“A picture is worth a thousand words,” so the old adage goes. Today, with virtually all photos taken digitally and in higher quality, they hold more information than ever before.
There’s a lot that we can glean from photos at face value: Who’s in it, what’s happening, and where. But with photos taken at higher definition, and on devices that track your location, people can learn more about your photo—and you—than perhaps you might want them to.
What can people find out from your photos?
Last year we wrote about a data experiment in which millions of cat images on hosting sites like Twitpic and Instagram were pinned on a map along with each cat’s location, determined from the latitude and longitude coordinates in the photos’ metadata. If it can be done with cats, it can be done with people, too.
When your geotagging settings are turned on in your camera or camera app, the photos you take will have location data included in their metadata, down to the exact latitude and longitude. Anyone who has access to your photos can retrieve the metadata with little difficulty and can determine where you were when you took the photo.
And with the quality of photos are becoming clearer with each new phone model, the task of stealing your biometric data is getting a little bit easier, in particular when it comes to your fingerprints. Real-world examples of identity theft using photos of fingers are virtually nonexistent, but in theory someone with an image of your fingerprint would be able to get into your phone that used fingerprint authentication.
Lastly, and perhaps most alarmingly, a stalker once found a celebrity’s home through the reflection in her eyes alone and attacked her. While this is incredibly rare, it is still an example of how photos can give away information in the most unexpected ways.
As October is cybersecurity awareness month, why not take five minutes to shore up your online images?
How to make your photos more private
1. Strip the metadata
Each photo taken on your device contains Exchangeable Image File (EXIF) data, which specifies the formatting of the photo as well as other details of the image like location data.
If your photos have location data attached to them, you can remove it retroactively via free and open-source programs. If you store your photos on Google photos, you can remove the location by simply flipping a toggle in its Settings.
Read more about why you should remove metadata.
2. Make your photos harder to access
If your photos are already uploaded online and you don’t want to take them down, you can limit who can access them. Review the privacy settings of your accounts and albums that you upload to, and restrict access to the ones you don’t want everyone to see. Start with changing your privacy settings on Facebook, Instagram, and Twitter.
3. Refrain from posting sensitive photos, or remove them altogether
Before you upload a photo, take a second to review the information that’s in the photo, from location data and people in the photos to identifiable information (for example, your #boardingpass). Is this information you want everyone following you to know?
Reducing, if not removing, photos with sensitive information altogether can also reduce the chances of someone figuring out where you are. It may be a bummer, but the only way to effectively stop people from following you more closely than you want is to stop posting or remove photos, or privatize already public photos.
Remove, restrict, and reduce
Removing location metadata, restricting access to your account, and reducing the number of photos you post on your accounts is good practice for anyone who wants to take more control over who can see what they post online, and the information that’s tucked in the metadata.