Topics

About Join Granit
Own Your Work

How to prove that photo is yours: the complete guide to timestamping

Your work belongs to you. But can you prove it? Copyright, traditional methods, digital timestamping: everything a creative needs to know to protect their images.

Granit · 6 min read
How to prove that photo is yours: the complete guide to timestamping

Your creations belong to you. But can you actually prove it?

You're scrolling Instagram one morning, coffee in hand, and there it is: your photo. The one you shot on a rainy Sunday in November, on your knees on a wet sidewalk. Except this time, it's illustrating a brand's campaign. #Lol. No credit. No permission. No payment.

You're furious. You send a message. And then they ask you for the one thing you don't have: proof of date. Worse, they just ignore you.

This isn't fiction. It happens every week to photographers, illustrators, and designers.

Talent doesn't protect you — proof does, much more!

This article explains how proof of prior creation works, why traditional methods fall short, and how digital timestamping changes the game for creatives.

What the law says (short version)

In France, copyright exists from the moment of creation. You don't need to register anything: the instant you press the shutter, the image is legally yours. That's Article L111-1 of the French Intellectual Property Code.

The problem is that in a dispute, copyright alone isn't enough. You need to prove that you're the original author, and more importantly, that your work existed before the other party's. This is called proof of prior creation — or proof of anteriority.

Without that proof, it's your word against theirs. And in court, words don't carry much weight.

Traditional methods (and their limits)

Several solutions have long existed to establish a certified date on a work.

The Soleau envelope, first. You print your work and place it in a special envelope sold by INPI (the French patent office), mail it, and the institute keeps it sealed (it can also be done digitally). It proves the content existed on the mailing date. It costs €15 per envelope, it's limited in size, and above all it's physical. When you produce 200 photos per shoot, it's simply not viable. :)

A bailiff deposit (now called a judicial commissioner in France) offers strong legal proof, but at a discouraging cost — expect €100 to €300 per certified record. Reserved for cases where the financial stakes already justify it.

Mailing a registered letter to yourself is the most common workaround. You send yourself a sealed envelope, with the postmark serving as proof. In practice, its legal value is weak and easily challenged.

What these methods share: they were designed for a world where you create a handful of works per year. Not for a continuous flow of digital images.

Digital timestamping: how does it work?

Digital timestamping solves this problem at its root. The principle is straightforward, even if the technology behind it is robust.

When you submit an image to a timestamping service, three things happen:

The system generates a digital fingerprint (a "hash") of your file. It's a unique string of characters, like a fingerprint. If a single pixel changes, the hash changes completely. There's no way to cheat.

This fingerprint is linked to a precise date and time — the timestamp. This isn't your computer's clock (easily modified) but a certified timestamp, anchored in an external registry.

The whole thing is recorded in a tamper-proof registry. Some solutions use blockchain for this: once recorded, the timestamped hash cannot be altered, deleted, or backdated. It's permanent.

The result: you have a certificate proving that this specific file existed at this specific date. No middleman. No envelope. No bailiff.

What this changes in practice for creatives

Let's look at three everyday situations.

Situation 1 — Image theft on social media. You find your photo used without permission. With a timestamp certificate, you can prove your original file existed before the infringing publication. It shifts the balance of power immediately, even before going to court.

Situation 2 — A client disputes authorship. You deliver mockups to a client. The project falls through. Six months later, you discover your visuals were used by another provider. The timestamp on your working files proves you created the concept: boom.

Situation 3 — A contest or open call. You submit a series to a festival or award. Pre-timestamping your images protects you in case of leaks or copying during the selection process.

In all three cases, protection costs zero time if it's automatic. That's the whole point of building timestamping into your workflow, rather than treating it as a separate task.

EXIF metadata isn't enough

"My photos already contain a date in the EXIF metadata — isn't that enough?"

No. EXIF metadata is written by your camera, but it can be easily modified by anyone. It has zero evidentiary value in court because it's not certified by a trusted third party.

Cryptographic timestamping, on the other hand, relies on a hash that's mathematically tied to the exact file content and anchored in a registry that no single party controls.

That's a fundamental difference.

How to integrate timestamping into your workflow

If you have to manually timestamp each image one by one, you won't do it. That's human nature. The only approach that works is automation.

Ideally, timestamping triggers the moment you import your images into your working tool — your portfolio, your DAM, your client delivery space. No extra step, no friction.

That's exactly the approach we chose with Granit.

Every source image uploaded to Granit is automatically timestamped. No extra clicks, no checkbox. You upload, it's protected.

Specifically, at the moment of upload, Granit captures and seals several pieces of information into a structured certificate: the file name, its type, its exact weight in bytes, the precise date and time of the upload (in UTC format, down to the second), the author's identity linked to the account, and most importantly a SHA-256 digital fingerprint — a unique signature computed from the raw file content. If a single pixel of the image is changed, the hash changes entirely. The certificate doesn't just prove that you uploaded a file on a given date — it proves that this specific file, in this exact state, existed at that moment.

But Granit goes further. The certificate isn't simply stored on our servers — it's anchored in the Bitcoin blockchain via the OpenTimestamps protocol.

Your proof of prior creation doesn't rely on our word, nor even on our infrastructure. It's inscribed in a Bitcoin block, a public, decentralized registry that no entity in the world can modify or delete.

Let's take an example. The image "Horizon océanique sous un ciel brumeux" uploaded on February 26, 2026 at 4:42 PM UTC generates this certificate:

{
  "author": {
    "email": "xxxxx@gmail.com",
    "name": "FirstName LastName"
  },
  "created_at": "2026-02-26T16:42:29.000Z",
  "file": {
    "name": "Horizon océanique sous un ciel brumeux",
    "sha256": "bc49fc78...f9abe0b7",
    "size": 1186923,
    "type": "image/jpeg"
  },
  "platform": "Granit.app",
  "version": 1
}

A few hours later, this certificate is anchored in Bitcoin block #938479, mined on February 27, 2026. From that moment, the proof is irreversible — it no longer depends on Granit.

Even if our platform disappeared tomorrow, your certificate would remain verifiable. Which we obviously don't wish for!

And that's the whole point of the proof package you can download at any time. It contains 4 files: the certificate.json (your timestamped certificate), the certificate.ots (the OpenTimestamps proof in standard binary format), the proof.json (raw data for technical reference), and a nice readable PDF.

Want to verify? Head to opentimestamps.org, click "Verify", upload the .ots then the .json. The site independently confirms that the file existed before that Bitcoin block. No need to trust us — verify it yourself.

Everything is open, everything is verifiable, everything is designed so that the proof belongs to you, not to the platform.

We don't ask you to think about it — Granit does it for you.


Key takeaways

Copyright protects you in theory. Timestamping protects you in practice.

French copyright exists from the moment of creation, but without proof of date, it's extremely hard to enforce. Traditional methods — Soleau envelopes, bailiffs — aren't built for a digital creation workflow.

Cryptographic timestamping generates tamper-proof, automatic, and affordable evidence. EXIF metadata doesn't constitute admissible proof. The best protection is the one that requires no extra effort — the one built into your tools.

Your photos, your artwork, your creations deserve better than "it's my word against theirs."

They deserve Granit.