For Guilds, Studios, Lawyers, Agents

Legal Architecture

Not a standalone feature — part of the process. Every authorization, token, receipt, and watermark is already a legal artifact. This page makes that explicit.

Contract Layer

DIAP tokens are machine-readable translations of existing guild contracts.

Every license token maps directly to contractual terms — rights, scope, duration, territory

SAG-AFTRA, WGA, and DGA provisions become machine-readable authorization conditions

No new legal framework required — TrustMark operationalizes the contracts that already exist

Two-layer authorization: identity visibility (Layer 1) and project-specific licensing (Layer 2)

Evidentiary Layer

Render receipts + watermarks = timestamped chain of custody, admissible in arbitration.

Every render produces a verifiable receipt with timestamp, scope, and output hash

Dual-layer watermarks (pixel + audio) create forensic provenance on every output

Receipts are two-party signed — both studio and protocol, creating an independent record

Chain of custody is continuous: authorization → render → receipt → watermark → verification

Statutory Layer

Compliant with ELVIS Act, AB 2655, AB 1836, BIPA, EU AI Act.

Tennessee ELVIS Act — TrustMark's authorization layer satisfies the consent requirement for voice replication

California AB 2655 / AB 1836 — watermarked outputs meet the AI-generated content disclosure mandate

Illinois BIPA — informed consent mechanism built into the two-layer authorization flow

EU AI Act Article 50 — provenance chains satisfy the transparency and disclosure requirements

Right of Publicity Layer

Grounded in Midler v. Ford, White v. Samsung lineage.

Midler v. Ford (1988) — voice and performance style are protectable. TrustMark creates the technical record.

White v. Samsung (1992) — the totality of identity carries rights. TrustMark registers behavioral signatures, not just name/likeness.

Right of publicity varies by state — TrustMark provides a jurisdiction-agnostic technical record that supports claims in any jurisdiction.

Posthumous rights — registered identity constructs persist beyond the individual, supporting estate management.

Motion Identity Layer

The movement is the identity. The law is catching up. TrustMark is already there.

Motion capture visualization showing a performer's skeletal movement being digitized and analyzed by AI systems

A few seconds of footage is enough for an AI to extract how someone walks, gestures, and emotes — and replicate it indefinitely.

Right of publicity law was built for a world where impersonation required a human. Today, a few seconds of footage is enough for an AI to extract how someone walks, gestures, and emotes — and replicate it indefinitely.

The law partially covers this. TrustMark makes it enforceable.

What motion identity includes — and what AI can extract from it

Layer

What It Is

AI Extraction Risk

Macro Movement

Gait, posture, body language

Avatar animation, character replication

Micro Movement

Hand gestures, head tilts, habitual motion

Persona cloning in synthetic video

Facial Expression

Smile patterns, brow movement, eye behaviour

Deepfake emotion mapping

Lip & Mouth Movement

Speech articulation, lip sync patterns

Voice-sync deepfakes, unauthorized dubbing

Emotional Signature

How a performer physically expresses emotion

AI character training, synthetic performance

Every one of these layers is present in a standard production frame. Every one of them can be extracted, modelled, and redeployed — without the performer, the studio, or the guild ever knowing.

Where the law currently stands

Courts have consistently held that identity protection extends beyond name and likeness. White v. Samsung established that the totality of a person's recognizable presence carries rights — a robot in a blonde wig was enough. Midler v. Ford confirmed that performance style is protectable. The Right of Publicity, in its more expansive state-level forms, covers “signature styles or mannerisms” — which courts have interpreted to include movement patterns and behavioral signatures.

But motion identity specifically — the pixel-level fingerprint of how a body moves — sits in a legal grey zone. Protected in principle. Unenforceable in practice. And completely invisible to AI systems that don't read contracts.

What TrustMark does

TrustMark registers motion identity as a discrete, protected construct — separate from face, voice, and performance signature. Studios capture it in production. It's registered on-chain with a 24-joint skeletal fingerprint. Every downstream AI use requires an explicit authorization token.

The law decides what to do with a violation. TrustMark creates the record that makes the case.

Motion identity is the last unprotected layer of a performer's identity. TrustMark closes that gap — before production begins, not after the lawsuit lands.

Training Separation

TRAINING_USE is never implied. Always a separate, explicit authorization. Defaults to NO.

Rendering authorization does not imply training authorization — they are separate token types

TRAINING_USE defaults to NO unless explicitly granted via a separate authorization flow

Studios cannot bundle training consent into production licenses — it requires independent approval

Training tokens have their own scope, expiry, and revocation — fully independent lifecycle

Vault Architecture

Stores secure records, not raw identity data. If breached — useless without the source.

Identity modules store secure one-way identity records, not raw identity data

These records are useful for verification but cannot reconstruct the original face, voice, or motion

A vault breach yields mathematical vectors with zero practical value for impersonation

Encryption at rest (AES-256) + client isolation + write-once receipts

Stress Test

Every claim on this site has been audited against the hardest questions the industry will ask.

Pressure Point

Response

"You're claiming to protect what law doesn't cover"

TrustMark is infrastructure, not protection. It creates the record — law decides what to do with it.

"Render receipts = self-incrimination"

Receipts are a contractual pre-condition of certification — not voluntary admission. Studios agree to this as part of the certification process.

"Vault gets subpoenaed"

Vault stores secure identity records, not raw data. These one-way records cannot reconstruct the original identity. A subpoena yields identity records with zero value for impersonation.

"Token implies training license"

TRAINING_USE is never implied. Always a separate, explicit authorization. Defaults to NO. Rendering permission does not grant training permission.

"Emergency revocation breaks valid contracts"

Emergency revocation targets unauthorized use only. Valid licenses are always honored. It's a shared mechanism available to everyone in the authorized chain.

"Audit trail becomes a weapon against studios"

Audit access is scoped by role. Studios see their own submissions. Talent sees their own uses. No party has unilateral access to another's records.

"Movement isn't explicitly named in right of publicity statutes"

Correct — which is why TrustMark registers it as a technical construct, not a legal claim. The record exists regardless of how courts eventually classify it.

"Social media footage is public — motion data is fair game"

Public visibility is not consent. TrustMark's authorization model applies to all footage in which a registered identity appears — regardless of platform or original context.

"You can't protect how someone walks"

You can document that it was used without authorization. TrustMark doesn't argue the law — it creates the evidence.

Governance & Legal Foundation

TrustMark IP is being built alongside founding leadership from the AI Trust Foundation.

The AI Trust Foundation is the leading U.S. voice for guiding AI technology to safe and beneficial uses. Founded by AI industry leaders and former U.S. lawmakers, the Foundation works directly with policymakers — including engagement with the White House on national AI governance standards — to develop the frameworks that will define how AI operates responsibly at scale.

TrustMark IP's registration and protection protocol is designed in alignment with these emerging standards — built not just for today's creators, but for the regulatory landscape being written right now.

Ready for industry review

TrustMark\'s legal architecture is designed to withstand scrutiny from guilds, studios, lawyers, agents, and technical integrators. Every artifact is defensible.

Request Access Read the Spec