When you upload images or files, metadata may be removed by a web service or browser-side function.
On social media and messaging apps, location information and some data may be removed during upload.
However, it is dangerous to think, "I uploaded it through the browser, so it is safe" or "the social media service will remove it automatically, so it is fine."
Which information is removed and which information remains depends on the service, file format, settings, and conversion process.
This article separates information that browsers and web services can remove from information that should be checked with local tools.
What browser-side or service-side removal means
When you upload an image or video to a web service, the service may recompress the file, resize it, or remove some metadata.
This is done for reasons such as reducing storage size, optimizing display, protecting privacy, and improving security.
Processing
What happens
Caution
Recompression
Reduces the size of images or videos
Some metadata may disappear
Resizing
Converts the file to a display size
It becomes a separate file from the original image
EXIF removal
Removes GPS and capture information
Not every field is necessarily removed
Format conversion
Converts to another format
New metadata may be attached
Preview generation
Creates thumbnails
The original file may be stored separately
The problem is that users cannot fully verify the processing details.
What a service removes changes depending on public information, settings, and implementation changes.
The danger of relying only on the browser side
When you leave this to the browser or a web service, control over verification moves to the service side.
When anonymity matters, this is a major problem.
Risk
Explanation
The removal scope is unclear
Users have difficulty checking which tags remain
You hand it over at upload time
The original file before removal reaches the service side
Processing changes
Service specification changes can change the result
File formats differ
Data may be removed from images but remain in PDFs or videos
Visible clues remain
Backgrounds, reflections, text, and voices are not removed
The especially important point is that you are uploading the file before removal.
Even if metadata is removed by the time of publication, the service side may already have received the file before processing.
For high-risk files, check locally before upload.
Separate low risk from high risk
Not every post needs the same level of checking.
Everyday photo sharing and reporting materials or whistleblowing materials require different levels of caution.
Situation
How to think about it
Everyday low-risk posts
Service-side automatic removal may be enough in some cases, but check places and faces
Anonymous account posts
Check metadata and background before upload
Materials related to a workplace or school
Check creator, organization name, and edit history locally
Reporting or whistleblowing materials
Always check locally before uploading to an external service
Activity or on-site photos
Check participants and backgrounds, not only metadata
What matters under the writing rules is not to scare people excessively.
It is to decide how far to check based on the situation.
Why local tools matter
Using local tools lets you check files before handing them to an external service.
ExifTool is a representative tool often used for checking metadata.
The advantage of local checking is that the act of checking itself is not handed to an external service.
Advantage
Explanation
You can check before external upload
You can decide before handing the original file to the service
You can compare before and after removal
You can confirm what disappeared
You can check multiple formats
You can inspect images, PDFs, audio, video, and similar files
You can recheck the processing result yourself
You are not leaving it entirely to the service
However, local tools are not all-powerful.
If the device itself is managed, or if you are working in a cloud-synced folder, other records remain.
What can and cannot be removed
A common source of confusion in metadata removal is the difference between information inside the file and information in its appearance or content.
Type
How to remove or check it
Example
Metadata inside the file
Tools may be able to check and remove it
GPS, creation date and time, creator, app name
Filename
Change it manually
Real name, project/case name, place name
Image appearance
Check visually
Background, reflections, signs, name tags
Audio or video content
Watch or listen to check
Voice, environmental sound, announcements
Transmission path logs
Treat as a separate issue
Upload time, IP, account
Separate information that tools can remove from information that tools cannot remove.
Even if you remove GPS with ExifTool, it is meaningless if an address appears in the photo background.
Even if a social media service removes EXIF, the posting account and posting time remain.
In what order to check
When handling a high-risk file, check it in the following order.
Order
Task
Reason
1
Copy the original file
Separate the original from the public copy
2
View metadata locally
Understand the risk before upload
3
Perform necessary removal or regeneration
Create the file for publication
4
Recheck after removal
Inspect the processing result
5
Check appearance and content
Look at backgrounds, reflections, writing style, and audio
6
Upload last
Finish judging before handing it to the service
Treat service-side removal functions as a final aid.
It is important not to leave this to the service side from the start.
It may be too late after handing it to the service
Even if removal happens in the browser, if the design sends the original file to the service before processing, the original file has already been sent outside your control once.
This relates to the trust model for anonymity.
Stage
Trusted party
Caution
Local check
Your own device environment
The device and storage location need to be safe enough for the risk
Upload
Web service operator
The original file and access logs may be handed over
After publication
Viewers, search engines, archives
Copies and saves can spread
Removal request
Service operator
Removal scope and retention period depend on the operator
For this reason, with high-risk files, think not only about "whether it disappears at publication" but also about "who receives it before it disappears."
Summary
Browsers and web services may remove some metadata during upload.
However, the removal scope differs by service and format, and users cannot always verify it completely.
Also, once you hand the original file before removal to the service, a new trusted party is created.
For files where anonymity matters, check locally before upload.
Use local tools such as ExifTool to view metadata, recheck after removal, and also check backgrounds, reflections, audio, filenames, and transmission paths.
Browser-side removal is convenient, but it is not something to entrust anonymity to completely.
Related tools
WebRTC Leak Test
BrowserLeaks WebRTC
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.