A single photo got a source arrested.

The journalist never shared the photo publicly. It was in a folder on their laptop. The laptop was searched.

What EXIF data actually contains

Every photo taken with a smartphone or digital camera contains metadata embedded in the file itself. This is called EXIF data. It is not visible when you look at the photo. It travels with the file every time you send, share, or store it.

The fields that matter: GPS coordinates, accurate to within a few metres on modern smartphones, recording exactly where a photo was taken. Timestamp, recording when, down to the second. Device information, recording the make and model and sometimes the unique identifier of the device. If multiple photos from different devices share an overlapping time and location, you have placed two people in the same room at the same moment.

How it becomes evidence

The photo never needs to be publicly shared to become a problem. It needs to exist on a device or in a cloud backup that can be accessed through a legal request, a device seizure, or a border search. What forensic tools can extract from a seized device covers what gets pulled the moment custody changes hands. EXIF survives almost everything else.

A journalist photographs a document handed to them by a source. The photo ends up in their iCloud backup. iCloud is accessible under valid legal process in the US jurisdiction where Apple operates. The timestamp and GPS coordinates in that photo place the journalist, and by proximity the source, at a specific location at a specific time. That data exists regardless of whether the photo was ever sent to anyone.

A source photographs a document to send it securely. Their phone logs the GPS position at the moment the shutter fires. They send the image through an encrypted channel. The content of the message is protected. The metadata embedded in the file is not, unless it was stripped before sending.

What stripping metadata actually requires

Metadata does not disappear when you screenshot an image, edit it, or compress it. Standard iOS and Android screenshots strip GPS data by default but preserve device information and timestamp. Resizing an image in most apps preserves the full EXIF payload.

ExifTool is the standard tool. Free, runs on Windows, macOS, and Linux, processes individual files or entire directories in a single command. Signal has stripped location metadata from images sent through the app since 2017, but this does not help if the source’s photo was already associated with their identity in their camera roll or cloud backup before they sent it.

The gap between when a photo is taken and when it is sent is where most metadata exposure happens. The journalist who was arrested because of an email is the parallel case. Different file format, identical failure pattern.

The operational habit that closes the gap

The practical change is not technical. It is a decision made before the shutter fires.

For journalists documenting meetings or sensitive locations: consider whether the photo is necessary at all. If it is, take it with location services disabled at the device level, not just in the camera app. The OS-level setting is the one that counts.

For sources sending images of documents: a photo taken with location services fully disabled and run through ExifTool before sending removes the exposure. The full source-handling protocol is in how to communicate with confidential sources safely. The discipline is to prevent the original photo from existing in the first place. A file that was never created cannot be extracted from a seized device or pulled from a cloud backup.

Frequently asked questions

Does Signal remove EXIF data from photos?

Yes. Signal strips location metadata from images before transmission. The recipient does not receive the GPS coordinates embedded in the original file. The full comparison across encrypted apps sits in Signal versus ProtonMail versus Wire for source contact. Stripping behaviour is not universal. This does not protect the original file on the sender’s device or in their cloud backup.

How do I remove EXIF data from a photo?

ExifTool is the most reliable method across all platforms. On macOS and Linux, a single terminal command strips all metadata from a file. On mobile, Metapho on iOS and Photo Metadata Remover on Android allow review and removal before sharing.

Can metadata survive screenshots?

On iOS and Android, screenshots do not embed GPS coordinates by default. They do preserve device and timestamp information. Screenshots are not a reliable stripping method for all metadata categories.

Does iCloud Photos preserve EXIF data when syncing?

Yes. iCloud Photos preserves the full EXIF payload including GPS coordinates, timestamp and device identifiers across every synced device. A photo taken on an iPhone and accessed later through iCloud.com on a different machine carries the same metadata. Disabling location services at the OS level before the shutter fires is the only way to prevent GPS data from being recorded in the first place.

---

There’s no perfect setup. Anyone selling you perfect is selling fear. The goal is simple: make yourself a harder target than the person next to you.