The Birthmark Standard Foundation

Media Registry Governance

The Birthmark Media Registry is governed by a coalition of independent journalism, fact-checking, and press freedom organizations—not by a single company or government.

Purpose and Mission

Registry Purpose

The Birthmark Media Registry provides a decentralized, tamper-evident ledger for recording image authentication data. The Registry stores cryptographic hashes of authenticated photographs along with associated metadata (timestamps, submitter identifiers), enabling anyone to verify whether a photograph has been authenticated by a legitimate camera and when that authentication occurred.

Core Principles

  • Independence: No single entity controls the Registry. Trust is distributed among Coalition Members.
  • Transparency: All Registry operations, governance decisions, and technical specifications are publicly documented.
  • Neutrality: The Registry verifies technical authenticity, not editorial content. It makes no judgment on the subject matter of photographs.
  • Permanence: Data recorded on the Registry is immutable and must remain accessible for verification indefinitely.
  • Public Good: The Registry serves the public interest and is not operated for profit.

Coalition Membership

Eligibility Requirements

Coalition Membership is open to organizations that demonstrate commitment to information integrity and meet the following criteria:

  • Established nonprofit, educational institution, news organization, or professional association
  • Mission aligned with journalism, fact-checking, press freedom, archival preservation, or information integrity
  • Technical capability to operate a validator node (server infrastructure, technical staff) or willingness to contract for managed support services
  • Commitment to maintaining node uptime of 95% or greater
  • No conflicts of interest that would compromise Registry neutrality

Important: Organizations whose primary mission is media production (news outlets, content creators, photography agencies) are ineligible for Coalition Membership due to inherent conflict of interest. Organizations that consume, analyze, or validate media (fact-checkers, press freedom advocates, academic institutions, archival organizations) are eligible.

Target Coalition Members

  • National Press Photographers Association (NPPA) - Professional photography organization
  • International Fact-Checking Network (IFCN/Poynter) - Global fact-checking network
  • Committee to Protect Journalists (CPJ) - Press freedom advocacy
  • Bellingcat - Open-source intelligence investigation journalism
  • Academic journalism schools - University-based journalism programs
  • Regional press freedom organizations - Local and regional advocacy groups

Node Ownership

Each Coalition Member purchases ownership of one or more validator node slots in the Media Validation Network. Node ownership includes:

  • Validator Authority: The right to operate a validator node that participates in Network consensus
  • Governance Rights: One vote per node in Coalition governance decisions
  • Technical Assets: Pre-configured node software, documentation, and setup support
  • Coalition Seat: Representation in the Birthmark Media Registry Coalition

Important: Node ownership and operation confers no editorial authority over authenticated content. The Registry verifies technical provenance, not content accuracy or editorial merit. Coalition Members shall not represent their node operation as endorsement of specific authenticated images.

Ownership Limits

To prevent concentration of control and maintain decentralization:

  • No single organization may own more than 2 nodes or 10% of total nodes, whichever is higher
  • Related organizations (parent/subsidiary relationships, shared governance) are counted as a single entity for ownership limits

Pricing & Costs

The initial node ownership fee is set by The Birthmark Standard Foundation and funds Registry development, deployment, and initial operational support. This fee is a one-time purchase, not a recurring charge.

Ongoing operational costs (server hosting, bandwidth, maintenance) are the responsibility of each Coalition Member for their own nodes, estimated at ~$15-30/month for VPS hosting.

Governance Structure

Phase 1: Development Phase (Current)

During the initial development phase, The Birthmark Standard Foundation builds and validates the Registry infrastructure. Organizations interested in future Coalition Membership may participate as Founding Advisors, providing input on technical specifications, governance structure, and operational requirements.

Founding Advisors:

  • Provide advisory input on Registry development and charter refinement
  • Have no voting rights or governance authority during this phase
  • Are not obligated to purchase node ownership when Phase 2 begins
  • Receive priority consideration for Coalition Membership upon production launch

During Phase 1, the Foundation Board of Directors retains full authority over technical development, governance design, and charter amendments.

Phase 2: Production Phase

Phase 2 begins when:

  • Registry technology completes its validation checklist
  • 10 validator nodes have been functionally stood up by the Foundation

Upon Phase 2 commencement, node ownership becomes available for purchase by eligible organizations.

Governance Transition

The Foundation retains voting authority in Coalition governance until one year after the first node sale to a Coalition Member.

Once the Foundation's voting authority ends, governance transitions to the full Coalition model.

Coalition Governance (Full Model)

Under full Coalition governance:

  • Voting Rights: One vote per owned node
  • Quorum: Majority of purchased nodes (>50%) must participate for valid vote
  • Standard Decisions: Simple majority (>50% of votes cast) for routine matters
  • Major Decisions: Supermajority (≥67% of votes cast) for charter amendments, protocol upgrades, and membership changes
  • Emergency Decisions: Foundation retains authority for time-critical security issues, subject to Coalition ratification within 30 days

Decision Categories

Standard Decisions (Simple Majority)

  • Operational procedures and documentation updates
  • Technical support policies
  • Communication and outreach activities
  • Minor parameter adjustments

Major Decisions (Supermajority - 67%)

  • Charter amendments
  • Protocol upgrades affecting consensus or data structure
  • Admission of new Coalition Members
  • Removal or suspension of Coalition Members
  • Changes to ownership limits or voting structure
  • Integration with external systems or standards

Member Responsibilities

Technical Obligations

Each Coalition Member operating a validator node agrees to:

  • Maintain Uptime: Operate node with minimum 95% uptime availability
  • Apply Updates: Install Coalition-approved software updates within specified timeframes
  • Secure Infrastructure: Implement reasonable security measures for node infrastructure
  • Monitor Performance: Monitor node health and respond to technical issues promptly
  • Report Issues: Report technical problems or security concerns to the Coalition

Governance Participation

Coalition Members are expected to:

  • Participate in governance votes (quorum requirement)
  • Designate a primary contact for Coalition communications
  • Attend or send representative to Coalition meetings (quarterly minimum)
  • Provide technical feedback on proposed protocol changes

Financial Obligations

Coalition Members are responsible for all operational costs associated with their nodes, including but not limited to server hosting, bandwidth, electricity, and technical staff time. The Registry does not charge ongoing fees to members.

Optional technical support and managed services are available from the Foundation under separate service agreements.

Node Failure and Member Removal

Temporary Node Failure

If a Coalition Member's node experiences temporary downtime (hardware failure, network issues), the Media Validation Network continues operation with remaining nodes. The member is expected to restore service as soon as reasonably possible.

Extended Absence

If a node remains offline for more than 30 consecutive days without communication, or if a Coalition Member indicates they can no longer operate their node:

  • The Foundation may spin up a temporary replacement node to maintain Network redundancy
  • The member retains ownership rights but loses voting rights until node is restored
  • Coalition will work to recruit a replacement member to purchase the node slot

Grounds for Removal

A Coalition Member may be removed from the Media Validation Network for the following reasons:

  • Sustained failure to maintain minimum uptime (below 95% for 90 or more consecutive days)
  • Security breach resulting from negligence or willful misconduct
  • Actions that compromise Registry integrity, security, or neutrality
  • Material breach of this charter that remains uncured after 30-day written notice
  • Change in organizational mission or ownership that conflicts with Registry principles
  • Criminal conduct by the organization or its representatives related to Registry operations

Removal Process

  1. Notice: Written notice of alleged violation delivered to the member with 30-day cure period (for curable issues)
  2. Proposal: If issue remains uncured, any Coalition Member or the Foundation may submit formal removal proposal
  3. Response: Accused member has right to submit written response within 14 days of proposal
  4. Vote: Supermajority vote (≥67% of votes cast) required for removal
  5. Immediate Effect: Removed member loses voting rights immediately upon vote passage
  6. Transition Period: 90-day period to transfer node ownership to another eligible organization or revert to Foundation
  7. No Refund: Initial node purchase fee is not refundable upon removal

Legal Compulsion

Critical Protection: If a Coalition Member is compelled by legal authority to take actions that violate this charter, that member shall be removed from the Media Validation Network.

This provision protects both the Registry's integrity and the member organization, as it ensures governments cannot subvert the network through captured nodes—they can only remove individual nodes from a network designed to continue operating with remaining members.

Role of the Foundation

The Birthmark Standard Foundation serves as the administrative coordinator for the Registry, not its owner or controller. Foundation responsibilities include:

  • Initial Node Setup: One-time provisioning and transfer of configured node software to new Coalition Members
  • Documentation: Maintaining comprehensive technical documentation for node operation
  • Administrative Coordination: Facilitating Coalition meetings, votes, and communications
  • Open Source Maintenance: Maintaining the public code repository and documentation
  • Emergency Response: Acting as first responder for critical security issues (subject to Coalition ratification)
  • Training: Offering technical training to Coalition Member IT staff for self-managed node operation

Ongoing Technical Support

The Foundation does not provide indefinite technical support as part of node ownership. Coalition Members requiring ongoing technical assistance have two options:

  • Service Contract: Optional paid service agreements with the Foundation for ongoing maintenance, troubleshooting, and updates
  • Self-Management: Technical training provided to Member's IT staff to enable independent node operation and maintenance

The Foundation does not control the Registry's data, cannot unilaterally modify the Birthmark Blockchain, and cannot override Coalition governance decisions except in documented emergency procedures.

Foundation Node Reserve

To ensure Media Validation Network resilience and maintain minimum operational requirements, The Birthmark Standard Foundation reserves the right to operate up to 10 validator nodes. These Foundation-operated nodes are subject to the following conditions:

  • No Voting Rights: Foundation-operated nodes do not carry voting rights in Coalition governance
  • Target of Zero Ownership: The Foundation's goal is to own zero nodes, with member-operated nodes preferred
  • Transition Priority: Foundation nodes may be transitioned to new Coalition Members as they join the Network
  • Operational Costs: The Foundation bears all operational costs for nodes it operates
  • Emergency Use: Foundation nodes serve primarily as backup capacity when member nodes fail or during Network growth phases

Foundation Sustainability

The Foundation sustains operations through:

  • Node sales to Coalition Members
  • Optional service contracts for ongoing maintenance
  • Technical training services for self-managed nodes
  • Grant funding for capability expansion

The Foundation commits to maintaining minimum 12-month operating reserves. If the Foundation determines it can no longer sustain operations, it shall execute an orderly transition: transferring all administrative functions to the Coalition, ensuring all documentation and code repositories remain accessible, and providing 6-month advance notice to Coalition Members.

Registry Independence: The Registry and Media Validation Network are designed to operate independently of the Foundation's continued existence.

Registry Continuity

The Registry is designed to operate independently of any single organization, including the Foundation. In the event the Foundation ceases operations:

  • All node software and documentation is open source and publicly available
  • Coalition Members retain full ownership and operational control of their nodes
  • The Birthmark Blockchain continues operating as long as minimum node count (3) is maintained
  • Coalition governance structure remains in effect
  • Coalition may elect to transfer administrative functions to another organization

Privacy & Data Architecture

Data Minimization

The Registry stores only cryptographic hashes and associated metadata (timestamps, certificate references). Individual image content is never stored on the Birthmark Blockchain.

Certificate references require manufacturer cooperation to trace to specific devices, and even then require possession of the original image to identify relevant records. This architecture prevents fishing expeditions and protects source confidentiality by design.

Right to Be Forgotten

The Registry stores cryptographic hashes, not images. Authenticated images can be effectively de-authenticated by any unvalidated modification (cropping, format conversion), which generates a new hash with no Registry record.

Validated edits create new hashes that are recorded on the blockchain, maintaining provenance. The Registry does not support hash deletion requests, as processing such requests would require identifying which hashes correspond to specific individuals—creating greater privacy risk than the immutable hash record itself.