ISSN 2518-7600 e-ISSN 2524-1060 UDC 90,92,93/94
Submit an article

Society. Document. Communication

Article

Regulatory and legal frameworks and standardisation of mechanisms for ensuring the authenticity of electronic documents in the age of generative content

Oksana Vasylynyna, Olha Mizina
Retrieved from Volume 11, No. 2, 2026 Pages 47–57
Received
03.01.2026
Revised
14.04.2026
Accepted
12.05.2026
Published
30.05.2026
Views
39

Abstract

The relevance of the study is conditioned by the growing risks of falsification of digital documents, forgery of electronic signatures, metadata manipulation, and distribution of synthetic content that replaces the content of authentic sources. The purpose of the study was to determine the theoretical foundations for the establishment of a comprehensive system for the protection of electronic documents, combining regulatory, technical, and information and analytical verification mechanisms, in the context of increasing risks of potentially destabilising impacts of artificial intelligence systems. The paper considered the regulatory framework, approaches, and mechanisms for ensuring the authenticity of electronic documents in the context of rapid development of content generated using artificial intelligence systems. The current Ukrainian legislation governing electronic trust services and document management was analysed, including the international standards of eIDAS, ETSI, ISO/IEC, and C2PA, which regulate issues relating to the authentication, integrity, and origin of electronic data. The features of advanced authentication technologies, in particular, qualified electronic signature, electronic seal, blockchain, digital watermarks, cryptographic hashes, and mechanisms for fixing the origin of content, were clarified. The specifics of the influence of generative content on the creation of fake documents, synthetic media, and disinformation campaigns were determined. The paper described the features of information analytics as an effective tool for identifying, evaluating, and minimising risks that are directly related to the use of generative content in electronic documents. It was proved that information and analytical methods allow for multi-level audit of data origin, metadata analysis, identification of signs of automated generation, and forecasting of threats to digital trust systems. It was proposed to consider information analytics as an integrative component of the contemporary electronic document authentication architecture, combining legal, technical, and organisational mechanisms for ensuring information protection in the context of digital changes. The practical significance of the study lies in the possibility of using the results to implement a comprehensive approach to data authentication in electronic document management systems. In addition, the proposed approaches to analysing the origin of content, metadata, and features of generative processing allow creating systems for monitoring and auditing electronic documents to detect falsifications, synthetic materials, and manipulative content

Keywords

information protection; qualified electronic signature; metadata; artificial intelligence systems; standardisation, information analytics

References

  1. Coalition for Content Provenance and Authenticity. (2024). C2PA technical specification. Retrieved from https://spec.c2pa.org/specifications/specifications/2.1/specs/_attachments/C2PA_Specification.pdf.
  2. Collomosse, J., & Parsons, A. (2024). To authenticity, and beyond! Building safe and fair generative AI upon the three pillars of provenance. IEEE Computer Graphics and Applications, 44(3), 82-90.
  3. Council of Europe. (n.d.a). Council of Europe and artificial intelligence. Retrieved from https://www.coe.int/en/web/artificial-intelligence.
  4. Council of Europe. (n.d.b). The Framework Convention on artificial intelligence. Retrieved from https://www.coe.int/en/web/artificial-intelligence/the-framework-convention-on-artificial-intelligence.
  5. Ege, O., Cagal, M., & Bicakci, K. (2025). Usability of token-based and remote electronic signatures: A user experience study. arXiv. doi: 10.48550/arXiv.2505.18814.
  6. European Parliament. (2023). Artificial Intelligence Act. Retrieved from https://superintelligenz.eu/wp-content/uploads/2023/07/EPRS_BRI2021698792_EN.pdf .
  7. European Union Agency for Cybersecurity. (2023). ENISA threat landscape 2023. Retrieved from https://www.enisa.europa.eu/publications/enisa-threat-landscape-2023.
  8. Farooq, A., & de Vreese, C. (2025). Deciphering authenticity in the age of AI: How AI-generated disinformation images and AI detection tools influence judgements of authenticity. AI & Society, 41, 493-504. doi: 10.1007/s00146-025-02416-5.
  9. Fedoruk, O. (2024) Security and protection of information in electronic document management systems: Improving the level of cyber defense. Bulletin of the Book Chamber, 4, 39-44. doi: 10.36273/2076-9555.2024.4(333).
  10. Hubariev, S.V., & Loviak, O.O. (2022). Electronic signature as a component of electronic legal transactions. Scientific Notes of V.I. Vernadsky Taurida National University. Series: Legal Sciences, 33(4), 18-23. doi: 10.32782/TNU-2707-0581/2022.4/03.
  11. ISO/IEC 20248:2022 “Information Technology. Automatic Identification and Data Capture Techniques. Digital Signature Data Structure Schema”. (2022, June). Retrieved from https://cdn.standards.iteh.ai/samples/81314/001eea69a1964a5bbba364b3117865ad/ISO-IEC-20248-2022.pdf.
  12. ISO/IEC 42001:2023 “Information technology. Artificial intelligence. Management system”. (2023, December). Retrieved from https://www.iso.org/standard/42001.
  13. ISO/TC 307:2016 “Blockchain and Distributed Ledger Technologies”. (2016). Retrieved from https://www.iso.org/committee/6266604.html.
  14. Khomych, I., Shvets, A., Soroka, S., & Kuten, R. (2025). Study of the electronic signature as an element of digital identity. Social Development and Security, 15(3), 187-200. doi: 10.33445/sds.2025.15.3.17.
  15. Kumarage, T., Agrawal, G., Sheth, P., Moraffah, R., Chadha, A., Garland, J., & Liu, H. (2024). A survey of AI‑generated text forensic systems: Detection, attribution, and characterization. arXiv. doi: 10.48550/arXiv.2403.01152.
  16. Law of Ukraine No. 2155-VIII “On Electronic Trust Services”. (2017, October). Retrieved from https://zakon.rada.gov.ua/laws/show/2155-19/en/ed20171005#Text.
  17. Law of Ukraine No. 851-IV “On Electronic Documents and Electronic Document Management”. (2003, May). Retrieved from https://zakon.rada.gov.ua/laws/show/851-15/ed20220101#Text.
  18. Liudvenko, D., Tomilova-Yaremchuk, N., Khomovyi, S., & Krupa, N. (2023). Information security in the conditions of digitization of accounting. Scientific Collection “InterConf+”, 33 (155), 120-129.
  19. Longpre, S., Mahari R., Obeng-Marnu N., Brannon, W., South, T., Gero K., Pentland, S., & Kabbara, J. (2024). Position: Data authenticity, consent, & provenance for AI are all broken: What will it take to fix them? In Proceedings of the 41st international conference on machine learning (pp. 32711-32725). Vienna: Messe Wien Exhibition Congress Center.
  20. Mirsky, Y., & Lee, W. (2021). The creation and detection of deepfakes: A survey. ACM Computing Surveys (CSUR), 54(1), article number 7. doi: 10.1145/3425780.
  21. Parasiuk, M.V. (2025). Electronic (digital) evidence in civil proceedings. Analytical and Comparative Jurisprudence, 1(4), 387-392. doi: 10.24144/2788-6018.2025.04.1.60.
  22. Pedersen, C.L., & Ritter, T. (2024). Digital authenticity: Towards a research agenda for the AI-driven fifth phase of digitalization in business-to-business marketing. Industrial Marketing Management, 123, 162-172. doi: 10.1016/j.indmarman.2024.10.005.
  23. Perapu, P. (2025). Anomaly detection in user behaviour using machine learning for cloud platforms. International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 11(3), 805-809. doi: 10.32628/CSEIT25113343.
  24. Regulation (EU) No. 910/2014 of the European Parliament and of the Council “On Electronic Identification and Trust Services for Electronic Transactions in the Internal Market and Repealing Directive 1999/93/EC”. (2014, July). Retrieved from https://eur-lex.europa.eu/eli/reg/2014/910/oj/eng.
  25. Savchuk, V., & Derii, V. (2023). Relevant analytics is a determining factor in effective management of the company’s activities. Herald of Economics, 4, 104-117. doi: 10.35774/visnyk2023.04.104.
  26. Sharma, J., Carvalho, A., & Bhunia, S. (2026). Provenance of AI-generated images: A vector similarity and blockchain-based approach, In 2026 IEEE 23rd consumer communications & networking conference (CCNC), Las Vegas: IEEE. doi: 10.1109/CCNC65079.2026.11366470.
  27. Shoaib, M.R., Wang, Z., Ahvanooey, M.T., & Zhao. J. (2023). Deepfakes, misinformation, and disinformation in the era of frontier AI, generative AI, and large AI models. In 2023 international conference on computer and applications (ICCA) (pp. 1-7). Cairo: IEEE. doi: 10.1109/ICCA59364.2023.10401723.
  28. Sviatoshniuk, A.L. (2023). About peculiarities of using of electronic digital signature in conclusion of civil contracts in the Internet. Odesa National University Herald, 25(2(37)), 21-24. doi: 10.32782/2304-1587/2023-25-2(37)-4.
  29. Tarasenko, D. (2025). Electronic document management as a tool for managing information processes in a company. Review of Transport Economics and Management, 12(28), 182-187. doi: 10.15802/rtem2024/317890.
  30. Zhou, J., Zhang, Y., Luo, Q., Parker, A.G., & De Choudhury, M. (2023). Synthetic lies: Understanding AI-generated misinformation and evaluating algorithmic and human solutions. In Proceedings of the 2023 CHI conference on human factors in computing systems (pp. 1-20). New York: Association for Computing Machinery. doi: 10.1145/3544548.3581318.
  31. Zozulya, N., Stekolshchikova, V., & Shoturma, N. (2025). Information and analytical activities in the age of digital transformation: New tools and methodologies. Scientific Works of the Interregional Academy of Personnel Management. Philology, 1(15), 21-26. doi: 10.32689/maup.philol.2025.1.4.

Suggested citation

Vasylynyna, O., & Mizina, O. (2026). Regulatory and legal frameworks and standardisation of mechanisms for ensuring the authenticity of electronic documents in the age of generative content. Society. Document. Communication, 11(2), 47-57. https://doi.org/10.69587/sdc/2.2026.47