Copy link to clipboard
Copied
I export a photo, enabling Content Credentials attached to the export. If I then extract the thumbnail, it turns out to have hundreds of lines of EXIF data including at least the camera and time/date. First of all, there's an issue as to whether that EXIF actually adds value, but more important, it's not hard to think of occasions where I might want to attach provenance to a photo but not disclose further details. I regard this as a serious privacy vulnerability.
[moved from bugs to discussions according to the community rules - Mod.]
Copy link to clipboard
Copied
First, AFAIK Content Credentials does not control whether or not camera EXIF etc are included - for that, one would look to the Metadata section of the export settings.
Second, are you saying that when certain EXIF has been set to not be included, extracting the thumbnail from the exported file is still showing that EXIF nonetheless? If so, what file format are you exporting to?
Copy link to clipboard
Copied
Well, that was the right question. I exported twice, once with all metadata and once with copyright-only, and indeed the EXIF on the C2PA thumbnail is much reduced and omits the camera ID (but retains the date).
But I still have a couple of questions:
1. Does Lr need separate EXIF-export-control options for the main picture and the C2PA thumbnail?
2. Is there a case for dramatically reducing the thumbnail EXIF in principle, to slim down C2PA overhead and generally be conservative on the privacy front? This needs some thought about what the purpose of the thumbnail is in Content Credentials, and does it need hundreds of EXIF fields to achieve that purpose?
Copy link to clipboard
Copied
So I wondered "what is the intended purpose of the thumbnail claim?" Basic Web searching doesn't turn up that much.
In https://c2pa.org/specifications/specifications/1.0/guidance/Guidance.html the references to the thumbnail refer to only use for visual reinforcement by humans.
In the official spec there's https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html#thumbnail_assertion...which says "The data in a thumbnail assertion shall be the bits of a file (such as a raster image) in whatever format is desired by the claim generator." Hmm.
Then in https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html#thumbnail_assertion there's "it may be useful to also include a thumbnail of the ingredient to help establish the state of the ingredient at the time of import." Well, the EXIF data is part of the state. But I'm having a really hard time seeing how most of the hundreds of EXIF fields would be of any use.
Copy link to clipboard
Copied
I just skimmed the current C2PA spec for the first time:
https://c2pa.org/specifications/specifications/2.1/specs/C2PA_Specification.html
and searching for "thumbnail", it doesn't appear to provide any requirements or guidance on thumbnail metadata. It appears to be entirely up to the application that's attaching the credentials, that is, up to Adobe to decide what they're trying to accomplish, as you clearly explained in your questions.
Copy link to clipboard
Copied
Hi Tim, your research on the spec and purpose of the thumbnail assertion is spot on. I don't believe there is a compelling case for preserving EXIF in thumnails except that it's generally good practice to _not_ remove metadata that a user may have included by design. That said, the thumbnail assertion is for visual reference.