GPS Data Hidden in Your Photos: How to Find and Remove It

Every photo your phone takes is a small confession. Buried inside the file — alongside the shutter speed and camera model — sits a pair of GPS coordinates accurate enough to drop a pin on your kitchen table. Share that image to a forum, a marketplace listing, or a dating profile, and you've potentially handed strangers your home address.

This isn't theoretical. In 2012, John McAfee's location in Guatemala was revealed by an iPhone photo published by Vice. The same EXIF leak has caught out stalking victims, anonymous whistleblowers, and journalists posting from sensitive locations. Here's exactly what's in your photos, how to see it, and how to strip it before you post.

What GPS data actually lives inside an image file

Most cameras and smartphones embed metadata using the EXIF (Exchangeable Image File Format) standard. The GPS block typically contains:

• GPSLatitude and GPSLongitude — coordinates to roughly 1–3 metre accuracy
• GPSAltitude — height above sea level
• GPSTimeStamp and GPSDateStamp — UTC time the location was recorded
• GPSImgDirection — which way the camera was facing
• GPSSpeed — how fast you were moving when the photo was taken

JPEG, HEIC, TIFF, and PNG files can all carry this data. RAW formats (CR2, NEF, ARW) carry even more. Even after you edit a photo in most apps, the GPS block survives unless the app explicitly strips it.

What social platforms do (and don't) strip

It's worth knowing what's already being scrubbed for you and what isn't:

• Facebook, Instagram, Twitter/X, LinkedIn — strip EXIF on upload
• WhatsApp — strips EXIF when sending as a photo, but not when sending as a document/file
• Discord, Slack, Telegram — preserve EXIF by default
• Reddit, eBay, Craigslist, Etsy — behaviour varies; Reddit strips, many marketplaces don't
• Your own website, GitHub, personal cloud links — preserve everything

Check what's in a photo before you trust it's clean

Before stripping anything, see what you're dealing with. There are a few quick ways:

On Windows

1. Right-click the image, choose Properties
2. Open the Details tab
3. Scroll down to the GPS section

On macOS

1. Open the image in Preview
2. Choose Tools → Show Inspector (or press Cmd+I)
3. Click the (i) tab, then GPS

Command line with ExifTool

For developers, exiftool is the gold standard:

exiftool -GPS:all photo.jpg

Or to see everything:

exiftool -a -G1 -s photo.jpg

In the browser

If you want to avoid installing anything — useful when you're checking an image someone else sent you — AXOX Hub's Metadata Remover reads the EXIF block locally in your browser so you can inspect the GPS tags before deciding what to strip.

Stripping GPS data: methods that actually work

1. Prevent it at the source (the only real fix)

Turn off location tagging in your camera app. Once you do this, future photos won't carry coordinates at all.

• iPhone: Settings → Privacy & Security → Location Services → Camera → Never
• Android (Pixel, Samsung, most OEMs): open the Camera app → Settings → toggle off Save location or Location tags
• DSLR / mirrorless: disable built-in GPS in the menu, or unpair the phone-based geotag companion app

2. Strip on share (iPhone, iOS 15+)

1. In the Photos app, tap Share
2. Tap Options at the top of the share sheet
3. Turn Location off
4. Send or save as normal

3. Strip in bulk with ExifTool

For a folder of images, this single command removes every GPS tag in place:

exiftool -gps:all= -xmp:geotag= *.jpg

To remove all metadata (camera model, timestamps, software, the lot):

exiftool -all= -overwrite_original *.jpg

4. Strip via ImageMagick

magick mogrify -strip *.jpg

5. Strip in the browser, no upload

If you don't want to install tools or trust a server with your photos, AXOX Hub's Metadata Remover processes images entirely client-side. Drag the file in, see every EXIF field including GPS coordinates, and download a cleaned copy. Nothing leaves your machine.

Mistakes that re-leak your location after you thought you were safe

• Sending photos as files instead of images. WhatsApp, Signal, and email attachments often preserve EXIF when the photo is sent as a document.
• Cropping doesn't help. The pixel data changes; the metadata block doesn't.
• Screenshots of maps. A screenshot of Google Maps centred on your house is just as revealing as GPS EXIF, and most strippers won't flag it.
• Reverse-image search and visible landmarks. Stripping EXIF doesn't anonymise a photo that shows your front door, license plate, or street sign through a window.
• HEIC to JPEG conversion apps. Some preserve metadata across the conversion, some don't. Verify with exiftool after converting.
• Cloud sync re-uploading originals. If you strip a local copy but the iCloud/Google Photos original still has GPS data, anyone you share that album with sees it.

Building a safe-publishing workflow

If you publish photos regularly — for a blog, marketplace, journalism, or anonymous accounts — bake stripping into your routine instead of relying on memory:

1. Disable geotagging at the OS level so the problem never enters your library
2. Keep a single “to-publish” folder separate from your camera roll
3. Run a stripper as the last step before upload — ExifTool on the command line, ImageMagick in a build script, or the browser-based tool for one-offs
4. Verify with a second tool. Strip with one, inspect with another. Confirm the GPS block is empty, not just hidden by your viewer
5. Audit a sample of already-published images. Download them back from your live site and run exiftool against them. You'll often find old uploads from before you tightened the process

Open any image you're about to publish in AXOX Hub's Metadata Remover — it'll show you the GPS coordinates if any remain, and produce a clean file you can post with confidence.