File sharing happens frequently in anonymous activity.
Flyers, images, videos, statements, participation guides, name lists, venue maps, accounting materials, and recording data. When these are shared, information related to anonymity and participant safety moves with them.
Even if you think you shared anonymously, identity or relationships can become visible through filenames, creators, cloud accounts, sharing history, metadata, and contact syncing.
For file sharing, check not only the content but also the path.
Information left in files
Files retain information other than their contents.
For images, shooting time and location information can be a problem. For documents, creator and change history. For PDFs, annotations and creation software. For videos, audio and background.
In file checks, it is important not to judge only by extension. Even with the same PDF, the information that remains differs between a PDF made from an image, a PDF exported from an Office document, and a scanned PDF. Even with images, the points to check change between photos taken on a smartphone, screenshots, edited images, and images saved from social media.
Filenames are also easy to overlook. They may include not only direct names such as RealName_application.pdf, but also project names, department names, dates, event names, or device save paths. Check the filename visible to the recipient, folder names inside archive files, and display names in the cloud.
Risks of cloud sharing
Cloud sharing is convenient, but it requires caution for anonymous sharing used in activity.
Real-name accounts, owner names, sharing destinations, viewing history, edit history, and comments may be visible.
Cloud information
Risk
Owner name
A real name or everyday account is visible
Sharing destination
Who is connected to whom becomes visible
Viewing history
Who opened it and when remains
Edit history
Creators and collaborators become visible
Comments
Roles and internal conversations remain
The basic rule is not to send files you want to share anonymously from a cloud account tied to your real name.
In cloud sharing, people can see not only the file itself, but also surrounding information on the sharing page. This includes the owner's name, icon, email address, organization name, shared folder name, other files, comments, edit history, and viewing history. Even if you process a file for anonymous use, sharing it from a cloud account tied to your real name connects it through owner information.
Be especially careful with collaborative editing features. Who edited, when they edited, and which comments they left may remain in history. For activity documents, text before editing or deleted comments may also be visible.
Narrow the sharing recipients
In file sharing, limit who can view the file to the necessary range.
The "anyone with the link" setting is convenient, but once the link is forwarded, it becomes hard to control.
Setting
Caution
Anyone with the link
It spreads when forwarded
Can edit
The content can be rewritten
View only
Screenshots and saving are hard to stop
Link with no expiration
Reused later
Shared folder
Unrelated files may also be visible
After sharing, disable links that are no longer needed.
Shared links left after an event become a risk later.
Check sharing settings both before and after publication. Before sharing, look at who can view, who can edit, whether downloads are possible, and what happens if the link is forwarded. After sharing, disable links that are no longer needed, reduce sharing recipients, and organize old files.
Link disabling, folder organization, source data deletion
When resharing
Whether old links or old versions remain
Choose methods suited to anonymous sharing
When high anonymity is needed, consider methods designed with anonymity in mind instead of ordinary cloud sharing.
OnionShare is a tool that can be used for temporary file sharing and receiving through . It becomes a candidate when you want to avoid owner names and sharing history in a cloud account tied to your real name, but file contents, metadata, and how you pass the address to the other person still need to be checked separately. It is covered in more detail in another article.
However, even if you use OnionShare, file metadata and recipient-side handling still remain risks.
Check not only the tool, but also the file itself that you are sharing.
Tools such as OnionShare can be effective options when thinking about the sharing path. However, before using a tool, decide the purpose of sharing. The suitable method changes depending on whether you are sending to one person, distributing to multiple people, receiving from someone else, sharing temporarily, or storing long term.
The recipient's handling is also important in anonymous sharing. If the recipient reuploads the file to a cloud account tied to their real name, takes screenshots, forwards it without changing the filename, or keeps the source data, safety does not depend only on your side. File sharing connects the practices of the sender and the receiver.
Separate source data from the public version
For files used in activity, separate source data from the public version. Source data may retain edit history, layers, unprocessed faces, location information, internal comments, and creator information. In the public version, leave only the necessary content and check metadata, filenames, and background information.
If source data remains in a shared folder, the meaning of creating a processed version becomes weaker. Decide who holds the source data, where it is stored, when it is deleted, and who manages it if it is retained for evidence preservation.
Pre-sharing checklist
Before sharing files, check content, format, path, recipient, and period separately. If even one item remains vague when shared, it becomes hard to recover later.
Check item
What to look at
Content
Whether personal names, addresses, faces, internal information, or information about people involved remain
Metadata
Whether creator, shooting time, GPS, or edit history remain
Filename
Whether real names, department names, event names, or dates appear
Sharing path
Whether you are using a cloud account tied to your real name or an everyday account
Recipient
Whether it is set to reach only the necessary people
Sharing period
Whether you can disable the link after it is no longer needed
For important files, this check is worth doing with multiple people. The creator may be used to the background or filename and overlook dangerous information. However, increasing the number of reviewers also widens the sharing scope, so limit it to trusted people.
Summary
When sharing files anonymously, check file contents, filenames, metadata, sharing paths, and sharing recipients.
Images, videos, PDFs, Office documents, and archive files each have different clues.
In cloud sharing, owner names, sharing destinations, viewing history, edit history, and comments remain.
For anonymous sharing used in activity, it is important not to use a cloud account tied to your real name, to narrow sharing recipients, and to disable links that are no longer needed.
File sharing is an action that moves activity information and related people together.
Related tools
Metadata inspection
ExifTool
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.