What to check before transferring files anonymously

Publishing workflow

What to check before transferring files anonymously

When you transfer a file anonymously, checking only the visible text is not enough.

Filenames, metadata, creator information, edit history, shared links, upload destinations, and owner names shown to the recipient. Surrounding information like this can show the source or creation environment.

Especially in source protection, whistleblowing, and sharing materials for an activity, the act of transferring a file itself becomes high risk. That is because a file may carry not only its content, but also its creation process and sharing route.

This article organizes the flow to check before transferring files anonymously.

First, do not transfer the original file directly

The first principle is not to transfer the original file as-is.

Original files may retain creator names, edit history, comments, location information, shooting dates and times, cloud history, internal filenames, and other information. Also, original files may need to be kept for evidentiary value.

Create a copy for publication or submission, then inspect that copy.

File	Handling
Original file	Store in a safe place if needed
Check copy	Examine metadata and contents
Submission copy	Remove unnecessary information before transferring it
Record memo	Keep your own notes on what you changed

If you directly touch and overwrite the original file, you may not know later what was changed. For high-risk materials, handle the original and the submission copy separately.

Check the filename

The filename is the first visible clue.

It may contain a real name, company name, school name, project name, date, place, internal code, or serial number. Even if you remove text and metadata, the source may become known from the filename.

Filename element	Risk
Real name	Creator or person involved is directly known
Company name or school name	Affiliation becomes known
Project name	Internal material or related department is inferred
Date	Connects with activity time or material acquisition time
Serial number	The existence of other files is inferred

Change the filename to a short, general name. However, some formats retain change history or the original filename internally, so do not feel safe just because you fixed the filename.

Check metadata

Files retain information that does not appear visually.

For images, GPS, shooting date and time, and camera model. For PDFs, creator, creation software, annotations. For Office documents, change history, comments, company name, hidden sheets. For video and audio, shooting date and time, location information, tags, editing app.

Format	Information to check
Image	GPS, shooting date and time, camera model
PDF	Creator, annotations, embedded files
Office	Change history, comments, company name, hidden sheets
Video	Shooting date and time, location, device information, audio
Audio	ID3 tags, recording environment, background sound
Archive file	Internal filenames, folder names, unnecessary files

Local tools such as ExifTool can be used to check metadata across multiple formats.

ExifTool is a representative tool that can check and edit metadata in images, videos, documents, and other files on your own device. For files that require anonymity, it is important to have the option of checking locally first instead of uploading them to an online conversion site. URL : https://exiftool.org/

Even after checking with a tool, check again if you convert the file to another format. Conversion or editing can add new metadata.

Check the contents

Even if you remove metadata, anonymity becomes weaker if clues remain in the file contents.

Photo backgrounds, screen reflections, notifications, document edges, proper nouns in PDF text, video audio, Office comments, and folder names inside archive files. These remain even if a tool removes metadata.

Content clue	Example
Background	Building, sign, uniform, desk surface
Reflection	Face, device, room, photographer
Body text	Proper noun, department name, timeline
Audio	Voice, background sound, station or store sounds
Notification	Account name, contact, time

Before transferring a file anonymously, check it on the assumption that a third party will look at it for identification. Even a background that looks ordinary to you may reveal the place to someone who knows it.

Check the sharing route

How you transfer the file also matters.

If you use a real-name cloud, workplace account, personal email, or everyday messenger, your identity can appear from the sharing route rather than the file. In cloud sharing, the owner name, email address, profile image, viewing history, and edit history may be visible to the other person.

Sharing method	Caution
Real-name cloud	Owner name or email is visible
Workplace account	Affiliation and management logs remain
Personal email	Sender information connects
Social media DM	The other person can save or forward it
Anonymous submission form	File metadata still needs separate checking

Even if you prepare the file safely, anonymity breaks if you transfer it in the wrong place.

Think about after the file reaches the other person

After a file reaches the other person, you cannot control it yourself.

The other person may save it, forward it, take screenshots, upload it to another service, or analyze it. When thinking about anonymity, think as far as "what the other person can do after receiving it."

For high-risk information provision, before sending the file, check whether the other person is trustworthy, whether the destination has safe procedures, and whether the support contact is appropriate. Do not judge from the article alone. Consider experts or trustworthy support contacts as needed.

Common failures

Failures when transferring files anonymously are not only technical metadata.

Sending in a hurry. Using the cloud you usually use. Not checking the screen visible to the other person. These operational mistakes weaken anonymity.

Failure	What happens
Sending a real-name cloud link	Owner name or email is visible
Sending the original file as-is	Creator or edit history remains
Sending an unchecked screenshot	Notifications or account names appear
Not checking an archive file	Unnecessary files or folder names are mixed in
Deleting in a panic after sending	The other person's saving or forwarding cannot be stopped

Many failures can be prevented in the few minutes before sending. In file transfer, rushing is itself a risk.

Pre-send check

Check item	Reason
Are you not transferring the original file directly?	To protect the original and check it
Did you check the filename?	Prevent real names, organization names, and dates from appearing
Did you check metadata?	Check creator and location information
Did you check the contents?	Look at backgrounds, audio, and proper nouns
Did you check the sharing route?	Avoid real-name clouds and workplace accounts
Did you check the recipient-side display?	See whether owner name or email is visible

If any item remains undecided, do not rush to send it. File transfer is an action that is hard to take back after publication.

Summary

Before transferring files anonymously, check not only the visible text, but also filenames, metadata, contents, sharing routes, and recipient-side display.

Do not transfer the original file directly. Create a submission copy and inspect it by format. Even if you remove metadata, backgrounds, audio, proper nouns, notifications, and cloud owner names remain separately.

Transferring a file may carry not only the information itself, but also the creation environment and sharing route. In high-risk situations, do not rush. Check carefully, and consider a trustworthy support contact if needed.

Related tools

Metadata inspection

ExifTool

An external resource related to this article. Open it only when it fits your situation and threat model.