EXIF Metadata: What Your Photos Reveal, and What Apps Strip
What hidden EXIF, IPTC, and XMP metadata rides along in your photos, the real GPS privacy risk, and which messengers, social apps, and email keep or strip it.
Every photo you take is two things at once: the visible image, and a block of hidden text describing how, when, and often where that image was made. That hidden text is metadata, and most people never look at it. But the apps you send photos through absolutely do — some delete it, some quietly keep it, and some pass it along untouched.
This guide explains what that metadata actually contains, why a single casual snapshot can leak your home address, and how different channels — social networks, messengers, email, and file transfer — handle it. The short version: "stripped on display" is not the same as "never uploaded," and the only metadata you can fully trust is the metadata you removed yourself before sending.
What are EXIF, IPTC, and XMP?
"EXIF" gets used as a catch-all, but there are really three overlapping metadata standards embedded inside image files, usually JPEG, HEIC, or TIFF.
- EXIF (Exchangeable Image File Format) is written by the camera or phone at the moment of capture. It records the camera make and model, lens, exposure settings (aperture, shutter, ISO), orientation, the original timestamp down to the second, and — critically — GPS latitude, longitude, and often altitude if location services were on.
- IPTC (International Press Telecommunications Council) is the journalism and stock-photo standard for descriptive fields: caption, keywords, creator name, copyright, and location names. It is usually added later by a person or editing software, not the camera.
- XMP (Extensible Metadata Platform) is Adobe's XML-based container that can carry EXIF and IPTC values plus edit history, ratings, and software-specific tags. Lightroom and Photoshop write XMP heavily, either inside the file or in a separate sidecar.
For privacy, EXIF is the one that matters most, because the GPS tags are written automatically and silently. You never typed them in; your phone did.
The real privacy risk: GPS
The camera settings are harmless. Nobody is harmed by knowing you shot at f/2.8, 1/250s, ISO 400. The timestamp is mildly sensitive — it can place you somewhere at a specific moment. The GPS coordinates are the actual hazard.
A photo of your cat on the living-room couch, if it carries GPSLatitude and GPSLongitude, encodes the coordinates of that room — typically accurate to within tens of meters, sometimes better. Paste those into any map and you are looking at someone's front door. This is not theoretical: investigators, stalkers, and curious strangers have located people from a single image. A recurring pattern is a public figure who posts an indoor photo and inadvertently publishes their home location, because the file still carried the original GPS tags from a channel that preserved them.
The danger is precisely that it is invisible. The image looks like an ordinary picture of a cat. Nothing on screen hints that the file also says here is exactly where this was taken.
Why platforms handle it so differently
There is no universal rule. Whether your metadata survives depends entirely on what each channel does to the bytes, and that splits into three broad behaviors.
Social networks: usually strip on the public copy (and recompress)
Most large social platforms — Facebook, Instagram, X, Reddit — re-encode images server-side. They resize, recompress to their own JPEG settings, and serve a derivative file. Recompression discards the original metadata block as a side effect, so the photo that displays to other users typically has no EXIF. That protects other viewers, but it comes with two important caveats covered below.
Email and file transfer: send the original bytes unchanged
Email attachments, and most file-transfer and relay tools, do not touch your image. SMTP carries the exact file you attached, encoded for transport but byte-identical once decoded. Services like a plain cloud-storage share link, WeTransfer-style transfers, and relay-style transfer tools are designed to deliver the original bytes faithfully — that is the whole point of a file transfer. So if your photo had GPS in it, the recipient gets the GPS, intact. Fidelity is the feature here, and it works against your privacy unless you strip first.
Chat apps: it depends on the send mode and the app
Messengers are a mixed bag. Many recompress images sent as inline "photos" — WhatsApp, Telegram (as a photo), iMessage — which usually drops most EXIF much like social uploads do. Signal is stricter still: it deliberately removes metadata from outgoing images, including most file sends, as a privacy design choice. But several apps let you send the picture as a document / file, and in that mode many of them preserve the original bytes, GPS and all. The exact behavior varies by app and version and changes over time, so never assume; test it, or strip beforehand.
Channel vs. metadata behavior
| Channel | Typically keeps EXIF? |
|---|---|
| Email attachment | Yes — original bytes sent unchanged |
| File transfer / relay / cloud share link | Yes — designed to preserve the original file |
| WeTransfer-style services | Yes — delivers the file as-is |
| Facebook / Instagram / X (public image) | No — recompressed, stripped on the public copy |
| Reddit / most image hosts | No — usually recompressed |
| Chat app, sent as a "photo" | Often no — recompressed (Signal strips aggressively) |
| Chat app, sent as a "document/file" | Often yes — original preserved (Signal is an exception) |
| Cloud backup (iCloud, Google Photos) | Yes — full metadata retained, by design |
How to inspect and remove it yourself
Do not rely on the destination to protect you. Check and clean the file on your own device, before it leaves.
Built-in OS features
- Windows: right-click the image, then Properties → Details → Remove Properties and Personal Information. You can create a cleaned copy or wipe selected fields in place. Note this clears standard properties but is not as thorough as a dedicated tool.
- macOS: Preview shows metadata under Tools → Show Inspector, where a GPS tab appears for geotagged images; Tools → Show Location Info then offers a Remove Location Info button to clear the coordinates. The Photos app also lets you adjust or remove location via Image → Location.
- iOS / iPhone: when sharing from Photos, tap Options at the top of the share sheet and toggle Location off. The shared copy then omits GPS — but the original in your library still has it.
- Android: Google Photos offers "Remove location" when sharing; behavior of the manufacturer's built-in gallery app varies.
exiftool, the precise way
Phil Harvey's exiftool is the reference tool for power users and works on all major platforms. A few useful commands:
- Inspect everything:
exiftool photo.jpg - See only GPS:
exiftool -gps:all photo.jpg - Strip all metadata:
exiftool -all= photo.jpg(it writes a_originalbackup by default) - Strip GPS only, keep the rest:
exiftool -gps:all= photo.jpg - Strip in place across a folder, no backup:
exiftool -all= -overwrite_original *.jpg
Note that -all= removes the EXIF/IPTC/XMP blocks but, on some formats, may leave a stored thumbnail or maker notes unless you also clear them; verify the result with a second exiftool read.
Re-export as a quick fallback
Taking a screenshot of a photo drops camera metadata because the new file is generated from the pixels on screen, not copied from the original. It is lossy and crude, but in a pinch a screenshot carries no original GPS. Be careful with "Export" or "Save As" in an editor, though: many editors faithfully copy metadata into the new file, so re-exporting does not reliably strip anything unless the export options explicitly say so.
Limitations: what stripping does and does not give you
This is where honesty matters, because "the platform strips EXIF" leads people to a false sense of safety. Several situations exist where metadata removal does little or nothing for you.
- Stripped on the public copy ≠ never uploaded. When a social network removes EXIF from the public image, it received your full original first. The platform can read and store that GPS server-side for its own purposes. Your followers cannot see it; the company can.
- Cloud backups keep everything. iCloud Photos, Google Photos, and similar services retain full metadata by design, so they can sort by date and place. That is a different threat model from "who can see this photo" — it is "who holds the data."
- Stripping is not redaction of the pixels. Removing GPS tags does nothing about a street sign, house number, or reflection visible in the image. Metadata removal and visual redaction are separate jobs.
- Some metadata may persist. Embedded thumbnails, maker notes, or sidecar
.xmpfiles can survive a careless cleanup. Verify withexiftoolafterward rather than assuming. - HEIC and RAW carry even more. Apple HEIC and camera RAW formats often hold richer metadata and embedded previews than plain JPEG, so the same cautions apply, sometimes more so.
- Re-saving does not always strip. Many "Save As" and editing operations preserve metadata faithfully. Do not assume an edit cleaned the file — only an explicit strip or a screenshot reliably does.
When this does not apply
Metadata hygiene is not always the right battle. If you are posting only through platforms that recompress public images and you do not care who holds the data behind the scenes, the EXIF on the visible image is already gone for your audience. Many phones taken with location services off never write GPS in the first place, so there is nothing to strip. And for photos that contain no sensitive location — a screenshot, a scanned document, an image with no geotag — fussing over EXIF is wasted effort. The point is not to strip everything reflexively; it is to know which channels preserve location and to act only when the photo, the place, and the destination actually warrant it.
The practical rule is simple: if a photo is going somewhere you do not fully control, and you care about location privacy, remove the GPS yourself before sending and confirm it is gone. Treat every channel as if it might preserve everything, because plenty of them do.
Frequently asked questions
We build a real-time file-transfer relay in Rust, and write these articles from hands-on work with file transfer, networking, encryption, and browser platform APIs. More about us →