All posts

Your photos are leaking your home address (and how to stop it)

Every photo your phone takes can carry the exact GPS coordinates of where you stood. Here's how to see what's hidden in your images and strip it before you post.

8 June 20265 min readBy Primova
privacyexifmetadatagpssecurityimages

Take a photo in your kitchen. Post it to a forum, a marketplace listing, a support ticket. Without doing anything else, you may have just told a stranger the exact latitude and longitude of your kitchen — down to a few metres.

That's not paranoia. It's how cameras work.

What's actually inside a photo

Every image file is more than pixels. Tucked into the header is a block of metadata called EXIF, and your phone fills it in automatically every time the shutter clicks. The usual contents:

  • GPS coordinates — where you were standing, often accurate to a few metres
  • Date and time — to the second
  • Device — make, model, sometimes a serial number
  • Camera settings — ISO, aperture, shutter, lens
What's really in that .jpgthe pixelswhat you seeEXIF metadata — what you don't see📍 GPS 37.7821, -122.4094🕐 2026-06-08 18:42:09📱 iPhone 16 Pro⚙ ISO 64 · f/1.8 · 1/120s

The camera stuff is harmless. The location and timestamp are the problem. String a few of someone's photos together and you can map their home, their workplace, their kid's school, and the hours they're usually out. People have been found this way. It's not a hypothetical — there are well-documented cases of location data in a posted photo leading someone straight to a person's door.

The reason most people never notice is that the big platforms quietly strip EXIF on upload. Instagram, Facebook, X — they scrub it (partly for your safety, mostly to save bytes). So you get lulled into thinking photos are "just pixels." Then you email a photo directly, drop it in a Discord, attach it to a marketplace listing on a smaller site — and the full metadata rides along untouched.

See it for yourself

Here's the uncomfortable part: you can read this data out of almost any photo in seconds. Right-click a recent photo from your phone, check its properties, and look for GPS fields. Or open it in a metadata viewer. If you took it outdoors with location services on, there's a good chance the coordinates are sitting right there — and they'll drop a pin on a map that lands on your front step.

I find that the map is what makes it click for people. A pair of numbers is abstract. A pin on your house is not.

Stripping it is easy — verifying it is the part most tools skip

Removing EXIF is technically simple: redraw the image and re-save it. The canvas a browser uses to redraw doesn't carry metadata forward, so GPS, timestamps, camera info, and the colour profile all fall away. The pixels stay identical.

The catch is trust. Most "remove EXIF" tools online ask you to upload your photo to their server to clean it — which means handing your sensitive image, location data and all, to some random website to fix a privacy problem. That's backwards.

So two things matter:

  1. It should run on your device. Your photo should never leave your computer to get cleaned. Anything that uploads is solving a privacy problem by creating a bigger one.
  2. It should prove the data is gone. "Trust me, it's removed" isn't good enough for something this sensitive. The tool should re-read the cleaned file and show you it's empty.

That second point is the one almost everyone gets lazy about. Removing data and proving it's removed are different promises — and for something as sensitive as your location, you want the proof.

Primova's EXIF Stripper does both: it reads out exactly what your photo is carrying (with a "view on map" link for any GPS data, so you can see the exposure for yourself), strips it locally, then re-reads the cleaned file and confirms nothing's left. You can do a whole folder at once and download them as a ZIP. Nothing is uploaded — it all happens in your browser.

When to bother

You don't need to scrub family photos staying in a private album. But strip metadata any time a photo leaves your circle:

  • Selling something on a marketplace or local-listings site
  • Posting on a forum, subreddit, or smaller community platform
  • Attaching a photo to a support ticket or a bug report
  • Sharing a "where I am right now" shot before you've left

A good habit: if you're posting a photo somewhere you wouldn't hand a stranger your address, strip it first.

The 20-second version

Open the EXIF Stripper, drag your photos in, look at what they're leaking, hit strip, download. Done — and you've actually seen the proof that the location data is gone, not just been told so.

Your photos can stop being a map to your front door. It takes about twenty seconds.