I've seen a lot of concern online recently about the possibility of people tracking your physical location using the pictures you post online. This is made possible through the act of Geotagging and the EXIF data stored in images, but what's the real risk and real problem?
EXIF data, simply put, is information that can be stored in an image file other than the picture itself. This can include the date and time it was taken, the make and model of the camera (or phone) and importantly the location the image was taken. With almost all modern day smart-phones having GPS or location based services, the ability to include a Geotag (the location the picture was taken) in an image is quite widespread.
Microsoft Pro Photo will let you view, edit and delete EXIF Data, also referred to as metadata.
A lot of the concern online in news articles, blog posts and discussions on social media sites revolves around parents using their smartphones to take pictures of their children that are then posted somewhere on the Internet. Armed with this image an unfavourable person could identify the location the image was taken and then go there. Now, there are quite a few components that make up this scenario so I'm going to break them down.
EXIF Data and Geotagging
Whilst it is true that almost any modern phone can include a Geotag in a photo , it's worth noting that none of them do this by default. This is an option that must be enabled by the user! The chances are most people were prompted about this at some point and that's generally when you first set the pone up or first use the camera. It seems a lot of people online report they either simply hit the accept/yes button without fully reading or understanding the prompt or just hit the button out of habit without actually reading what it said at all.
Even if you cast aside the Geotag in the image and any other data along with it, there's still another problem here that's worse in my opinion. Why does this unfavourable person have access to this image in the first place? If the image has been posted to a social media site, or any other site, where the user has no privacy controls setup then there's far more to worry about here than the EXIF data of one picture. They could have access to your name, address, home town, places you check in and more without even needing to look into the hidden EXIF data of a picture. The overriding concern here is that the user hasn't properly looked after their online privacy and made these images available to people who shouldn't have access. Even with all the EXIF data in the world, if the privacy of the image is assured, then most of the risk is mitigated.
How To Protect Your Images
There are 2 ways you can easily tackle this problem and most argue the obvious one is to disable Geotagging on your phone. This would prevent someone from being able to access the location the picture was taken that's stored in the EXIF data and make you safe, right? Wrong! Well, probably. The chances are wherever you were uploading the photo to has more information than just a photo and nothing else. If you upload a picture of you and the kids at the local park and insert a caption stating as much, the removal of the EXIF data really does little to prevent anyone finding out where you were. The key here is making the images private which is the second method of tackling the issue. For a site such as Facebook you can view my previous posts on Facebook Privacy HERE and HERE. Almost all popular websites have some form of privacy control, and if they don't, the simple solution is not to publish your private data to them. By blocking access for people who you wouldn't want to have access, whether or not the Geotag is present in the image, they won't have access to view it either way.
On Android, open your camera, open the settings menu using either the hardware menu button or on screen button, select options and then find the option related to Geotagging or storing location data and turn it off.
On iPhone, open your settings menu, go to Privacy, then to Location Services and ensure Camera is set to off.
Tackling The Issue On A Large Scale
Some of the larger online social media sites like Facebook and Twitter automatically remove all EXIF data from the images you upload. If you want you can tag the post or image with your location, much like checking in somewhere, but otherwise none of the EXIF data survives the upload process. Google+ also offers users the ability to restrict access to EXIF data cross all of your images. This goes a long way to mitigating the problem as those 3 sites probably represent the largest collection of personal images in existence. However, it's still worth considering whether or not you want the information stored in images you may post to other websites or send via other means such as email or messaging app.
In closing I think the real solution here is a greater understanding of online privacy and technology in general. So often I see users who say they didn't understand the prompt or just hit OK to get it out of the way. With the relentless march of technology showing no signs of slowing, users need to start understanding the very basics or accepting the inevitable consequences. Using a tool as powerful as a smartphone without the proper knowledge can and is resulting in undesired outcomes.
* Tips *
- If you don't know what a prompt or warning on your phone means try typing it in Google. You can usually get an explanation of exactly what it's asking for and then select yes or no accordingly. If you're not sure the best bet is always to press no or cancel. Feel free to ask in the comments below if you need help!
- Check your privacy settings on social media sites. They can usually be found somewhere in the account section or settings section and should be restricted to only the people you feel comfortable sharing with.
- Share this blog with friends and family to make sure they are aware of the risk and can take steps to protect themselves if needed. https://scotthel.me/geotagging
Short URL: https://scotthel.me/Geotagging