Removing JPEG Metadata the Right Way


JPEG is a very popular image file format, often used for photos taken by digital cameras and smartphones. JPEG files can have the following extensions: .jpeg, .jpg, and .jfif.

JPEG photos are commonly shared with others, however this presents with serious privacy dangers, as potentially privacy-compromising hidden data & metadata is usually embedded in the JPEG file.

This paper discusses these privacy dangers and the best solution for avoiding them, which is to use a dedicated offline JPEG metadata remover, capable of thoroughly and permanently removing all JPEG metadata as an image lossless operation on the local computer, without re-compressing the image data, and while persevering the image quality. One such free software for Windows® is BatchPurifier LITE™.


Contents



Privacy Dangers of JPEG Metadata

JPEG image files can contain a wealth of potentially privacy-compromising hidden metadata. Some is automatically added by the camera and some could be manually added by users. Removing metadata from JPEG image files before posting them on the web, emailing them, or otherwise sharing them with others is important for preventing sensitive data leakage, including personally identifying information such as the photographer's name and home coordinates.

Furthermore, a hidden thumbnail of the photo often exist in the JPEG file, and many image manipulation software fail to update this thumbnail when the original photo is modified. So even if the photo was cropped, blurred, or otherwise modified to hide certain parts in it, the removed parts may still be visible in the thumbnail. The hidden thumbnail is automatically created by the camera and embedded in the file for the purpose of showing a quick preview of the photo on the camera's screen. It can be easily extracted and viewed with a special software.

One famous case where a JPEG thumbnail has compromised ones privacy is of Cat Schwartz, an American television personality that have published in her personal blog two JPEG photos of her. The photos were cropped, but hidden thumbnails of the original photos that remained in the files showed her bared breasts.

Other information that exist in JPEG metadata and seems innocent at first glance can help in some circumstances to identify a person, if combined with other information. For example, camera and lens unique serial numbers that exist in JPEG metadata can be used to trace two photos to the same photographer. If, for example, the photographer has published one photo in an online message board under his real name, and then later published another photo under a pseudonym, it'll be possible to identify the person behind the pseudonym.

Even the date and time information of when the photo was taken can be used to identify the photographer. If, for example, the photo was taken in a known public place, with surveillance camera in place, the footage from the date and time the photo was taken, showing the photographer, can be used to identify him.

the following hypothetical scenarios demonstrate how harmful can JPEG hidden data & metadata be:

JPEG hidden data risks exemplified

Common types of potentially privacy-compromising JPEG metadata are Exif, (Exchangeable image file format) IPTC Information Interchange Model, (IIM) XMP, (Extensible Metadata Platform) C2PA metadata, and comments. Various cameras and software applications also automatically add to JPEG files other, non-standard, proprietary hidden data.

The integral File Properties Viewer of Windows®, that can be accessed by right-clicking on any file and selecting "Properties" from the context menu, and then selecting the "Details" tab, can only show a limited number of JPEG metadata elements, and therefore should not be relied upon to asses the risk involved in sharing JPEG files.

Nowadays, some of the popular social networks websites automatically remove some or all metadata from uploaded photos. However, it is still best practice to always remove metadata from JPEG files before sharing them, since not all websites remove metadata, not all metadata is always removed, and even if certain websites remove metadata from published photos, they may still retain the metadata in their internal databases for profiling and tracking their users and for marketing purposes, which might also be undesirable for many.

There are three methods for removing JPEG metadata, but only one is recommended.

[Back to Contents]

The Bad Ways to Remove JPEG Metadata

Two bad methods often used by novice users to remove JPEG metadata are:

  1. Converting the JPEG file to another image format that cannot have metadata, such as BMP, and then converting it back to JPEG, which has a smaller file size and is better suited for web and email.

    Note that converting the JPEG file to an image format that can hold metadata, such as PNG, and then converting it back to JPEG, could pass through the metadata back and forth, if the converting software supports that.
  2. Creating a new image file in an image editing software and copying and pasting the original image to the newly created file. The copying of the image can also be done by taking a screenshot of the original image using the Print Screen keyboard button or using a screen capturing software.

The above two methods will allow to effectively get rid of JPEG metadata in the original file, but they present with three problems:

  1. They could introduce new harmful metadata to the new files
  2. They will inevitably degrade the image quality, since JPEG is a lossy image compression algorithm, meaning every time the image is re-compressed, some image data will permanently be discarded and the image quality will be irreversibly reduced further as a result. The loss of quality can manifest as undesirable visible distortion artifacts such as color shift, blockiness, and banding, even with quality level set to 100% at re-compression.
  3. They are rather cumbersome and tedious methods, especially when have to be done often or for multiple files at once

In recent years, several dedicated JPEG metadata removers have been created by several developers, both offline applications and online web services that can be accessed by any web browser and are often free.

Using online metadata removers is generally slower than using offline applications, since they require uploading the files to the server, waiting for their cleaning, and then downloading the cleaned files. They are also generally less comfortable to use, especially for cleaning multiple files at once. When using an online service, it is also important to make sure it is secure and trustworthy, and will not misuse uploaded images in a way that will compromise the user's privacy. Offline applications that run on the local computer are therefore preferable.

Windows® 11 comes with an integral metadata remover that supports few file formats, including JPEG - the "Remove Properties and Personal Information" feature. However this tool is not suitable for the task since it supports the removal of only a limited number of properties, leaving behind in the file a wealth of metadata, including the camera unique serial number and the dreadful thumbnail that may still include parts of the image that has been erased. A reliable third-party tool is therefore essential.

[Back to Contents]

The Best Way to Remove JPEG Metadata

The best way to remove metadata from JPEG files is to use a dedicated offline JPEG metadata remover. Such software, if designed properly, will thoroughly and permanently remove all JPEG metadata as an image lossless operation on the local computer, without re-compressing the image data, and while persevering the image quality.

BatchPurifier LITE™ is a freeware for Windows® that can thoroughly, permanently, and quickly remove all metadata from multiple JPEG files at once, while keeping the JPEG images intact and without degrading their quality. BatchPurifier LITE™ has a very simple & straightforward wizard-like graphical user interface, (GUI) that guides the user through the steps required to easily remove hidden metadata from multiple photo files in different folders at once.

[Back to Contents]

Related White Papers