What is EXIF data and why does it matter?

EXIF (Exchangeable Image File Format) is metadata baked into every photo. It includes GPS coordinates of where the photo was taken, the camera model and serial number, lens info, exposure settings, and the exact date and time. Useful for photographers tracking their work, dangerous for privacy if you share photos publicly without stripping it.

Does Instagram remove EXIF data?

Yes. Instagram, Facebook, X (Twitter), Snapchat, and most major social platforms strip EXIF on upload. WhatsApp strips it for normal photos but keeps it if you 'Send as Document.' iMessage doesn't strip it at all. So sharing a photo via iMessage exposes your location, while sharing it on Instagram doesn't.

Can someone find my home address from a photo?

If the photo has GPS coordinates and you took it at home, yes, technically. The most famous case was John McAfee in 2012, whose location was exposed via GPS coordinates in a Vice photo. He was arrested hours later. For everyday people the risk is lower but real, especially when sharing photos directly via email, iMessage, or file uploads (anywhere that doesn't auto-strip).

How do I remove EXIF data on iPhone?

Open Photos. Tap a photo. Tap Share. Tap 'Options' at the top. Toggle off 'Location'. Or set up a Shortcut: 'Strip Image Metadata' from the Shortcuts app for one-tap stripping. To remove location data globally, go to Settings → Privacy & Security → Location Services → Camera → Never.

How do I check if a photo has EXIF data?

Use an EXIF viewer. Our free EXIF viewer tool runs in your browser, shows all the metadata in any photo, and lets you strip it on the spot. On Mac you can also right-click → Get Info → More Info. On Windows: right-click → Properties → Details.

Should I always remove EXIF data?

Depends on the photo and where it's going. For social media uploads to major platforms, you don't need to: they strip it automatically. For photos sent via direct messaging, email attachments, file shares, or anywhere that doesn't strip, yes, especially if the photo was taken somewhere private. For your personal archive, keep it: it's useful for organization and remembering when/where shots were taken.

EXIF Data: What Your Photos Secretly Tell People (And How to Strip It)

May 2, 202613 min read

Illustration of a photograph being examined by a magnifying glass revealing hidden GPS, camera, and timestamp data

In December 2012, antivirus founder John McAfee was on the run from authorities in Belize. He'd been hiding for weeks. Then Vice magazine published a story with a photo of him in a tropical location. Within hours, internet sleuths cracked the EXIF data on the photo, pulled the GPS coordinates, and posted his exact location in Guatemala. Police arrived shortly after. He was caught because of metadata he didn't know was there.

That's the dramatic version. The everyday version is way more boring but still creepy. You take a photo at home, send it to a Facebook seller, and the photo carries your house's GPS coordinates with it. You upload a photo to your blog and visitors with the right tool can see your camera's serial number, the time you took it, the lens you used. It's all sitting in there, invisible, until someone looks.

Here's everything in those hidden fields, what platforms strip and what platforms keep, and the simple ways to clean it before sharing.

What is EXIF data, exactly

EXIF stands for Exchangeable Image File Format. It's a standard from 1995 (yes, that old) for embedding metadata into image files. Every photo from a digital camera or smartphone has it. JPEG, HEIC, TIFF, even WebP support it. PNG technically doesn't, but PNG metadata (called tEXt or iTXt chunks) carries similar info.

The data lives in a structured block at the start of the image file. Image viewers ignore it. Tools that read it can extract a surprising amount of info.

What's actually in there

Every photo carries some or all of the following:

Field	What it reveals	Privacy risk
GPS Latitude/Longitude	Exact location of the shot	HIGH
DateTime Original	Exact second the photo was taken	MEDIUM
Camera Make/Model	What device took it	LOW
Camera Serial Number	Unique device identifier	MEDIUM
Lens Info	Lens model and focal length	LOW
Software	What was used to edit the photo	LOW
ISO, Aperture, Shutter	Exposure settings	NONE
Owner/Author Name	Real name if you set it	HIGH
Thumbnail	Mini preview of the photo (sometimes pre-edit)	MEDIUM

That last one is wild. The thumbnail field used to contain the unedited preview. So if you cropped a photo to remove your face, the thumbnail still showed your face. That's been mostly fixed in modern cameras and editing software but old photos still have the issue.

Real-world incidents

The McAfee case (2012)

Already mentioned. The most famous EXIF privacy disaster. A photographer accidentally exposed a wanted fugitive's location. The lesson: even pros sometimes forget to strip metadata before publishing.

OSINT and journalism

Open-source intelligence researchers regularly use EXIF for verification. In 2023, OSINT analysts traced a ransomware group's location to Kyiv via EXIF in a promotional screenshot, which contradicted their public claims of being elsewhere. According to research from the University of Texas, image metadata provides critical evidence in 89 percent of documented OSINT investigations.

The journalist safehouse leak (2022)

A journalist's safehouse location was inadvertently revealed when a video shared online had unredacted location metadata. The video had been stripped of identifying audio but the EXIF/file metadata was forgotten.

Real estate scams

Scammers running fake rental listings get caught when their photos contain GPS data showing the apartment is in a different city than advertised. EXIF reveals the lie before the deposit gets sent.

What major platforms do with your EXIF data

This is where it gets actually useful for everyday users:

Platform	Strips EXIF?	Watch out for
Instagram	Yes	None known
Facebook (posts)	Yes	Messenger varies
X (Twitter)	Yes	None known
WhatsApp (photos)	Yes	"Send as Document" preserves it
Telegram (compressed)	Yes	"Send as File" preserves it
iMessage	NO	Full EXIF preserved
Snapchat	Yes	None known
Discord	Mostly	PNG may retain some metadata
Reddit	Yes	External direct links may not
Email attachment	NO	Full EXIF preserved

The big takeaway: social media platforms protect you. Direct messaging apps mostly protect you (with some caveats). Email and file sharing services do not protect you. iMessage does not protect you. So the right thinking is: where does this photo end up? If it's a major social platform, you don't need to worry. If it's email, iMessage, or a file upload, you do.

How to check what's in your photo right now

Use an EXIF viewer. Our free EXIF viewer runs in your browser, shows everything in any image, and lets you strip the data with one click. No upload required, the image stays on your device.

On Mac: right-click the image, choose Get Info. Click "More Info." Most basic fields show there. For full EXIF, use Preview's Tools menu, then "Show Inspector," then the (i) tab.

On Windows: right-click → Properties → Details tab. Shows most fields. Right at the bottom there's a "Remove Properties and Personal Information" link, which strips them.

How to remove EXIF data, by device

iPhone (iOS)

Three options. From easiest to most thorough:

Per-photo: When sharing, tap "Options" at the top of the share sheet, toggle off "Location."
Globally: Settings → Privacy & Security → Location Services → Camera → Never. From now on, no photos get GPS.
Strip existing: Use the Shortcuts app and add the "Strip Image Metadata" action. Run it on photos to clean them.

Android

Stock Android: open photo in Google Photos → three-dot menu → Edit → save copy. Some Android skins (Samsung One UI, OnePlus OxygenOS) have a built-in "Remove Location Data" toggle in Gallery. Or use a free app like Scrambled Exif or Photo Exif Editor for one-tap stripping.

Mac

Open in Preview → Tools menu → Show Inspector → click the (i) icon → uncheck location and orientation as needed. Or use the Photos app's export with "Include all metadata" turned off.

For batch stripping, the command-line tool exiftool is the gold standard. Install via Homebrew (brew install exiftool), then run exiftool -all= folder/ to strip all metadata from every image in a folder.

Windows

Right-click → Properties → Details → "Remove Properties and Personal Information" at the bottom. Pick "Remove all" and Windows clones the file with metadata stripped, leaving the original intact.

Browser-based (any device)

Our EXIF viewer tool shows you what's in there, then strips it on click. Works on phones, tablets, computers. No install, no upload.

When you actually want to keep EXIF

EXIF isn't always bad. Photographers rely on it to track which lens they used, what settings worked, and when they took each shot. Catalog software like Lightroom uses EXIF to organize photos by date and camera. Real estate photographers use timestamps for proof of when the shoot happened.

For your personal archive, keep EXIF intact. Photos without metadata are way harder to organize. The rule is: keep it private, strip when sharing. Use a workflow that strips on export, not on the master file.

The lesser-known dangers

Photos taken indoors still have GPS

People assume GPS only works outdoors. Modern phones use a combination of GPS, WiFi triangulation, and cell tower data, so they get pretty accurate location even indoors. So a photo of your living room reveals your home address.

Edited photos may keep original metadata

Some editors clear metadata, some don't. Photoshop can be configured either way. Lightroom export has explicit options. Default phone editing apps usually keep EXIF intact. If privacy matters, verify with an EXIF viewer after editing.

Cloud sync remembers

Even if you strip a photo's EXIF on your phone, the version backed up to iCloud or Google Photos might still have the original metadata. Cloud services use it for "Photos near you" features and search.

The Wayback Machine and image search

Once a photo is online, it might be cached. Internet Archive and Google Image Search index images with their EXIF. Even if you delete the original post, cached versions may persist with metadata intact.

Practical privacy checklist

Disable photo location at the OS level if you don't actively want it.
Before sharing photos via email, iMessage, or file uploads, check or strip EXIF.
Trust major social media to strip on upload; don't trust direct messaging to do it.
Use a browser-based EXIF viewer to verify what got stripped.
For high-stakes situations (selling a house, posting from a sensitive location), strip metadata as a default.
Use exiftool for batch stripping when you have lots of photos.
Be aware that screenshots usually don't have EXIF (they're system-generated).

One more layer: filename clues

EXIF isn't the only metadata. The filename itself can leak info. iPhone defaults to "IMG_1234.HEIC" but some Android phones name files with timestamps and locations (like "20260502_Paris_142315.jpg"). Rename your files before sharing if the filename reveals more than you'd like.

For everyone reading this in 2026 and beyond

The honest reality is most casual sharing on major platforms is fine. Instagram strips your data. Discord strips most of it. WhatsApp does. The danger is in the gaps: iMessage, email, file shares, archive uploads. Be aware of which channel you're using and act accordingly.

And if you're ever curious what's in a photo, run it through our EXIF viewer. It's free, it's instant, and the photo never leaves your device. You'll either confirm everything's clean or you'll see something that makes you go "oh." Both outcomes are useful.

Check (and Strip) Your Photo's EXIF Data

Drop any photo into our free EXIF viewer. See every hidden field, then strip it with one click. No upload, runs in your browser.

Open EXIF Viewer →