touched, the framework in force at the time — replayable by an independent party.

The first is about the integrity of a thing. The second is about the reconstructability of a process. Both matter; neither is the other.

2. The Distinction, From a Practitioner Who Builds the Other Half

The cleanest way to draw the line is from someone working the content-provenance side. William Kempster, who works on durable media provenance to the C2PA and AIUC-1 standards, put the boundary precisely in a June 2026 exchange:

That is exactly the right register: a content-provenance system is not claiming to decide what is true; it is making the record of how something came to be verifiable. It is the same discipline this series applies to decisions — prove the path, name what you do not prove.

3. What C2PA Proves

C2PA — the Coalition for Content Provenance and Authenticity — is an open standard for attaching tamper-evident provenance metadata to digital content. A viewer, or a verifier, can check where a piece of media came from, how it was changed, and whether the provenance has been altered. It is used for media authenticity and for AI-content disclosure.

What C2PA establishes is the integrity of the artifact: this file is what it claims to be, produced and edited in this recorded way, and not silently altered since. That is a real and necessary property — and it is a different property from being able to reconstruct the reasoning of an AI decision.

4. Where the Two Compose

Take the example a regulator actually uses: a credit-scoring decision is challenged. Two questions follow, and they need two different proofs:

• Is the record authentic and unaltered? — a content-provenance question. Has the decision record been changed since it was made?
• Can the reasoning be rebuilt? — a decision-provenance question. Under the rules in force at the time, can the path to the outcome be reconstructed by someone who was not there?

One proves the record is intact; the other proves the reasoning is reconstructable. They correlate cleanly — content provenance can anchor that a decision record is authentic, while a reasoning-path substrate produces the path that becomes that record. The honest framing is composition, two layers that sit next to each other, each proving one property and naming where it stops. It is explicitly not a single merged product, and neither layer claims the other's job.

5. Both Show Up in the EU AI Act

The Act touches both surfaces. The Article 50 transparency and AI-content disclosure obligations align with content-provenance approaches like C2PA — covered in AI content disclosure requirements. The Article 12 record-keeping obligations, and the post-Omnibus expectation that decisions be reconstructable, align with decision provenance. A serious high-risk audit-trail architecture is likely to draw on both: content provenance for the integrity of the artifacts, decision provenance for the reconstructability of the reasoning — the argument developed in proof precedes permission.

The discipline that keeps this honest is the same one C2PA practitioners apply to their own work: prove the narrow thing your layer proves, and do not claim to be the arbiter of the whole stack.

Continue Reading

• AI Content Disclosure: EU Requirements
• Proof Precedes Permission: The Substrate Seam
• The Offline Proof Verifier for AI Decisions
• The EU AI Act Audit-Trail Stack (pillar)

Frequently Asked Questions