PID Perspectives

What information can a picture give away?

Close-up businesswoman stands outdoors in city near roadway holding mobile phone looking around
Facebook Twitter Linkedin

Sharing a picture on social media can seem innocent enough. Many networks offer to restrict their users’ content to their immediate circles of people, like family or friends, and most people share pictures directly with people they know and trust. So what could go wrong? 

According to safehome.org statistics, 80% of all stalking victims are tracked using technology, and 67% of stalking victims know their stalkers. In other words, stalkers could be someone in your family, a friend, or someone who has hacked their accounts and impersonated them. 

Pictures play a key role in acquiring information on someone. Indeed, a picture can reveal a surprising amount of information from its metadata and the details visible in the image itself. In this article, we will show what photos can reveal about a person’s life. 

What information hides in a picture?

If you look at any of the pictures taken with your smartphone, you will see that there is some information attached to it: most commonly, you will find the date and the time it was taken, the file name, the name of the device it was taken from, and some of the camera settings. In many cases, you will also find the precise location where the picture was taken. 

This information is called “metadata” or EXIF (Exchangeable Image File). You can see only a tiny part of the EXIF information on your phone. Typically, EXIF will reveal:

Technical Information:

  • Camera Details: Camera model, make, and serial number.
  • Lens Details: Focal length, aperture (f-stop), shutter speed, ISO.
  • Software Details: Editing software or apps used.

Geolocation (if GPS is enabled):

  • Latitude and Longitude: The exact GPS coordinates of the picture’s location when it was taken.
  • Altitude and Direction (e.g., compass heading).
  • Date and Time: When the photo was captured.

Creation and Modification History:

  • Timestamps for creation, modification, and potential previous edits.
  • Details of the file compression or image resolution changes.

EXIF information can be extracted from a picture file with various tools, many of which are free to use online. 

How much EXIF data can be seen online?

When you share a picture with someone, you share a wealth of information about yourself. The good news is that some social media platforms will edit out some of the EXIF information to maintain their users’ privacy. But the only way to know what you’re sharing is to extract the EXIF information after you have shared the picture.

Below, you can see the results of a little experiment: first, we extracted the EXIF data from the picture taken from our phone. Then, we posted the same photo on Facebook and repeated the EXIF extraction. 

Original Image
  1. ExifTool Version Number: 13.00
  2. File Name: IMG_2805.jpeg
  3. Directory: .
  4. File Size: 5.1 MB
  5. File Modification Date/Time: 2024:12:10 15:37:24-05:00
  6. File Access Date/Time: 2024:12:10 15:37:48-05:00
  7. File Inode Change Date/Time: 2024:12:10 15:37:47-05:00
  8. File Permissions: -rw-r–r–
  9. File Type: JPEG
  10. File Type Extension: jpg
  11. MIME Type: image/jpeg
  12. JFIF Version: 1.01
  13. Exif Byte Order: Big-endian (Motorola, MM)
  14. Make: Apple
  15. Camera Model Name: iPhone 16 Pro
  16. Orientation: Horizontal (normal)
  17. X Resolution: 72
  18. Y Resolution: 72
  19. Resolution Unit: inches
  20. Software: 18.2
  21. Modify Date: 2024:11:09 14:59:49
  22. Host Computer: iPhone 16 Pro
  23. Y Cb Cr Positioning: Centered
  24. Exposure Time: 1/2033
  25. F Number: 1.8
  26. Exposure Program:
  27. Program AE
    ISO: 64
  28. Exif Version: 0232
  29. Date/Time Original: 2024:11:09 14:59:49
  30. Create Date: 2024:11:09 14:59:49
  31. Offset Time: -05:00
  32. Offset Time Original: -05:00
  33. Offset Time Digitized: -05:00
  34. Components Configuration: Y, Cb, Cr, –
  35. Shutter Speed Value: 1/2033
  36. Aperture Value: 1.8
  37. Brightness Value: 8.698473952
  38. Exposure Compensation: 0
  39. Metering Mode: Multi-segment
  40. Flash: Off, Did not fire
  41. Focal Length: 6.8 mm
  42. Subject Area: 2011 1508 1106 665
  43. Maker Note Version: 15
  44. Run Time Flags: Valid
  45. Run Time Value: 165372657995041
  46. Run Time Scale: 1000000000
  47. Run Time Epoch : 0
  48. AE Stable: Yes
  49. AE Target: 181
  50. AE Average: 172
  51. AF Stable: Yes
  52. Acceleration Vector: -0.9879191512 0.003776159136 -0.1625414936
  53. Focus Distance Range: 0.50 – 1.43 m
  54. Image Capture Type: Scene
  55. Live Photo Video Index: 5251124
  56. Photos App Feature Flags : 0
  57. HDR Headroom: 1.00999999
  58. AF Performance: 354 1 45
  59. Signal To Noise Ratio: 53.85507202
  60. Photo Identifier: 0EB44055-E48E-4E72-BFFD-224EEE4F720C
  61. Color Temperature: 5448
  62. Camera Type: Back Normal
  63. Focus Position: 51
  64. HDR Gain: 2.077248333
  65. AF Measured Depth: 345
  66. AF Confidence: 100
  67. Sub-Sec Time Original: 823
  68. Sub-Sec Time Digitized: 823
  69. Flashpix Version: 0100
  70. Color Space: Uncalibrated
  71. Exif Image Width: 4032
  72. Exif Image Height: 3024
  73. Sensing Method: One-chip color area
  74. Scene Type: Directly photographed
  75. Exposure Mode: Auto
  76. White Balance: Auto
    Focal Length In 35mm
  77. Format: 48 mm
  78. Scene Capture Type: Standard
  79. Lens Info : 2.220000029-15.65999985mm f/1.779999971-2.8
  80. Lens Make: Apple
  81. Lens Model: iPhone 16
  82. Pro back triple camera 6.765mm f/1.78
  83. Composite Image: General Composite Image
  84. GPS Latitude Ref: North
  85. GPS Longitude Ref: West
  86. GPS Altitude Ref: Above
  87. Sea Level
    GPS Time Stamp: 19:59:49
  88. GPS Speed Ref: km/h
  89. GPS Speed : 0
  90. GPS Img Direction Ref: True North
  91. GPS Img Direction: 340.7837524
  92. GPS Dest Bearing Ref: True North
  93. GPS Dest Bearing: 340.7837524
  94. GPS Date Stamp: 2024:11:09
  95. GPS Horizontal Positioning Error: 3.405354059 m
  96. Compression: JPEG (old-style)
  97. Thumbnail Offset: 3244
  98. Thumbnail Length: 8894
  99. MPF Version: 0100
  100. Number Of Images: 2
  101. MP Image Flags : (none)
  102. MP Image Format: JPEG
  103. MP Image Type: Undefined
  104. MP Image Length: 569051
  105. MP Image Start: 4491496
  106. Dependent Image 1
  107. Entry Number : 0
  108. Dependent Image 2 Entry Number : 0
  109. Profile CMM Type: Apple Computer Inc.
  110. Profile Version: 4.0.0
  111. Profile Class: Display Device Profile
  112. Color Space Data: RGB
  113. Profile Connection Space: XYZ
  114. Profile Date Time: 2022:01:01 00:00:00
  115. Profile File Signature: asp
  116. Primary Platform: Apple Computer Inc.
  117. CMM Flags: Not Embedded, Independent
  118. Device Manufacturer: Apple Computer Inc.
  119. Device Model :
  120. Device Attributes: Reflective, Glossy, Positive, Color
  121. Rendering Intent: Perceptual
  122. Connection Space Illuminant: 0.9642 1 0.82491
  123. Profile Creator: Apple Computer Inc.
  124. Profile ID: ecfda38e388547c36db4bd4f7ada182f
  125. Profile Description: Display P3
  126. Profile Copyright: Copyright Apple Inc., 2022
  127. Media White Point: 0.96419 1 0.82489
  128. Red Matrix Column: 0.51512 0.2412 -0.00105
  129. Green Matrix Column: 0.29198 0.69225 0.04189
  130. Blue Matrix Column: 0.1571 0.06657 0.78407
  131. Red Tone Reproduction Curve : (Binary data 32 bytes, use -b option to extract)
  132. Chromatic Adaptation: 1.04788 0.02292 -0.0502 0.02959 0.99048 -0.01706 -0.00923 0.01508 0.75168
  133. Blue Tone Reproduction Curve : (Binary data 32 bytes, use -b option to extract)
  134. Green Tone Reproduction Curve : (Binary data 32 bytes, use -b option to extract)
  135. Image Width: 4032
  136. Image Height: 3024
  137. Encoding Process: Baseline DCT, Huffman coding
  138. Bits Per Sample: 8
  139. Colour Components : 3
  140. Y Cb Cr Sub Sampling: YCbCr4:2:0 (2 2)
  141. Run Time Since Power Up: 1 day 21:56:13
  142. Aperture: 1.8
  143. Image Size: 4032×3024
  144. Megapixels: 12.2
  145. Scale Factor To 35 mm Equivalent: 7.1
  146. Shutter Speed: 1/2033
  147. Create Date: 2024:11:09 14:59:49.823-05:00
  148. Date/Time Original: 2024:11:09 14:59:49.823-05:00
  149. Modify Date : 2024:11:09 14:59:49-05:00
  150. Thumbnail Image : (Binary data 8894 bytes, use -b option to extract)
  151. GPS Altitude: 32.8 m Above Sea Level
  152. GPS Date/Time: 2024:11:09 19:59:49Z
  153. GPS Latitude: 45 deg 36′ 56.82″ N
  154. GPS Longitude: 74 deg 36′ 3.73″ W
  155. MP Image 2 : (Binary data 569051 bytes, use -b option to extract)
  156. Circle Of Confusion: 0.004 mm
  157. Field Of View: 41.1 deg
  158. Focal Length: 6.8 mm (35 mm equivalent: 48.0 mm)
  159. GPS Position: 45 deg 36′ 56.82″ N, 74 deg 36′ 3.73″ W
  160. Hyperfocal Distance: 6.07 m
  161. Light Value: 13.3
  162. Lens ID: iPhone 16 Pro back triple camera 6.765mm f/1.78
Facebook
  1. ExifTool Version Number: 13.00
  2. File Name: 466533439_[…]n.jpg
  3. Directory : .
  4. File Size: 487 kB
  5. File Modification Date/Time: 2024:12:10 15:53:42-05:00
  6. File Access Date/Time: 2024:12:10 16:13:53-05:00
  7. File Inode Change Date/Time: 2024:12:10 15:53:46-05:00
  8. File Permissions: -rw-r–r–
  9. File Type: JPEG
  10. File Type Extension: jpg
  11. MIME Type: image/jpeg
  12. JFIF Version: 1.01
  13. Resolution Unit: None
  14. X Resolution: 1
  15. Y Resolution: 1
  16. Current IPTC Digest: bacde553dfcceb882f07a45018b61b6a
  17. Special Instructions: FBMD0a000b54060000[…]800
  18. XMP Toolkit: Adobe XMP Core 5.1.2
  19. Version: 1.0
  20. Directory Item Semantic: Primary, GainMap
    Directory Item Mime: image/jpeg, image/jpeg
  21. Directory Item Length: 100315
  22. MPF Version: 0100
  23. Number Of Images: 2
  24. MP Image Flags : (none)
  25. MP Image Format: JPEG
  26. MP Image Type: Undefined
  27. MP Image Length: 100315
  28. MP Image Start: 487138
    Dependent Image 1
  29. Entry Number : 0
  30. Dependent Image 2 Entry Number : 0
  31. Image Width: 1440
  32. Image Height: 1080
  33. Encoding Process: Progressive DCT, Huffman coding
  34. Bits Per Sample: 8
  35. Colour Components : 3
  36. Y Cb Cr Sub Sampling: YCbCr4:2:0 (2 2)
  37. Image Size: 1440×1080
  38. Megapixels: 1.6
  39. MP Image 2 : (Binary data 100315 bytes, use -b option to extract)
What changed?

As you can see, even visually, the amount of metadata attached to the picture has changed considerably after we shared it on Facebook. 

First, the picture’s original file name, size, and resolution have changed. Most of the technical information about the picture has been removed, while some new information has been added. For example, we now know that the image and its metadata were edited with the Adobe XMP Toolkit. 

The geolocation data and information about the device, its lenses, the software, and the copyright have been removed. 

Can you locate a photo without EXIF data?

There are many ways to find the location of a picture, even when the metadata has been stripped by its file. We have attempted geolocation with Picarta, one of the many free online services. While the precise location of the photo cannot be obtained, the service still provided a pretty accurate guess for a picture with no spatial landmarks in view. The location provided is within a 100 km radius of the actual location over a worldwide search, which is quite surprising. 

Can you spot AI-generated images with EXIF?

With the diffusion of AI tools that create images (more or less realistic), many social media influencers use AI-generated images to entertain their audiences and generate more followers. For example, this is a common trend on Facebook among realtors or architecture pages. Entire portfolios of fake houses, buildings, and landscapes populate these pages, gathering thousands of likes. Determining if these images are real or fake can sometimes be tricky for the untrained eye. However, there are tools online that can help you with that.

For example, Hive Moderation allows you to upload images and detect the presence of AI or editing software in the image tags (common tags are Stable Diffusion, DALL-E, MidJourney, and GAN). The result will be available in a few seconds. 

The problem with detecting AI-generated content by extracting EXIF information is that a 100% accurate response is impossible. 

However, there are indicators. For example, the EXIF data extracted from the picture we fed to Hive Moderation is below. We have highlighted the metadata that typically indicates that AI has generated an image:  smaller file sizes, unknown or vague details for the device manufacturer and model, no information for the profile creator, and a Common Creative copyright license for online distribution. 

  1. ExifTool Version Number: 13.00
  2. File Name: TestImage1.jpg
  3. Directory : .
  4. File Size: 206 kB
  5. File Modification Date/Time: 2024:12:10 09:56:53-05:00
  6. File Access Date/Time: 2024:12:10 11:55:15-05:00
  7. File Inode Change Date/Time: 2024:12:10 09:57:04-05:00
  8. File Permissions : -rw-r–r–
  9. File Type: JPEG
  10. File Type Extension: jpg
  11. MIME Type: image/jpeg
  12. JFIF Version: 1.01
  13. Resolution Unit: None
  14. X Resolution: 1
  15. Y Resolution: 1
  16. Profile CMM Type: Little CMS
  17. Profile Version: 2.1.0
  18. Profile Class: Display Device Profile
  19. Color Space Data: RGB
  20. Profile Connection Space: XYZ
  21. Profile Date Time: 2018:03:20 09:14:29
  22. Profile File Signature: acsp
  23. Primary Platform: Microsoft Corporation
  24. CMM Flags: Not Embedded, Independent
  25. Device Manufacturer: Unknown (saws)
  26. Device Model: ctrl
  27. Device Attributes: Reflective, Glossy, Positive, Color
  28. Rendering Intent: Perceptual
  29. Connection Space Illuminant: 0.9642 1 0.82491
  30. Profile Creator: Unknown (hand)
  31. Profile ID: 9d91003d4080b03d40742c819ea5228e
  32. Profile Description: RGB
  33. Profile Copyright: CC0
  34. Media White Point: 0.9505 1 1.089
  35. Red Matrix Column: 0.43604 0.22244 0.0139
  36. Green Matrix Column: 0.3851 0.71693 0.09708
  37. Blue Matrix Column: 0.14307 0.06062 0.71393
  38. Red Tone Reproduction Curve : (Binary data 96 bytes, use -b option to extract)
  39. Green Tone Reproduction Curve : (Binary data 96 bytes, use -b option to extract)
  40. Blue Tone Reproduction Curve : (Binary data 96 bytes, use -b option to extract)
  41. Image Width: 1024
  42. Image Height: 1024
  43. Encoding Process: Baseline DCT, Huffman coding
  44. Bits Per Sample: 8
  45. Colour Components : 3
  46. Y Cb Cr Sub Sampling: YCbCr4:2:0 (2 2)
  47. Image Size: 1024×1024
  48. Megapixels: 1.0
Visual information in the picture

As you can see from our experiment above, the EXIF data from the image uploaded to Facebook reveals much less data. Does that mean that we cannot trace information about it? Not really. Information can be deducted by a photo image even without EXIF. 

Remember that what is visible in the image can reveal context, location, or sensitive information. Background details can reveal iconic buildings, artificial structures, or natural landmarks that can reveal their location. Street signs or licence plates can point to specific addresses or regions. Reflective surfaces like mirrors, glasses, or shiny surfaces can show the photographer or other unintended details. 

Objects in the picture can also provide valuable clues: personal items such as IDs, documents, or other identifiable objects can expose sensitive information. Electronic screens can expose visible text or notifications on monitors and phones. And even clothing can reveal uniforms or badges that indicate workplaces or organizational affiliations. 

Finally, other environmental factors, such as weather, lighting, and shadows, reveal the time of day or the season. Some online investigators, for example, have created a free tool that allows you to find the location of an image using only a shadow (you can see how it works in the video below). 

Geolocation tracking (pinpointing where someone lives or works), social engineering (using visible clues to target phishing or scams), and identity exposure (revealing personal or professional associations) can exploit all this information. 

The importance of the information you share

Photo analysis is one of the many ways to gather intelligence in investigations. Several crime cases have been resolved thanks to the details hidden in a picture. EXIF data is invaluable in investigations of all kinds. Reverse image lookup tools such as Google Images, Lens, and TinEye are also helpful in finding images used to create fake profiles or similar objects online to detect their properties.

However, nothing helps more than being aware of what type of data you share and with whom. Recently, Netflix released a documentary titled “Sweet Bobby: My Catfish Nightmare.” 

The documentary tells the shocking true story of Kirat Assi, a 44-year-old Londoner and radio presenter who her cousin catfished for nine years.  It aims to raise awareness about the dangers of online deception and the importance of online safety. Kirat Assi’s story is a cautionary tale, highlighting the need for vigilance and caution when engaging with others online. The photos exchanged between Kirat and her supposed love interest online through direct messages and social media play a central part in how the story evolved over the years and how Kirat was manipulated over time. 

Social media and image safety tips

When sharing pictures online, remember that each social media platform has rules, but these rules are often inconsistent. For example, Facebook started editing picture metadata and resizing photographs in 2013 to preserve storage space. This policy coincidentally offers better user privacy, but that’s not why it is implemented. Flickr, a community of photography enthusiasts, preserves most of the EXIF data on pictures so that users can see detailed information about photos.   

As a rule of thumb, pictures shared on public profiles are often stripped of their metadata. However, users should not rely solely on social media to maintain their privacy. 

Remember that images shared through IM or private messaging maintain the original metadata. If you share pictures with someone you don’t know in person, they can see all the details of a photograph, including where it was taken and when. This is why posting or sharing pictures “live” is never a good idea. Stripping your pictures from metadata can protect yourself and those in your social circles if you don’t know someone. 

To protect your information: 

  1. Strip your metadata: use tools like Exiftool or built-in settings to remove your metadata before sharing pictures online, in chats, or by direct messaging. 
  2. Blur sensitive areas: Use photo editing software to obscure sensitive information, such as the faces of other people, license plates, letters, or screens with visible text.
  3. Limit geotagging: Turn off GPS tagging in your camera or phone. 

Of course, we also recommend setting up proper account and privacy filters, as explained in our previous article: How to set up safe settings on social media: Facebook.

Related Posts

Back to Blog

Table of Contents

This post is about...

Author
Negative PID

Negative PID

At Negative PID, we are passionate about what we do. We enjoy writing about it and sharing our insights with whoever might find it helpful.

Leave a comment

Your email address will not be published. Required fields are marked *

Negative PID Inc. is a Canadian federal corporation.

  • Corporation #1665504-1
  • GST/HST #725382220
  • D-U-N-S #243333733

Quick Links

Other Pages

Contact Details

  • 7398 Yonge St, 6D Unit #1319,
    Thornhill, ON, L4J 8J2 Canada
  • info@negativepid.com
  • +1 (416) 900-5737
Connect with us on social media
Icon-facebook Linkedin-in Youtube Mastodon

Copyright © 2025 – NEGATIVE PID Inc. – All Rights Reserved