Today Google announced it’s bringing deepfake detection to Chrome and Search. OpenAI announced it’s joining the C2PA provenance standard and integrating Google’s SynthID watermarking into its products. Both companies framed this as making AI-generated content easier to identify.

The announcements sound responsible. The math doesn’t.

Here’s what the detection tools do: they check whether an image was made by Google or OpenAI. Google’s Gemini can spot AI fakes — but only its own. OpenAI’s new verification tool will initially only check images generated by OpenAI products. C2PA metadata — the provenance standard both companies are championing — embeds origin data into the file. SynthID adds an invisible watermark. Together, they create a chain of custody for content that left the factory with a label.

Here’s what the detection tools don’t do: detect the deepfakes that are actually destroying people’s lives.

96 to 98 percent of all deepfake content online is non-consensual intimate imagery. 99 to 100 percent of victims are women. None of this content is made with DALL-E or Gemini. Both tools refuse to generate it. The guardrails work. The detection is redundant.

The actual harm comes from somewhere else entirely. Researchers at Lancaster University identified almost 35,000 deepfake model variants publicly downloadable on Civitai alone — downloaded nearly 15 million times since November 2022. 96 percent of these models target women. 98.4 percent of downloads are concentrated on female-targeting variants. The base models are Stable Diffusion and Flux. The technique is LoRA fine-tuning. The requirements: 20 images of the target, a consumer graphics card, and fifteen minutes.

DeepFaceLab, a single open-source tool, claims that more than 95 percent of deepfake videos are created with its software. Nearly 200 “nudifying” applications exist, requiring no technical knowledge at all. Type a name, upload a photo, wait. The output carries no watermark, no C2PA manifest, no SynthID signature. Nothing for Chrome to detect. Nothing for the verification tool to find.

And the detection layer that does exist has a structural problem: every major social media platform strips C2PA metadata on upload. Instagram, X, LinkedIn, TikTok, Facebook, WhatsApp, iMessage — all of them re-encode images during processing, silently removing the provenance data. The watermark arrives at the platform and the platform throws it away. C2PA 2.0 introduced “soft bindings” — invisible watermarks that survive re-encoding — but adoption is early and the stripping problem is now.

So the architecture looks like this: Company A builds a tool that generates images with safety guardrails. Company A adds a watermark to those images. Company A builds a detector for its own watermark. The images that needed detecting — the 96 percent that are sexual abuse material, built with open-source models on consumer hardware, distributed on platforms that strip metadata — pass through the entire system unmarked and undetected.

The question isn’t whether watermarking is a good idea. It is. C2PA is a genuine standard backed by Adobe, Microsoft, Intel, and now Google and OpenAI. SynthID is technically impressive. The engineering is real.

The question is who this protects.

If you’re worried about whether a product photo was AI-generated, or whether a news image was real, these tools help. If you’re a sixteen-year-old girl whose classmate used a free app and twenty photos from her Instagram to generate images of her that are now circulating on Telegram — none of this exists. The watermark was never there. The metadata was never embedded. The detection tool has nothing to detect.

The companies building the responsible tools aren’t the ones building the harmful tools. That’s true. And that’s the problem. The announcement is aimed at a threat their own products already prevent, while the actual threat — open-source, decentralized, downloaded fifteen million times, requiring fifteen minutes and a laptop — operates in a space where watermarks and metadata standards are irrelevant.

It’s the equivalent of a car manufacturer announcing a breakthrough seatbelt — for parked cars.

The seatbelt is well-engineered. The car isn’t moving. And down the highway, 35,000 vehicles are doing 90 without restraints, and nobody is asking for their VIN.

// NEON BLOOD

Sources: TechCrunch, TechBuzz AI, Lancaster University / arXiv (Deepfakes on Demand), Keepnet Labs, AIIP, Truescreen