Which Social Media Platforms Strip Photo Metadata?

Every digital photo contains embedded metadata in EXIF, IPTC, and XMP formats. Your phone writes GPS coordinates, device model, lens settings, timestamps, and sometimes your name into every image. When you upload that photo to a social network, the platform decides what to do with all of it.

Most major social networks strip sensitive metadata from the copies other users can download. But the details vary by platform, by feature, and sometimes by upload method. Here is what each major network does as of early 2026, based on published testing from MetaClean, SammaPix, EXIFData.org, and PrivacyStrip.

Instagram

Instagram runs every uploaded photo through an image compression pipeline that removes GPS coordinates, camera make and model, and timestamps from the downloadable file. This applies to feed posts, Stories, and Reels on both iOS and Android. If someone saves your Instagram post, the saved file contains no location data and no camera details.

Instagram Direct Messages are a different story. Testing has found GPS data surviving DM transmission when original-quality sharing was used. Camera model information also appeared more frequently in files received through DMs than in feed posts. If location privacy matters, treat Instagram DMs as less trustworthy than standard posts.

Facebook

Facebook takes a similar approach to Instagram (both are Meta platforms). GPS coordinates, camera details, and original timestamps are stripped from photos that other users can view or download. Facebook adds its own processing metadata to the output file. Copyright information has been observed surviving in some cases, but location data is consistently removed from publicly accessible copies.

Photos shared in Facebook Groups and Messenger follow the same general pattern, though Messenger has shown slightly more variable behavior in edge cases involving high-quality image sharing modes.

Twitter / X

X strips all sensitive metadata from photos posted through the official apps and website. GPS coordinates, camera information, and timestamps are removed. If you download an image from someone's tweet, the file comes back clean.

One gap worth knowing about: photos uploaded through third-party tools using the X API (scheduling platforms like Buffer or Hootsuite) do not always trigger the same stripping pipeline. GPS coordinates from API-based uploads may reach X's servers intact, and there is no guarantee those coordinates are stripped from the served file. If you publish through a scheduling tool, strip metadata yourself before the photo enters the tool.

TikTok

TikTok re-encodes all uploaded content, whether it is video or a photo slideshow. The re-encoding process strips most container metadata, including GPS, as a side effect rather than a deliberate privacy feature. Testing in 2026 confirmed GPS was removed from all publicly accessible TikTok posts across both iOS and Android.

TikTok direct messages showed more variable results. Photos shared in higher-quality modes sometimes retained GPS data, following the same pattern seen on other platforms where quality-preserving modes are less aggressive about stripping.

LinkedIn LinkedIn strips EXIF metadata from photos uploaded to posts and profile images, removing GPS coordinates and camera information from the served copies. Documents shared on LinkedIn (PDFs, slide decks, files) may retain their full original metadata, since the image-specific stripping pipeline does not apply to document uploads.

Reddit

Reddit re-encodes uploaded images hosted on i.redd.it, which strips EXIF data as a side effect. Standard image uploads through the Reddit interface lose their GPS and camera data.

A historical note worth mentioning: Reddit had a documented vulnerability (HackerOne report #1069039) where photos in HEIC format were converted to PNG during upload but retained their GPS coordinates through the conversion. This was patched, but it illustrates that metadata stripping can fail with uncommon file formats. Images hosted on external services like Imgur and linked on Reddit retain whatever metadata the hosting service itself preserves.

Snapchat

Snapchat strips EXIF data from all shared photos, covering Snaps, Stories, Chat, and Spotlight. Camera roll photos go through the stripping process before transmission. Other Snapchat users cannot extract location data from photos you share. Snapchat does store photo metadata on their own servers for a limited period, but that data is not exposed to other users through the app.

Social networks mostly agree on stripping metadata from public posts. Messaging apps are a different story entirely. The same app can strip or preserve every byte of metadata depending on how you send the photo, and most people never think about which send mode they are picking.

WhatsApp

WhatsApp's standard photo mode strips most EXIF data, including GPS coordinates. About 89% of photos sent in standard compressed mode had GPS fully removed in 2026 testing by MetaClean.

The privacy gap is document mode. When you tap "Document" instead of "Photo" in the attachment menu (often to send a higher-quality version), WhatsApp transmits the original file untouched. That means 100% of EXIF data, including exact GPS coordinates, arrives on the recipient's phone. The "best quality" setting is also unreliable, with GPS data surviving in roughly 23% of test cases.

This matters because people switch to document mode specifically when sharing important photos, group event photos, or professional shots where quality counts. Those are exactly the types of photos most likely to contain sensitive location data from weddings, home events, or client sites.

Telegram

Telegram's behavior depends on the send method. Sending a photo using the standard compressed option triggers re-encoding, which strips metadata as a side effect. Sending as a "File" or "Document" to preserve quality transfers the original file with all metadata intact, including GPS coordinates, camera model, and timestamps.

The default attachment behavior varies by Telegram client version and user settings. You cannot assume metadata will be stripped unless you specifically choose the compressed photo option. Telegram promotes itself as privacy-focused, but the metadata protection only applies to one of its two primary sharing modes.

Signal

Signal is the strongest privacy option among messaging apps. It strips all EXIF metadata before transmitting photos: GPS coordinates, camera model, timestamps, and software version are all removed. Unlike the social media platforms discussed above, Signal also does not retain original metadata on their servers. Photos leave your device clean and stay clean on the other end.

This makes Signal the only major messaging platform that protects your metadata both from the recipient and from the platform itself.

Discord

Discord splits its behavior based on how the image appears in chat. Photos pasted or uploaded directly into a message get processed through Discord's CDN pipeline, which strips EXIF data and GPS coordinates. But when you use the attachment button and the recipient downloads the file as an attachment rather than viewing it inline, the original file with full EXIF data may be preserved.

The practical distinction: small images that Discord displays inline in the chat are typically stripped. Large images or files that require a manual download may arrive with metadata intact.

iMessage

iMessage preserves complete original metadata, including GPS coordinates, camera model, and timestamps. No stripping occurs at any point. When you send a photo through iMessage, the recipient receives an exact copy of the original file with every embedded field. The same applies to standard MMS messages between non-iMessage devices.

For anyone using an iPhone to send photos to other iPhone users, this is the default messaging behavior. Every photo you text carries your location data unless you remove it before sending.

Here is the part most platform comparison guides skip. Stripping metadata from public-facing copies is not the same as deleting it from the platform's servers.

The moment you upload a photo to Instagram, Facebook, X, TikTok, or any other major social network, the service ingests the full original file. Your GPS coordinates, camera model, timestamps, and software version all get processed and stored in the platform's systems before the stripped public copy is ever generated.

This internal retention serves concrete purposes. Location data from your photos helps platforms build geographic profiles for ad targeting. A photo taken at a restaurant, a gym, or an airport tells the ad system where you spend time and how often. Timestamps and device information help detect coordinated inauthentic behavior, like multiple accounts posting from the same device within minutes. And platforms respond to legal requests for original file metadata. The stripped public copy is irrelevant when a court order asks for the original upload.

Facebook's data policy explicitly states they collect information about photos including the time, date, and place the photo was created. Instagram's policy mirrors this language. X's privacy policy notes they may receive information about your precise location from content you share, which includes photo metadata.

This distinction matters most for journalists, activists, domestic abuse survivors, and anyone whose physical safety depends on location privacy. If you photograph a sensitive location and post it to Instagram, other users cannot find GPS coordinates in the downloaded image. But Meta has your exact coordinates stored on their servers, associated with your account, and available to authorized parties through legal processes.

Signal stands out as the notable exception. It strips metadata before transmission and stores nothing server-side, which makes it impossible to produce data that was never collected. Snapchat stores photo metadata for a limited retention period but does not make it accessible to other users.

The practical takeaway is straightforward: social media metadata stripping protects you from other users. It does not protect you from the platform itself or from legal processes directed at the platform. If that distinction matters for your situation, strip metadata yourself before any photo leaves your device.

Take Control of Your File Metadata

Fast.io Metadata Views let you audit GPS, timestamps, and camera info across entire photo libraries. Pair it with secure workspaces and granular permissions to review files before sharing externally. Free 50GB plan, no credit card required.

Sign Up Free

You do not have to trust any platform's claims about metadata stripping. You can verify the behavior yourself with free tools.

Using ExifTool

ExifTool, created by Phil

Harvey, is the standard open-source tool for reading photo metadata. It runs on Windows, Mac, and Linux.

To view all metadata in a photo:

exiftool photo.jpg

To check specifically for GPS data:

exiftool -gps:all photo.jpg

If the output shows GPS latitude and longitude values, the metadata is still present. If those fields are missing or return empty, they were stripped.

Testing a Platform's Stripping Behavior To verify what a specific platform actually does:

1. Take a photo with location services enabled on your phone
2. Run exiftool photo.jpg and confirm GPS data is present in the output
3. Upload the photo to the platform you want to test
4. Download the photo from the platform using a different account if possible
5. Run exiftool downloaded_photo.jpg and compare the two outputs

Any metadata fields that disappeared between steps 2 and 5 were stripped during the platform's processing pipeline. Pay particular attention to GPS, Make, Model, and DateTimeOriginal fields.

Online EXIF Viewers

If you prefer not to install anything, several free websites can read photo metadata. Tools like exif.tools, jimpl.com, and metadata2go.com let you drag and drop a photo to see every embedded field. Upload the version you downloaded from a platform and check whether GPS coordinates, camera model, or timestamps survived the round trip.

Which Fields to Watch

The metadata fields with the biggest privacy implications:

• GPS Latitude and Longitude: Your exact shooting location, often accurate to within a few meters on modern phones
• GPS Altitude: Your elevation when the photo was taken
• Make and Model: Your phone or camera manufacturer and model number
• DateTimeOriginal: The exact date and time the photo was captured
• Software: The app or operating system version that processed the image
• IPTC and XMP fields: Professional metadata like copyright notices, captions, and keywords

If GPS fields are gone but camera model remains, the platform did a partial strip. If everything beyond basic image dimensions is removed, it was a full strip. If GPS data survived, the platform failed to protect your location privacy for that upload path.

The safest approach is removing metadata before a file ever reaches a platform. Stripping on your own device gives you control over exactly what data leaves your phone or computer, regardless of what any platform promises to do on your behalf.

Built-in OS Options

On iOS, you can remove location data before sharing through the share sheet. Select a photo, tap Share, then tap "Options" at the top of the share menu and toggle off "Location." This removes GPS from the shared copy while preserving the original in your library.

On Android, the process varies by manufacturer. Google Photos lets you remove location data from the share menu. Samsung Gallery has a "Remove location data" toggle in sharing settings. Check your specific gallery app's share options for similar controls.

On Windows, right-click an image file, select Properties, open the Details tab, and click "Remove Properties and Personal Information." You can strip all metadata or select specific fields to remove.

macOS does not have a built-in metadata removal tool in Preview or Finder. ExifTool from the command line or a third-party app like ImageOptim (which strips metadata as part of image optimization) are the practical options.

ExifTool for Batch Processing

For anyone handling large numbers of files, ExifTool can strip metadata from entire directories in a single command:

exiftool -all= -overwrite_original *.jpg

This removes all metadata from every JPEG in the current directory. To keep copyright information while removing everything else:

exiftool -all= -tagsfromfile @ -copyright -overwrite_original photo.jpg

To strip only GPS data while preserving camera settings and timestamps:

exiftool -gps:all= -overwrite_original photo.jpg

Platform Privacy Settings

Some platforms have settings that affect metadata on the upload side. X has an option in Settings > Privacy > Location to prevent adding location data to posts. Instagram lets you remove location tags from individual posts. These settings control what the platform attaches to your post as visible location context, not what is embedded in the photo file itself. They are complementary to stripping, not a replacement.

Managing Metadata Across Large Photo Libraries

For teams handling large volumes of photos (media companies, marketing agencies, corporate communications departments), checking files individually before distributing them externally is slow and error-prone.

Fast.io's Metadata Views can help with this workflow. Upload your photo library to a workspace, describe the metadata fields you want to audit (GPS coordinates, camera model, timestamps), and the AI builds a typed schema that extracts those fields into a sortable, filterable spreadsheet. You can scan thousands of images for location data without opening individual files. Combined with shared workspaces and granular permissions, teams can review and clean metadata before sending files through branded shares to clients or external recipients.