Skip to content

What Actually Protects Your Wedding Photos from AI in 2026

The short answer

Watermarks, Glaze, Nightshade, opt-out registries, and DMCA takedowns all assume the same thing: that you can prove the image was yours in the first place. The boring pre-step almost nobody talks about, embedded IPTC copyright and creator metadata at export time, plus C2PA Content Credentials where your camera supports it, is the prerequisite that makes every downstream protection actually work.

On Monday morning a thread on r/WeddingPhotography went up alleging another photographer was using AI to ingest, restyle, and repost other shooters' wedding work as their own. By Tuesday it had hundreds of comments. By Wednesday the same week, r/photography ran its own thread titled "Does anyone know of a way photographers can protect their work from being stolen?" Different sub, same panic.

Three days into that conversation, PetaPixel reported that Minnesota had passed a landmark bill banning AI nudification apps. The same morning, Meta announced 8,000 layoffs to fund its AI push. Two days earlier, Fstoppers ran a piece called "Built With One Light and Zero AI", which read less like a tutorial and more like a quiet manifesto.

This is not a one-week story. The question wedding clients are starting to ask in consultations is now real. Will my photos end up in an AI training set, and what actually protects my photos from AI? The pros who can answer that question with something more substantive than "I hope not" are about to have a real edge.

The honest answer involves accepting that most of the loud protection options on offer are partial at best. The unsexy step that makes everything else work is the one almost nobody is leading with.

The conversation wedding photographers are now having

Read the r/WeddingPhotography thread with the comments expanded. The pattern in the responses is consistent. Photographers describe finding their wedding work reposted on Instagram with someone else's logo, their galleries scraped to seed AI style training, their portfolio pages lifted wholesale and re-skinned. The advice in the comments is the predictable mix: register your copyrights, file DMCA takedowns, add visible watermarks, use Glaze, switch to a Pixieset gallery with downloads disabled.

Every one of those answers is real. None of them is sufficient on its own, and almost none of them will work if the photographer cannot prove the file was theirs to begin with.

That last clause is the part the comments skip over. Watermarks can be cropped or AI-removed. Style-disruption tools work under specific assumptions about the model. DMCA notices require an authorship claim you can substantiate. Pixieset disabling downloads does not stop a screenshot. The thread is a textbook example of working photographers asking a real question and getting tactical answers without an underlying foundation.

The foundation is provable authorship. The tools above are layers on top of that foundation. Without the foundation, the layers do less than they look like they do.

The court rulings from late 2025 into early 2026 do not reassure photographers. In November 2025 the UK High Court dismissed Getty Images' primary copyright infringement claim against Stability AI, reasoning that the Stable Diffusion model does not store its training data and Getty could not prove specific outputs were derived from its images. Getty did win a narrow trademark claim where the model historically generated Getty watermarks. In December 2025 the trial judge granted Getty permission to appeal, so the story is not finished, but the first major ruling went to the AI side.

The US picture is more open but slower. Andersen v. Stability AI, the class action originally filed by visual artists in January 2023, has moved into discovery with a trial set for September 8, 2026. Judges have allowed the core copyright claims to proceed rather than dismissing them, which legal coverage in early 2025 called significant. The New York Times case against OpenAI is also moving: in January 2026 a judge ordered OpenAI to produce 20 million ChatGPT logs in discovery, affirming a magistrate ruling and overruling OpenAI's privacy objections. The case continues to move toward trial.

The pattern across all three cases: it is hard to win a copyright claim against a trained model when you cannot point to the specific files the model ingested. The plaintiffs with strong metadata and clear provenance trails are the ones with the most defensible claims. That is not a coincidence.

What does NOT fully work, and why

Here is the pile of options the r/photography thread keeps recommending. Each one is real. None of them is the complete answer, and being honest about what they do and do not do is part of being trustworthy with clients.

Tool What it does What it does not do
Visible watermarks Deters casual lift, signals authorship Croppable, AI-removable, ugly on delivery galleries
Glaze Disrupts style mimicry by adversarial perturbation Has to be applied per-image; specific to known model architectures; an arms race
Nightshade "Poisons" images so they damage models that train on them Same arms-race problem; effective only against models that scrape your images
Have I Been Trained Lets you search the LAION dataset and add domains to a Do Not Train registry Only as good as the AI vendor's willingness to honor it
DMCA takedowns Force a takedown of identifiable infringing posts Slow; requires a registered copyright; only works for direct copies, not derivatives
Pixieset / SmugMug "disable downloads" Raises the friction of the casual save Does not stop screenshots, screen recording, or right-click-save in dev tools
Adobe Content Authenticity opt-out Adds a "do not train" preference to Content Credentials Adobe's own docs call it a "request"; only Adobe Firefly and Spawning currently honor it

That last column is the part nobody puts on the marketing page. Read Adobe's own preference documentation. The opt-out is described as a request. The legal framework for enforcement does not exist yet. The list of AI providers that respect the request fits in two names.

This is not an attack on these tools. They all reduce risk along specific dimensions. The mistake is treating any one of them as the answer instead of as a layer.

The boring pre-step that actually protects your photos

Here is the question almost no one in those threads asks: when a stolen photo of yours surfaces, can you actually prove the original is yours?

The answer for a depressing percentage of working pros is "kind of, with effort." The original RAW lives on a backup drive somewhere. The catalog has it. The contract is in HoneyBook. The delivered file on the client gallery has had its EXIF stripped by Pixieset's export pipeline or Instagram's upload reprocessor. There is a chain of custody, but it is held together with personal memory and account login screenshots.

The fix is older than the AI conversation. The International Press Telecommunications Council Photo Metadata Standard (most recent version 2025.1) defines the rights-related fields that have been the legal substrate of professional photo licensing for decades. The ones that matter for AI-era provenance:

  • Copyright Notice ("© 2026 Kenny Kindall, All Rights Reserved")
  • Creator (your name as the author)
  • Creator Contact Info (your business email and website)
  • Copyright Owner (you, with optional identifier like a website URL)
  • Web Statement of Rights (a URL to your licensing terms)
  • Rights Usage Terms (free text: "Permission required for AI training, indexing, derivative use, or model distillation")

Every one of these fields is read by every catalog tool, every stock-agency intake pipeline, every news desk image-handling system, and every reverse-image-search service. They survive most professional export paths. The IPTC standard added explicit AI-generated content properties in version 2025.1, which is the working group's quiet acknowledgment that this is the right layer for the conversation.

When you file a takedown, when you license a stolen image to a stock agency that found it, when you go to court, the existence of these fields in the original delivered file is the difference between a clean claim and a long argument.

The catch: most photographers know this in the abstract and do not have it consistently embedded in every delivered file. The IPTC fields are not the default in most camera-to-delivery pipelines. They have to be set somewhere and re-applied at export. If they are not, the rest of the protection stack is fighting from behind.

It gets worse on the way out. The IPTC ran a multi-year investigation into what Facebook does with photo metadata and found Facebook retains some IIM-format rights fields (Creator, Copyright Notice) but strips most XMP-format metadata entirely. Instagram strips the EXIF block from public images and adds its own. The takeaway is not "do not post on Instagram." The takeaway is that the social copy is the unprotected copy. The original delivered file you sent the client is the one that has to carry the metadata. (Adjacent reading: Wedding photo privacy in 2026 covers what is and is not stripped on the way to client galleries.)

C2PA Content Credentials in 2026

The next layer above IPTC is C2PA Content Credentials, a cryptographic provenance standard backed by Adobe, Microsoft, BBC, the New York Times, and the major camera manufacturers. C2PA bundles the IPTC-style metadata with a cryptographic signature, so a verifier can confirm the file has not been tampered with since capture.

The 2026 picture is partial.

The Leica M11-P, announced in October 2023, was the first production camera to ship Content Credentials. The M11, Q3, and SL3 received the firmware update later. Sony's α9 III and α1 II added C2PA via the Imaging Edge cloud service, opt-in per shoot. Nikon shipped C2PA on the Z6 III in August 2025, then suspended it after a critical signing vulnerability was disclosed; all certificates were revoked and the service has not been restored as of early 2026. The public C2PA compatibility list tracks the moving target.

On the editing side, Adobe launched the Content Authenticity public beta in April 2025, letting creators apply Content Credentials to any image regardless of camera. The Lightroom and Photoshop integrations preserve C2PA across the edit chain, which is the right shape.

The hole is the same as it has been for years. Social platforms strip embedded metadata, including C2PA manifests, during upload and transcoding. The C2PA chain is intact for the file you deliver to the client. It is broken the moment the photo lands on Instagram. For a wedding photographer whose work mostly lives on Instagram, a venue's website, and the client's gallery, C2PA is currently a tool for the original delivery file and for portfolios you control, not for the public copies.

That is still useful. The original delivered file is the one that matters in a takedown.

What this approach is not

  • A way to prevent AI training. Nothing prevents a determined scraper. Embedded metadata strengthens the claim after a violation; it does not stop the violation.
  • A substitute for legal copyright registration. US copyright registration is what unlocks statutory damages. Metadata is the evidentiary backbone of an enforcement action, not the action itself.
  • A guarantee social platforms will preserve your work's provenance. They will not. The original delivered file is the canonical record.
  • An anti-AI activist position. The "no AI training" rights statement in your IPTC block is a customer-facing fact, not a manifesto. Wedding clients who ask the question deserve a clear answer either way.
  • Camera-brand neutral. C2PA hardware support is unevenly distributed. Most working pros will rely on the editing-side and export-side layers.

What to put in your client conversation and contract, starting tomorrow

The conversation a wedding photographer can have with a couple in 2026, the one the r/WeddingPhotography thread suggests is now happening at consultations, has a defensible structure if the underlying file-handling is solid.

In the consultation. When the AI question comes up, the answer is not "do not worry about it." It is closer to "here is what is embedded in every file I deliver, here is what my contract says about AI use, and here is what you control." That answer requires the IPTC fields to actually be in the files. (For a longer breakdown of how to handle that consultation moment, see The AI question every wedding couple is asking in 2026.)

In the contract. Photography businesses are increasingly adding AI clauses. A Photo Editor published a sample clause limiting client AI rights, which has circulated through the industry since 2023. The pattern is two-part: a creator-side reservation ("Photographer retains all rights to AI training and indexing of delivered images") and a client-side restriction ("Client may not submit delivered images to generative AI services for training or derivative generation without express written permission"). Both clauses are easier to enforce when the metadata in the file documents the same restriction.

In the export pipeline. Whatever tool sits between the catalog and the delivered files needs to write the IPTC rights fields consistently, on every export, without the photographer remembering to check. This is where most workflows fall apart: the field is set in a Lightroom preset that nobody copied to the new machine, or it is set on JPEG exports but missed on the RAW delivery, or it is set in the catalog metadata but lost when the file is duplicated for a print order. (For the broader argument about handling metadata before files reach Lightroom, see Organize Wedding Photos Before Lightroom Opens.)

This is the workflow gap Jade GT is built to close. Jade GT writes the IPTC Copyright Notice, Creator, Creator Contact Info, and Rights Usage Terms into every file as part of normal export, with no per-file ceremony and no separate "remember to apply the preset" step. The wedge for client conversations is concrete: a photographer using Jade GT can show a client exactly which copyright, creator, and AI-use fields are embedded in delivered files, and which usage terms are recorded. Not activism. Client safety.

Open Jade GT

FAQ

Does embedding IPTC metadata actually stop AI training?

No. Nothing currently stops a determined scraper. Embedded metadata makes a takedown notice, a licensing claim, or a court filing actually winnable after the fact. Treat it as the legal foundation, not the wall.

Should I use Glaze or Nightshade on every delivered file?

Probably not on every file. Glaze and Nightshade are most useful on portfolio images you publish for marketing where you accept the trade-off of subtle visual artifacts. They are less practical for thousands of delivered wedding images, where the application time and the visual side effects compound.

If C2PA gets stripped on Instagram anyway, why bother?

The original delivered file is the canonical record. C2PA on the gallery delivery and the print-order copy is what matters in a dispute. The Instagram copy is the unprotected copy by design. C2PA does not help there yet.

Do I need to register copyright in addition to all this?

In the United States, registering with the US Copyright Office unlocks statutory damages and attorneys' fees in an infringement suit. Embedded metadata is the evidence; registration is the legal teeth. Both, not either.

What about my old delivered galleries with no metadata embedded?

The original RAW files in your archive are the canonical record. If a dispute arises around an old delivery, the chain runs from the RAW to the delivered file to the alleged infringement. Future deliveries should have the metadata embedded; past ones rely on the RAW archive.

Further reading

If you are already running an AI-rights clause in your contract, or you have a metadata-export workflow you trust, I would like to hear how it has held up. Reply on the r/WeddingPhotography thread or send me a note.

Reply to Kenny

Questions, corrections, or a workflow story of your own? Send a note — it goes straight to my inbox.