PrivacyMay 30, 20266 min read

What Your Photos Reveal: Metadata, EXIF, and Location Data

By Scott Anderson, Clearfront maintainer

Every photo you take can carry hidden data: where it was taken, when, and on what device. That metadata, called EXIF, can hand a stranger your home address from a single image. Here is what your photos reveal, whether posting them is safe, and how to strip it.

What does photo metadata reveal about you?

A photo's EXIF metadata can include the GPS coordinates where it was taken, the date and time, and the exact device and settings used. If location was on when you took it, the photo may pin your home, workplace, or school.

EXIF, short for exchangeable image file format, is hidden data your camera or phone embeds automatically. Most of the time you never see it. But it travels with the file, and anyone who gets the original can read it. The FBI has warned the public about exactly this: a photo shared with intact GPS data can give away where you live.

Do social media platforms remove metadata?

Mostly, yes. Facebook, Instagram, and X strip EXIF, including GPS, from photos posted to public feeds. But that does not cover every way you share a photo.

This is the part people get wrong. Stripping happens on the public post. The original file you email, upload to cloud storage, sell on a marketplace, or send as a document in a messaging app often keeps its full metadata. WhatsApp strips it from a normal photo but can preserve it if you send the image as a document. And a platform removing metadata from the copy others download does not mean it did not read and store yours.

The safe rule, which the EFF, the FBI, and privacy tools all agree on: do not rely on platforms. Strip the metadata yourself before you share.

How to see and remove EXIF data

  • -Windows: right-click the photo, Properties, Details, then Remove Properties and Personal Information
  • -macOS: open in Preview, open the Inspector, and remove the location under the GPS tab
  • -iPhone: in Photos, use the share sheet Options to turn off Location before sending
  • -Any platform: exiftool, the standard command-line tool, views and strips metadata precisely and in bulk

A quick trick worth knowing: taking a screenshot of a photo creates a new file with no original EXIF, which is a fast way to share an image without its metadata.

The bigger picture

Metadata is one quiet thread in your footprint, and stripping it is a five-second habit that closes a real exposure.

A photo with GPS data is exactly the kind of thing an investigator or a stalker uses to turn an online identity into a physical location. Cutting it is part of reducing your overall footprint, covered in how to reduce your digital footprint, and it pairs with locking down the photos that face-search engines can crawl, in is your face searchable.

Frequently asked questions

Can someone find my home address from a photo?
Yes, if the photo still has its GPS EXIF data. That happens most often with original files shared by email, cloud storage, or as a document, rather than photos posted to a public social feed, which are usually stripped.
Does Instagram remove EXIF data?
Yes, from photos posted to your public feed. But do not rely on it for images shared other ways, and remember the platform may still read your metadata even when it removes it from the public copy.
How do I remove location data from a photo?
On iPhone, use the share sheet Options to turn off Location. On Windows, use Properties, Details, Remove Properties and Personal Information. For bulk or precise control, use exiftool. A screenshot also drops the original metadata.

Scott Anderson believes your personal data is yours to own and protect. He built Clearfront, a free, open-source tool for scanning and scrubbing your own digital footprint from public data, and he writes about OSINT, breach exposure, and personal privacy.