A single photo got a source arrested. Here’s the metadata that did it.
Short answer
The image was not intercepted. It was not hacked out of a server. It was handed over voluntarily, as part of a routine document request. The GPS coordinates embedded in the file placed the source at a meeting they had denied attending.
The journalist never shared the photo publicly. It was in a folder on their laptop. The laptop was searched.
What EXIF data actually contains
Every photo taken with a smartphone or digital camera contains metadata embedded in the file itself. This is called EXIF data. It is not visible when you look at the photo. It travels with the file every time you send, share, or store it.
The fields that matter: GPS coordinates, accurate to within a few metres on modern smartphones, recording exactly where a photo was taken. Timestamp, recording when, down to the second. Device information, recording the make and model and sometimes the unique identifier of the device. If multiple photos from different devices share an overlapping time and location, you have placed two people in the same room at the same moment.
How it becomes evidence
The photo never needs to be publicly shared to become a problem. It needs to exist on a device or in a cloud backup that can be accessed through a legal request, a device seizure, or a border search.
A journalist photographs a document handed to them by a source. The photo ends up in their iCloud backup. iCloud is accessible under valid legal process in the US jurisdiction where Apple operates. The timestamp and GPS coordinates in that photo place the journalist, and by proximity the source, at a specific location at a specific time. That data exists regardless of whether the photo was ever sent to anyone.
A source photographs a document to send it securely. Their phone logs the GPS position at the moment the shutter fires. They send the image through an encrypted channel. The content of the message is protected. The metadata embedded in the file is not, unless it was stripped before sending.
What stripping metadata actually requires
Metadata does not disappear when you screenshot an image, edit it, or compress it. Standard iOS and Android screenshots strip GPS data by default but preserve device information and timestamp. Resizing an image in most apps preserves the full EXIF payload.
ExifTool is the standard tool. Free, runs on Windows, macOS, and Linux, processes individual files or entire directories in a single command. Signal has stripped location metadata from images sent through the app since 2017, but this does not help if the source’s photo was already associated with their identity in their camera roll or cloud backup before they sent it. (See: how a journalist was arrested because of an email.)
The gap between when a photo is taken and when it is sent is where most metadata exposure happens.
The operational habit that closes the gap
The practical change is not technical. It is a decision made before the shutter fires.
For journalists documenting meetings or sensitive locations: consider whether the photo is necessary at all. If it is, take it with location services disabled at the device level, not just in the camera app. The OS-level setting is the one that counts.
For sources sending images of documents: a photo taken with location services fully disabled and run through ExifTool before sending removes the exposure. The file that does not exist cannot be extracted. The photo that was never taken cannot place anyone anywhere. (See: what they can extract from a seized device in 6 hours.)
Frequently asked questions
Does Signal remove EXIF data from photos?
Yes. Signal strips location metadata from images before transmission. The recipient does not receive the GPS coordinates embedded in the original file. This does not protect the original file on the sender’s device or in their cloud backup.
How do I remove EXIF data from a photo?
ExifTool is the most reliable method across all platforms. On macOS and Linux, a single terminal command strips all metadata from a file. On mobile, Metapho on iOS and Photo Metadata Remover on Android allow review and removal before sharing.
Can metadata survive screenshots?
On iOS and Android, screenshots do not embed GPS coordinates by default. They do preserve device and timestamp information. Screenshots are not a reliable stripping method for all metadata categories.
There’s no perfect setup. Anyone selling you perfect is selling fear. The goal is simple: make yourself a harder target than the person next to you.