Removing JPEG Metadata the Right Way



Contents

Privacy Implications of JPEG Metadata

JPEG image files can contain a wealth of potentially privacy-compromising hidden metadata. Some is automatically added by the camera and some could be manually added by users. Removing metadata from JPEG image files before posting them on the web, emailing them, or otherwise sharing them with others is important for preventing sensitive data leakage, including personally identifying information such as the photographer's name and home coordinates.

Furthermore, a hidden thumbnail of the picture often exist in the JPEG file, and many image manipulation software fail to update this thumbnail when the original picture is modified. So even if the picture was cropped, blurred, or otherwise modified to hide certain parts in it, the removed parts may still be visible in the thumbnail. The hidden thumbnail is automatically created by the camera and embedded in the file for the purpose of showing a quick preview of the picture on the camera's screen. It can be easily extracted and viewed with a special software.

One famous case where a JPEG thumbnail has compromised ones privacy is of Cat Schwartz, an American television personality that have published in her personal blog two JPEG pictures of her. The pictures were cropped, but hidden thumbnails of the original pictures that remained in the files showed her bared breasts.

Other information that exist in JPEG metadata and seems innocent at first glance can help in some circumstances to identify a person, if combined with other information. For example, camera and lens unique serial numbers that exist in JPEG metadata can be used to trace two pictures to the same photographer. If, for example, the photographer has published one picture in an online message board under his real name, and then later published another picture under a pseudonym, it'll be possible to identify the person behind the pseudonym.

Even the date and time information of when the picture was taken can be used to identify the photographer. If, for example, the picture was taken in a known public place, with surveillance camera in place, the footage from the date and time the picture was taken, showing the photographer, can be used to identify him.

the following hypothetical scenarios demonstrate how harmful can JPEG hidden data & metadata be:

JPEG hidden data risks exemplified

Common types of potentially privacy-compromising JPEG metadata are Exif, (Exchangeable image file format) IPTC Information Interchange Model, (IIM) XMP, (Extensible Metadata Platform) and comments. Various cameras and software applications also automatically add to JPEG files other, non-standard, proprietary hidden data.

The integral File Properties Viewer of Windows, that can be accessed by right-clicking on any file and selecting "Properties" from the context menu, and then selecting the "Details" tab, can only show a limited number of JPEG metadata elements, and therefore should not be relied upon to asses the risk involved in sharing JPEG files.

Nowadays, some of the popular social networks websites automatically remove some or all metadata from uploaded pictures. However, it is still best practice to always remove metadata from JPEG files before sharing them, since not all websites remove metadata, not all metadata is always removed, and even if certain websites remove metadata from published photos, they may still retain the metadata in their internal databases for profiling and tracking their users and for marketing purposes, which might also be undesirable for many.

There are three methods for removing JPEG metadata, but only one is recommended.

[Back to Contents]

The Bad Ways to Remove JPEG Metadata

Two bad methods often used by novice users to remove JPEG metadata are:

  1. Converting the JPEG file to another image format that cannot have metadata, such as BMP, and then converting it back to JPEG, which has a smaller file size and is better suited for web and email.

    Note that converting the JPEG file to an image format that can hold metadata, such as PNG, and then converting it back to JPEG, could pass through the metadata back and forth, if the converting software supports that.
  2. Creating a new image file in an image editing software and copying and pasting the original image to the newly created file. The copying of the image can also be done by taking a screenshot of the original image using the Print Screen keyboard button or using a screen capturing software.

The above two methods will allow to effectively get rid of JPEG metadata in the original file, but they present with two problems:

  1. They could introduce new harmful metadata to the new files
  2. They are rather cumbersome and tedious methods, especially when have to be done often or for multiple files at once

In recent years, several dedicated JPEG metadata removers have been created by several developers, both offline applications and online web services that can be accessed by any web browser and are often free.

Using online metadata removers is generally slower than using offline applications, since they require uploading the files to the server, waiting for their cleaning, and then downloading the cleaned files. They are also generally less comfortable to use, especially for cleaning multiple files at once. When using an online service, it is also imperative to make sure it is secure and trustworthy, and will not misuse uploaded images in a way that will compromise the user's privacy. Offline applications that run on the local computer are therefore preferable.

Windows® 11 comes with an integral metadata remover that supports few file formats, including JPEG - the Remove Properties and Personal Information feature. However this tool is not suitable for the task since it supports the removal of only a limited number of properties, leaving behind in the file a wealth of metadata, including the camera unique serial number and the dreadful thumbnail that may still include parts of the image that has been erased. A reliable third-party tool is therefore essential.

[Back to Contents]

The Best Way to Remove JPEG Metadata

The best way to remove metadata from JPEG files is to use a dedicated offline JPEG metadata remover. Such software, if designed properly, will thoroughly and permanently remove all JPEG metadata as a lossless operation on the local computer, without re-compressing the image data, and while persevering the image quality.

BatchPurifier LITE™ is a freeware for Windows that can thoroughly, permanently, and quickly remove all metadata from multiple JPEG files at once, while keeping the JPEG images intact and without degrading their quality.

[Back to Contents]

Related White Papers