Your Digital Photos Can Reveal Information About You

VTECH
HackerNoon.com

--

There is a saying that a “picture is worth a thousand words.” It was supposed to mean that an image can tell a story about the subject or about the picture. Our photos bring back memories that in itself tells us a lot about what we are viewing. In the age of digital photography that is so true because an image taken with a digital camera records information about the image as well. The problem is that the information is not only viewable to the user, but to everyone else as well. It may seem harmless at first, but so much information can be revealed by a photo once it is uploaded on the Internet to photo sharing websites, social media apps and blogs.

Photos are commonly uploaded to social media, websites and image sharing apps. The images can reveal information not just about the image, but even about the user. (Photo Credit: Vicente Tabora Photography)

To those not aware, the format used to record image information is called the Exchangeable Image File Format or EXIF. This contains information called “metadata” that describes data about the data. This data pertains to specific details that are often set by the camera vendor. This includes information like camera model, white balance, ISO, aperture, shutter speed, photo editing software used on the image, etc. Other common information that is recorded are the timestamp (date and time), image resolution, file name and file size among others. It can also be user definable to include such information as geographic location of an image, temperature, name of the photographer and even the exact coordinates for a GPS location. Users can also set their information to not be recorded or stored with the image (camera dependent). This metadata is used by image organization software to archive images and allow photographers to sort their images in a database management system.

Example of EXIF data revealing information about the camera used to take an image.

One concern users may have is geo-tagging or geo-location recording on an image. This is done by smartphone apps on social media which automatically use your GPS coordinates to identify the location where the photo was taken. Usually an app will ask permission from the user to allow tagging of photo locations.

An example of geo tagging from an app. (Source: Paintshop Pro)

Here are some sensitive issues with having EXIF data:

  • It can reveal original thumbnail of an image. Edited adult images, which may include nudity that has been covered up or retouched may still show the original thumbnail image due to EXIF data.
  • Geo tags can reveal the actual location of a person using GPS coordinates. Definitely not for people who are trying to lay low from whoever.
  • It reveals the exact details of the shot like time and date. If you make claims other than that, then the EXIF data can disprove you.
  • Comments will appear and can be read. If you write anything negative on the comments field, other people can read it as well.
  • If you don’t intend to be contacted, do not include your number with the image as metadata. The same for home address if you don’t want strangers coming to the door.

EXIF information can be deleted, and that is often the case when uploading a copy of the image. Sites like Facebook actually strip the EXIF metadata off the image. However, other sites may not do so, especially on photo sharing websites. You can see which EXIF information is stored in your image by right-clicking it and then selecting “Properties” for Windows or “Get Info” for Mac users. Preventing too much data from being recorded can be done on the device that is taking the image i.e. camera. There are settings on DSLR and even smartphone cameras that can disable certain metadata from being recorded with your images (refer to your device manual or website for more info).

EXIF information displayed by right-clicking a photo image in Windows is displayed in the “Details” tab. Notice the information shown. This is the metadata and if you scroll down you will see more. There is an option at the bottom of the tab that says “Remove Properties and Personal Information”. This allows you to delete the EXIF data before uploading a file for public sites.

Here is a link for Windows users from Symantec, a cybersecurity and antivirus vendor, on how to remove EXIF data (this is just one source of information, but a search engine can reveal more):

For Mac users, here is a link for EXIF data removal from OSX Daily:

FYI: You can also use image editing software like Photoshop to completely remove EXIF data. Refer to your software documentation for more details.

It doesn’t end with just removing the metadata though. Once your images are on the Internet there are other ways it can reveal information.

On social media, your identity can be easily revealed when a friend tags your photo. For most people this is not an issue, they do appreciate being tagged because it is their friend. However, some apps are using AI to identify you in photos that your friend didn’t take. It can be creepy, but it is good to be aware that apps like Facebook have developed algorithms that are intelligent enough to know who is in an image. This is called “face recognition” and it is now used to make suggestions on who to tag when photos are uploaded.

Social media apps like Facebook have face recognition features that can identify users. (Source: CityNews Toronto)

The developments in AI and more powerful hardware are enabling a new class of devices that are intelligent. An example of how top tech companies are doing this can be seen in smartphones. Google, a primary mover in AI software, incorporated this in their Pixel smartphones. This makes use of the Lens app to identify objects by taking its picture. Likewise, the idea that the camera is intelligent enough that it can even identify a person by taking a photo of their face is a serious concern. Just imagine finding out a person’s name by taking a photo. This is definitely an ethical issue, and one that can be considered a violation of privacy.

AI (Artificial Intelligence) capable apps will have features similar to that above.

Google also uses the cloud to analyze data, including images. They developed the Cloud Vision API for content analysis which developers can use for their apps. Among its features are label detection (identifying what is in the image), knowledge graph (web search information about the image), OCR or optical character recognition (app can identify text in an image) and even explicit content detection (porn or inappropriate content for viewing). These are all part of insight gathering using data analytics.

Examples of Google Cloud Vision API (Source: Google)

As our world becomes more digitized, so too will our lifestyle. The fact that devices can store information about the photos we take requires some caution on the part of users. If the information is general, it can be harmless. The problem is if the information is too personal, which is why users should be careful what they post on the Internet. Personal information made public is really the user’s fault. Before making any information available on the Internet, double-check or verify if you don’t want it public to make sure that it is only seen by those you grant permission to. It is not even wise to put information like social security number or bank account information on your online user profile if it is just for social media purposes. If you don’t want to share your location information, simply don’t check in on social media or disable automatic check-in features when posting photos.

An important thing to consider is to be cautious about what user defined EXIF data you include with an image. Never put information that may be too sensitive about you or the image. Phone numbers and home address may not be included, unless it is for business.

With intelligent apps, gathering information about images becomes easier. Depending on how it is used, it can either be to supplement a curious person or worse to feed data to a bad actor. Sometimes we may not be aware of what our devices are doing, so always have prior knowledge as much as possible of how your devices share and store information about your images.

--

--

VTECH
HackerNoon.com

Blockchain, AI, DevOps, Cybersecurity, Software Development, Engineering, Photography, Technology