In 2012, John McAfee was located by journalists after posting a photo online. The embedded GPS coordinates pointed directly to his location in Guatemala. He thought he was hiding. The metadata disagreed.
That’s EXIF data. It’s invisible, it’s automatic, and it’s been in your photos since the first day you picked up a smartphone.
What Is EXIF Data?
EXIF (Exchangeable Image File Format) data is metadata embedded invisibly inside photos and other image files. Your camera or phone writes it automatically — you never see it, but it’s there, and it travels with the image wherever it goes.
What EXIF Can Reveal
| EXIF Category | Data Included | Privacy Risk |
|---|---|---|
| GPS Coordinates | Latitude, longitude, altitude | Reveals exact location photo was taken |
| Timestamp | Date and time of capture | Establishes when and (with GPS) where you were |
| Device Info | Phone make, model, serial number | Identifies your specific device |
| Camera Settings | Aperture, shutter speed, ISO | Identifies your specific camera model |
| Software | Editing software used | Reveals workflow details |
| Orientation | How phone was held | Minor detail, but part of your profile |
GPS data is the primary risk. A photo taken at your home contains your home’s coordinates. Posted online, that data can be extracted by anyone with a browser and five minutes.
Preventing EXIF at Capture
The cleanest solution: stop embedding GPS data in the first place.
iPhone:
- Settings → Privacy & Security → Location Services → Camera
- Set to “Never” — disables GPS tagging for all future photos
- Note: this disables location data in photos — if you use location features in the Photos app, you may notice differences
Android:
- Open the Camera app → Settings (gear icon)
- Look for Location tags or Save location → Disable
- Path may vary by manufacturer: Samsung camera → Settings → Location tags → Off
Removing EXIF From Existing Photos
Turning off GPS tagging handles new photos. Your existing library is a different problem.
iOS — Photo Investigator App:
- Download “Photo Investigator” from the App Store
- Open app → select photo → view all EXIF data
- Choose to remove or edit EXIF fields before sharing
Android — Metadata Remover:
- Download “Metadata Remover” from Google Play
- Select photo → remove all metadata → save clean copy
macOS — ImageOptim:
- Download ImageOptim (free, open source) from imageoptim.com
- Drag and drop photos → automatically strips metadata including EXIF GPS data
- Also optimizes file size — two birds
Windows — Right-Click Properties Method:
- Right-click the image file → Properties
- Click the Details tab
- Click “Remove Properties and Personal Information” at the bottom
- Select “Remove the following properties from this file”
- Check all fields → OK
Web-based tools: Various online EXIF removal tools exist. Exercise caution uploading sensitive photos to unknown web services — you’re trading one privacy problem for another.
Before Sharing Any Photo
Run through this before posting anything publicly:
- [ ] Disable GPS tagging on your camera/phone
- [ ] Use an EXIF viewer to confirm GPS data is removed
- [ ] Review the background of the photo for identifiable locations, addresses, or license plates
- [ ] Remove metadata using one of the tools above
- [ ] Consider whether the timestamp reveals anything sensitive
Social Media and EXIF
Most major platforms automatically strip EXIF data on upload — but this is not guaranteed, and relying on it is rolling the dice.
| Platform | EXIF Handling |
|---|---|
| Facebook/Instagram | Strip most metadata on upload |
| Twitter/X | Strips GPS data, may retain other EXIF fields |
| Compresses photos and strips most metadata | |
| iMessage/SMS | May preserve EXIF data in full-quality sends |
| Often preserves EXIF data entirely |
Do not rely on platforms to remove your metadata. Strip it yourself before sharing. The platform’s behavior can change without notice, and you’ll never know when it did.
Go into Camera settings right now and disable location tagging. It takes 30 seconds. Every photo you’ve taken with location enabled is a data point. Stop adding more of them.