It’s surprisingly easy to remove Google’s digital AI watermark on the Pixel 10

Like the Samsung Galaxy S25, Google’s new Pixel 10 series is adopting C2PA metadata for digital media authenticity. Anytime the phones take a photo or edit it, they embed a watermark in the final image that traces its origin and any changes made to it. Google, like Samsung, is following this standard to help combat all inevitable confusion around an image’s provenance and veracity on the internet. Is this photo real or AI? Or is it real with AI embellishments? C2PA metadata answers these questions.

When I received my Google Pixel 10 Pro, I wondered: Can I remove this data? Can I edit it or fake it? So I installed exiftool and started digging. What I discovered is both alarming and comforting in different ways.

All apps and websites have to be updated with C2PA metadata support to be able to attach it to an image or read it. On the Google Pixel 10, both Pixel Camera and Google Photos have this new feature, so they can append and read an image’s provenance and manipulation log. However, all of my transferred Pixel 9-and-earlier photos don’t show any C2PA metadata, even when I view them on the Pixel 10. That’s because the camera app on older Pixels didn’t embed the watermark from the start. If I edit them with Photos on the Pixel 10, though, they’ll show that they were altered.

Concretely, any new photo I take with the Pixel 10 will show a Media captured with a camera in the Google Photos app. Panoramas even specify Media captured with a camera, multiple images were combined. That’s your sign that a photo is as real as it could be.

If it’s not a straight pic but something like a portrait or long exposure, where there’s no generation of any kind, just a simple manipulation, there’s an extra Edited with non-AI tools mention. Even Add Me shots fall in this category because they composite something real straight from the camera. The same tag also shows up if I use Google Photos for simple edits like cropping, changing brightness, or applying filters.

But if I edit a photo with Magic Editor and use generative AI to erase, move, or resize something, thus creating a fake reality, Google quickly adds an Edited with AI tools mention. This is also the case for the 30x-100x Pro Res Zoom on the Pixel 10 Pro because it’s gen AI-powered.

The only app that doesn’t embed this data correctly is Pixel Studio. It uses an older and weaker IPTC standard and displays a prominent “AI info” box that states it can be modified. C2PA, on the other hand, is encrypted and signed — I’ll get to that later.

Other websites, like the C2PA’s official Contents Credentials page, will display this same information when I check these photos, but they might word it a bit differently. Either way, the photo’s origin or manipulation is very clear on apps and websites that support C2PA.

It is very easy to erase C2PA metadata

My first attempt to manipulate the C2PA metadata was to hammer it with zero finesse. I used exiftool for a clumsy:

Even though C2PA isn’t technically part of the EXIF, exiftool could handle it all the same. It removed all EXIF info and all C2PA metadata from my gigantically-eared dog photo above, leaving zero information on both Google Photos and the Content Credentials verifier.

That’s clearly suspicious, though. Any real photo should have some basic metadata attached to it — date and time of capture, camera used, aperture and shutter speed, perhaps even GPS location. Erasing all of this suggests tampering.

I then tried to pinpoint specific C2PA params to delete, but with over 300 lines of metadata to compare, I found this was an impossible task unless I had all the time in the world. Turns out there’s an easier method: I discovered that C2PA metadata isn’t saved inside the EXIF segment, but in a specific JUMBF segment of the JPEG files I was looking at. And exiftool can erase all JUMBF data — only JUMBF data — in one fell swoop.

With that simple command, I could erase all C2PA metadata attached to this 100x Pro Res Zoom photo originally “Edited with AI tools” while keeping the rest of the EXIF intact. Time, date, camera; everything was left untouched. I verified this on both my Google Pixel 10 Pro and on the Content Credentials website — neither of them could signal any AI action. Sure, that doesn’t say the photo is real, but it no longer has any embedded proof that it’s been altered by AI. And that leaves the door open for interpretation.

If you’re tech-savvy, though, you might detect a telltale sign: When you see basic EXIF for a photo captured by the Google Pixel 10 (or any phone you know should embed C2PA) but where the “Captured with a camera” tag is missing, this should alert you. If it’s not there, then either someone faked the phone in EXIF or erased the entire C2PA metadata to remove any sign of AI manipulation.

My first goal when I started messing with this C2PA metadata on my Pixel 10 was to see if I could fake it. Can I make an AI-edited image appear as if it were straight out of the camera, or make a real image appear as if it were edited? Basically, can a nefarious person use it to alter reality?

My basic attempts were all failures. The most straightforward method I could think of was to swap C2PA metadata between two images. Take one real photo, edit it with Magic Editor, then swap the metadata between AI and real. Swapping was as easy as using the “-tagsfromfile” command in exiftool. But the result was immediately flagged by Google Photos as “media information missing, modified, or unrecognized,” and by Content Credentials as “tampered with.”

Turns out that C2PA metadata isn’t a list of simple text tags; it’s designed with a built-in cryptographic security check that acts like a digital fingerprint. This fingerprint is a secure hash that ties the metadata (provenance and editing record) with the image’s specific pixels. When a C2PA-enabled application like Google Photos opens a photo, it creates a new hash and compares it to the one embedded in the metadata; any mismatch immediately invalidates the C2PA record. So even if I harmlessly enlarged the ear of this cute dog, the pixel difference is enough to be flagged, and Photos can confidently say the metadata doesn’t match the image.

I could’ve saved myself some time by researching how C2PA works exactly before doing this, but where’s the fun in that? Learning by doing and messing up is nicer. Now, I didn’t delve too far into the dark nooks of the internet to see if there are illicit ways to mess with C2PA, but from what I can see, it’s not easy to fake the credential, at least not for someone moderately tech-savvy like me. Whew, that’s a big relief!

While faking C2PA is difficult, it’s concerning how easy it is to remove the AI signature. Just keep in mind that if you see a photo from a Pixel 10 that looks fake but has no C2PA marker, it was likely scrubbed with the -jumbf command.