I think of it more like "I approve this message" than authorship. So if you know a particular public key belongs to someone, and they sign some data with the corresponding private key, they are basically saying "I attest this data is authentic/true/accurate/etc". It's highly contextual really. But you're right, nothing to do with authorship or ownership.