Google’s Pixel 10 lineup is the company’s first to fully embrace C2PA metadata, a cryptographically signed standard meant to track image origins and expose manipulation. On paper, that’s the perfect safeguard in a time when powerful generative AI image editing blurs the line between fact and fiction.
As Android Authority’s Rita El Khoury discovered, the Pixel’s “AI signature” watermark is surprisingly easy to nuke in practice. But it’s still useful, especially when taken in the context of the remaining metadata.
Deleting C2PA metadata is simple
Faking it, not so much
Pixel 10 Pro features like 30×-100× Pro Res Zoom rely on genAI tools, and always include the relevant C2PA signature.
For context, EXIF is typical metadata that phones and cameras have applied to new images for years. C2PA is a more advanced standard that allows additional source verification built for today’s ever-evolving set of powerful tools, like generative AI image editors.
With a simple command-line application called exiftool, El Khoury easily stripped out every trace of the Content Credentials applied to Pixel 10 images. A blunt exiftool [filename] command wipes all EXIF and C2PA metadata in one sweep, leaving the photo completely bare of timestamps, camera info, or AI markers. That’s a red flag on its own, because real photos almost always carry some baseline metadata.
But there’s a cleaner method that’s even more effective. A command of exiftool -jumbf:all= [filename] specifically targets the section where C2PA metadata lives, while leaving everything else intact. The result is a photo that still looks like it came from a Pixel 10 — with date, aperture, ISO, GPS, all preserved — but with zero explicit trace of AI involvement. When checked in Google Photos or the Content Credentials verifier, it passes as a normal image with no history of edits.
Why the C2PA data (or its absence) still makes a difference
“Media captured with a camera” at the bottom of the first image indicates intact C2PA metadata. The second image’s lack of that data should sound alarm bells.
Such a simple deletion process sounds bad, but there’s an important caveat: removing C2PA is easy, and forging it is not. C2PA isn’t just a list of tags. It’s tied to the actual pixels through a cryptographic hash. Any attempt to swap metadata between images, or reinsert doctored tags, immediately breaks the fingerprint. Apps like Google Photos then flag the file as tampered, showing a “media information missing, modified, or unrecognized” warning.
The real tell is what’s missing. Every Pixel 10 capture should at least include a “Captured with a camera” tag. If a supposedly fresh Pixel 10 photo lacks that line, something’s off. Either the C2PA record was scrubbed, or the EXIF data was spoofed. Neither scenario screams authenticity.
Even incomplete or inconsistent metadata can expose manipulation. An otherwise legitimate-looking EXIF entry without a C2PA log, especially from a device that always embeds one, is suspicious. While average users might not be able to spot the difference at first glance, enthusiasts, journalists, or verification tools probably will.
All told, the Pixel 10’s AI watermark is easy enough to delete with a single command, but you can’t eliminate every trace. Missing tags, incomplete records, or unexplained holes in the metadata still leave digital breadcrumbs — and those gaps might be just as telling as the watermark itself.
