Editing images for security

Strip EXIF information, including GPS location information.

EXIF stands for Exchangeable Image File Format, and often refers to the metadata that is stored in many image files.

EXIF data may include information like:

• The camera used to take an image.

• Various camera settings, like shutter speed, aperture, and ISO speed.

• The names and versions of any photo editing tools.

• The GPS location the picture was taken--as mentioned above.

Some image-sharing sites, like Flickr, proudly show EXIF information for images by default. Other sites, like Twitter and Facebook, strip the EXIF information from images that are uploaded, making them unavailable to other users that see these images. However, if you rely on these sites to strip EXIF information, you are trusting them with it. It is better for security to remove EXIF information before sharing or uploading pictures.

Here are various resources for removing EXIF information by platform:

• iOS

• Android

• Mac OSX

• Windows

• Linux

Do not use blurring tools to censor images. Censor images with a solid color brush.

The encrypted messaging app Signal also offers a tool for automatically blurring faces. Note that it will not automatically blur other identifying marks like tattoos and logos with clothing.

Censor faces, including ears and hair.

It is possible for machine learning models to reconstruct faces based on images of ears or potentially other body parts. In order to defeat such models, it is important to censor as much of a person's face and uniquely identifying features as possible.

Censor detailed images of hands and fingerprints.

Images of fingerprints can reveal the identity of who owns the hands. Alternatively, photos of your hands can be used to duplicate your fingerprints--potentially using those duplicates to trick fingerprint scanners.

Censor revealing reflections, including reflections inside people's eye pupils.

If you are taking a picture of a scene with reflections--mirrors, windows, ponds, etcl--you may end up appearing in the image even though you are behind the camera. Always make sure to censor any reflections that could reveal something you intend to hide.

When you are taking a picture of a person's face, check the pupils of their eyes for revealing reflections. A man stalking a pop star managed to find her home based on images containing pupil reflections.

Censor identifying marks such as tattoos and clothing.

Tattoos, piercings, and clothing may be another way that a photo of someone can be de-anonymized. Before you share a photo of someone whose identity you want to conceal, make sure that all such identifying marks are censored.