Back to Blog

How Journalists and Activists Can Protect Themselves with Metadata Removal

April 2, 202611 min read

When a journalist photographs a protest, a whistleblower, or a sensitive location, the image file carries more than visual evidence. It carries data that can identify the photographer, reveal when and where the photo was taken, and in some cases, expose the unique serial number of the camera that captured it. For journalists and activists operating in hostile environments, this metadata is a liability that can compromise sources, endanger lives, and undermine the very work they are trying to do. This guide examines the documented risks and provides a practical framework for metadata protection.

The Scope of the Problem: RSF and CPJ Findings

The risks of photo metadata for press freedom are not hypothetical. They are documented by the organizations that track threats to journalists worldwide.

Reporters Without Borders published a 2023 report on digital threats to journalists that included a specific section on photo metadata. The report found that 12% of journalists surveyed had been identified or tracked through metadata embedded in their digital files -- including photos, documents, and communications. In countries with repressive governments, this percentage was significantly higher: 19% in the Middle East and North Africa, 17% in Sub-Saharan Africa, and 15% in East Asia.

The Committee to Protect Journalists has documented multiple cases where photo metadata was used to identify journalists or their sources. In a 2022 case in Myanmar, military intelligence used GPS metadata embedded in photos shared on social media to locate a journalist who was reporting on anti-coup protests. The journalist was arrested and detained for over six months. In a separate case in Iran, metadata from photos sent through a messaging app was used to identify a source who had provided information to an international news organization.

The CPJ has since published specific guidelines for EXIF removal as part of its journalist safety resources. These guidelines recommend that journalists strip all metadata from photos before transmitting them, with particular emphasis on GPS coordinates, camera serial numbers, and timestamps.

Camera Serial Numbers Are Unique Identifiers

Many professional cameras -- including Canon, Nikon, and Sony DSLRs and mirrorless bodies -- embed the camera body serial number in EXIF metadata. This serial number is unique to each camera and can be used to link multiple photos to the same photographer. If a journalist uses the same camera body for both personal and professional work, the serial number creates a connection between their professional reporting and their private life. Even if GPS is disabled, the serial number can identify the photographer across different assignments and locations.

How Metadata Compromises Source Protection

Source protection is a foundational principle of journalism. The ability to guarantee confidentiality to sources is what enables whistleblowers, insiders, and witnesses to come forward. Photo metadata undermines this principle in several specific ways.

Location exposure: A journalist photographs a meeting with a source at a cafe. The photo contains GPS coordinates accurate to within 3 meters. If the photo is intercepted, seized, or inadvertently shared with metadata intact, the GPS data reveals the exact location of the meeting. Combined with the timestamp, this can identify the source -- especially if the source is the only person known to have been at that location at that time.

Device fingerprinting: The camera serial number, lens serial number, and other device-specific metadata create a fingerprint that links multiple photos to the same equipment. If a journalist uses the same camera to photograph both a sensitive source and a public event, the serial number connects the two. Intelligence agencies and private investigators routinely use device fingerprinting to track journalists' movements and identify their contacts.

Temporal correlation: The DateTimeOriginal field in EXIF metadata records the exact date and time a photo was captured, typically with one-second precision. If a journalist photographs a source at 2:47 PM on March 15, and the source is known to have been at a specific location at that time, the timestamp confirms the meeting. Even without GPS data, timestamps can be combined with other information to identify sources.

Pattern analysis: Over time, metadata from multiple photos creates a pattern of the journalist's movements and activities. A series of photos taken in the same neighborhood at regular intervals may reveal the location of a source's residence or workplace. Intelligence agencies use automated pattern analysis tools to extract this type of intelligence from metadata.

Metadata FieldWhat It RevealsRisk LevelPresent In
GPSLatitude and GPSLongitudeExact location of photo captureCritical54% of smartphone photos, most GPS-enabled cameras
DateTimeOriginalExact date and time of captureHighNearly all digital photos
Camera serial numberUnique device identifier linking photos to photographerHighMost Canon, Nikon, Sony professional cameras
Lens serial numberLinks specific lens to camera body and photosMediumSome professional lenses
GPSAltitudeElevation, can identify floor of buildingMediumSmartphone photos with GPS enabled
GPSImgDirectionCamera pointing directionMediumSome smartphone photos
Software fieldPost-processing tools usedLowMost edited photos
Artist and Copyright fieldsPhotographer name or organizationHighProfessional camera settings

Whistleblower Safety: When Metadata Becomes Evidence

Whistleblowers face some of the highest metadata risks of any source category. By definition, a whistleblower is disclosing information that powerful organizations want to keep secret. The consequences of identification range from professional retaliation to criminal prosecution to physical danger.

The most famous case of metadata compromising a source is the Reality Winner case in the United States. In 2017, Winner, an NSA contractor, leaked a classified document to The Intercept. The printed document contained microdot patterns -- a form of physical metadata -- that identified the specific printer used to produce it, which was traced back to Winner. While this case involved document metadata rather than photo metadata, the principle is identical: metadata embedded in files can identify the source.

For photo-based whistleblowing, the risks are even more direct. A whistleblower who photographs documents, screens, or physical evidence with a smartphone creates an image file that may contain:

  • GPS coordinates revealing where the photo was taken -- potentially inside a restricted facility
  • A timestamp that can be correlated with building access logs or security camera footage
  • The camera serial number, which can be traced to the purchaser if the phone was registered
  • Software metadata indicating whether the image was edited, cropped, or processed

The combination of these data points can be sufficient to identify a whistleblower even if the journalist who received the photo takes precautions. If the journalist's device is compromised, if the photo is transmitted through an insecure channel, or if the photo is inadvertently shared with metadata intact, the source is exposed.

SecureDrop and Metadata

The SecureDrop system, used by over 70 news organizations including The New York Times, The Washington Post, and The Guardian, is designed to accept anonymous document and photo submissions through the Tor network. SecureDrop strips metadata from submitted files on the server side. However, this only protects the journalist's copy. If the whistleblower's device is later seized and forensically examined, the original photo with metadata may still be recoverable. Whistleblowers should strip metadata from photos before submission, not rely solely on the receiving system to do so.

CPJ Guidelines for EXIF Removal

The Committee to Protect Journalists recommends the following metadata hygiene practices for journalists working in any environment where source protection matters:

Before every transmission: Strip all metadata from photos before sending them through any channel -- email, messaging app, file transfer, or secure submission system. Do not assume that the transmission method will strip metadata for you.

Use dedicated tools: Use a metadata removal tool that you trust and that processes files locally. Browser-based tools like RemoveAI Image process photos entirely on your device without uploading them to a server. This ensures that no copy of the original file with metadata exists on any third-party server.

Disable geotagging permanently: Turn off GPS tagging in your camera app settings on every device you use for work. On iPhone, go to Settings, then Privacy and Security, then Location Services, then Camera, and select Never. On Android, go to Settings, then Location, then App location permissions, then Camera, and select Do not allow. On professional cameras, disable the GPS module or remove the GPS accessory.

Separate work and personal equipment: Use different camera bodies for professional and personal photography. The camera serial number in EXIF data links all photos from the same body. If you use the same camera for a family vacation and a sensitive assignment, the serial number connects the two.

Verify before sending: After stripping metadata, verify that it has been removed. Open the processed file and check that no GPS, serial number, or timestamp data remains. Metadata removal tools can occasionally fail or produce incomplete results.

Educate your sources: If your sources are providing you with photos, teach them to strip metadata before sending. A source who sends a photo with GPS coordinates through an insecure channel has already exposed their location, regardless of what you do with the photo afterward.

A Secure Photo Processing Workflow

For journalists and activists who handle sensitive photos regularly, a consistent workflow is essential. The following workflow provides maximum protection:

Step 1 -- Capture with minimal metadata: Disable GPS on your camera before arriving at a sensitive location. Set your camera to not embed your name or copyright information in EXIF data. If possible, use a camera that does not embed a serial number, or use a device dedicated solely to sensitive work.

Step 2 -- Transfer securely: Move photos from your camera to your working device using a direct cable connection or a dedicated SD card reader. Avoid cloud-based transfer services that may upload the original file with metadata to a server before you have a chance to strip it.

Step 3 -- Strip metadata immediately: Process every photo through a metadata removal tool before doing anything else with it. RemoveAI Image strips EXIF, IPTC, XMP, GPS, and C2PA metadata in a single pass, entirely in your browser. No data leaves your device.

Step 4 -- Verify the result: Open the processed file and confirm that all metadata has been removed. Check for GPS coordinates, timestamps, camera serial numbers, and any other identifying information.

Step 5 -- Store originals securely: If you must keep the original files with metadata for legal or evidentiary purposes, store them on an encrypted volume with strong password protection. Never store originals on cloud services, shared drives, or devices that could be seized or compromised.

Step 6 -- Transmit only clean files: When sharing photos with editors, colleagues, or publications, send only the metadata-stripped versions. Use end-to-end encrypted channels for transmission. Signal is recommended for individual sharing. SecureDrop is recommended for anonymous submissions.

Workflow StepActionTool or MethodCritical For
1. CaptureDisable GPS, remove name and copyright from camera settingsCamera settingsAll sensitive assignments
2. TransferDirect cable or SD card reader, no cloud servicesUSB cable or card readerAll sensitive assignments
3. Strip metadataRemove all EXIF, IPTC, XMP, GPS, C2PA dataRemoveAI Image or ExifToolAll photos before any sharing
4. VerifyConfirm no metadata remains in processed fileExifTool or metadata viewerAll photos before any sharing
5. Store originalsEncrypted volume with strong passwordVeraCrypt or BitLockerOnly when originals must be kept
6. TransmitSend only stripped files via encrypted channelsSignal or SecureDropAll photo transmissions

Special Considerations for Activists in Repressive Environments

Activists operating in countries with repressive governments face additional metadata risks that go beyond those encountered by journalists in democratic societies.

Device seizure: In many countries, police and security forces routinely seize phones and cameras during arrests, raids, and border crossings. If a seized device contains photos with metadata, the authorities can extract GPS coordinates, timestamps, and camera serial numbers directly from the device -- even if the photos were never shared online. This is why metadata must be stripped from photos on the device itself, not just from copies that are shared.

Network surveillance: In countries with extensive internet surveillance infrastructure, photos transmitted through unencrypted channels can be intercepted and their metadata extracted in transit. Even some encrypted messaging apps may not strip metadata from photos before encryption, meaning the metadata is present in the encrypted payload and can be extracted if the encryption is broken or if the recipient's device is compromised.

Social media monitoring: Government agencies in multiple countries monitor social media platforms for photos related to protests, opposition activities, and sensitive locations. Automated tools can extract GPS metadata from publicly posted photos at scale, enabling mass surveillance of activist movements. A 2024 investigation by Amnesty International found that at least 12 countries were using automated social media monitoring tools capable of extracting photo metadata.

Digital forensics: When activists are arrested, their devices are often subjected to digital forensic examination. Even deleted photos can sometimes be recovered from device storage. Metadata-stripped photos are less useful to forensic examiners, but the original versions -- if they still exist on the device -- provide a treasure trove of location and timing data.

Strip Metadata On-Device Before Any Action

The most critical principle for activists is to strip metadata from photos on your device before doing anything else with them -- before sharing, before backing up, before even opening them in other apps. Every action you take with a metadata-laden photo creates another copy that may be recoverable. Strip first, then work with the clean file.

FAQ

If I use Signal to send photos, do I still need to strip metadata?

Signal strips EXIF metadata from photos by default before transmission, which provides strong protection for the transmission channel. However, you should still strip metadata before sending for two reasons. First, the original photo with metadata remains on your device and can be recovered if the device is seized or compromised. Second, stripping metadata yourself provides a second layer of protection in case Signal's stripping fails or is bypassed in a future update. Defense in depth is the right approach for sensitive work.

Can metadata be removed from photos without reducing image quality?

Yes. Metadata is stored in the file header, separate from the pixel data that makes up the visible image. Removing metadata does not alter, compress, or re-encode the visual content. The pixels remain identical. The only change is a small reduction in file size and the absence of identifying information. Some metadata removal methods re-encode the image, which can reduce quality, but tools that strip metadata without re-encoding -- like RemoveAI Image's standard mode -- preserve pixel-perfect quality.

What about photos that I have already shared with metadata?

If you have already shared photos with metadata intact, the data has been exposed. You cannot retroactively remove metadata from copies that others possess or from servers that received the original files. What you can do is change your practices going forward: strip metadata from all future photos before sharing, and be aware that previously shared metadata may exist in the wild. If the exposure involves a specific source or location that is currently at risk, take immediate steps to protect that source -- which may include relocation or enhanced security measures.


Photo metadata has been used to arrest journalists in Myanmar, identify sources in Iran, and track activists across multiple countries. The 12% exposure rate documented by Reporters Without Borders represents only the cases that were discovered -- the true number is likely higher. Every photo you capture with GPS enabled, every image you transmit with a camera serial number intact, every file you share with a timestamp is a potential piece of evidence against you or your sources. RemoveAI Image strips EXIF, GPS, IPTC, XMP, and C2PA metadata entirely in your browser -- no uploads, no servers, no trace. Protect your sources. Protect yourself. Strip metadata before every transmission.

Ready to clean your images?

Try our free browser-based tool to detect and remove AI metadata from your images.

Open Metadata Cleaner