How to Keep Facebook from Snooping on Your Photos’ Locations
Even many people who are troubled by Facebook’s privacy abuses feel they can’t avoid using Facebook’s iPhone app to stay in touch with their family, friends, and communities. If that’s you, first make certain you’ve turned off Allow Apps to Request to Track in Settings > Privacy > Tracking (see “Apple Releases iOS 14.5, iPadOS 14.5, macOS 11.3, watchOS 7.4, and tvOS 14.5,” 26 April 2021). Also, be sure to set Settings > Privacy > Location Services > Facebook to Never to keep Facebook from tracking your location. Facebook can’t track your location anymore, right? Well, not quite.
Zak Doffman, writing for Forbes, discovered that Facebook extracts location data from any photos you upload. It does this by snagging the EXIF data embedded in any photo you take with your iPhone, which includes location, date and time, and camera settings. In normal usage, the Photos app uses that location data to display a map of where you took all your photos.
Facebook extracts your photos’ location data in a particularly sneaky way, stripping it out between when you upload the photo and when it’s published on Facebook. That might lead you to believe your privacy is being protected. If you download a photo from Facebook, you won’t find any interesting EXIF information, but Facebook silently adds it all to its own data trove. Facebook confirmed that practice to Doffman.
Instagram, which is owned by Facebook, engages in the same behavior, and it’s probably safe to assume any Facebook-owned app does so as well. We wouldn’t trust any other ad-supported services that accept photos either.
If you’re curious about what sort of data is embedded in your photos, you can easily view it on your Mac. To maintain your privacy when sharing photos, we recommend stripping the location data when exporting from Photos on your Mac, iPhone, or iPad, and we’ve made an iOS shortcut to share photos without metadata. Finally, just to be safe, you can block an app’s access to your photo library in iOS so it can’t possibly exfiltrate data.
View EXIF Data on Your Mac
Before you learn how to strip EXIF data, it’s helpful to see for yourself what’s there. That requires a third-party app on iOS, but Photos, Preview, and even the Finder on the Mac can show you that information just by selecting a photo and pressing Command-I. You’ll see the most detailed EXIF data in Preview. Be sure to click the “i” tab, and you can see more EXIF data by clicking General, Exif, and GPS.
Strip EXIF Location Data from Photos on Your Mac
Photos can strip EXIF location data automatically when you drag a photo from Photos into the Finder to export it. This is controlled by a setting in Photos > Preferences called “Include location information for published items.” As long as that’s unchecked, Photos will remove the location data during the export process.
If you instead use File > Export > Export X Photos, there’s a Location Information checkbox that controls whether or not Photos will export GPS location data along with the photos.
Strip EXIF Data from Photos on Your iPhone or iPad
You need an app to view all the EXIF metadata on an iPhone or iPad, but you can strip location metadata from photos for free. Open a photo in Photos, and tap the photo to reveal the share icon. Tap the share icon and then tap Options at the top. Turn off Location and tap Done. You can then share or copy your photo to send it out into the world without location data.
But it’s easy to forget to do that every time you want to share a photo. If you want a technique that is guaranteed to strip the data each time, I’ve created a shortcut to share photos without location data. Install and open the shortcut, select your photos, and tap Add in the upper-right corner. You can then choose the destination from the share sheet. If you share photos frequently, you could invoke the shortcut via Siri or even customize it to share automatically to your preferred app.
Some apps like Twitter don’t play nicely with the share sheet. For them, I copy the image from the share sheet and paste it into the app.
Protecting Access to Your Photos in iOS
In its ongoing push to ensure that apps can access only data that the user intends them to access, Apple introduced a privacy feature in iOS 14 that lets you control which photos any given app can access. It’s fiddly to select only a subset of photos that you may want to share, and if you’re sharing directly from Photos or the shortcut, apps don’t need access to your photos anyway.
To cut off access to photos, go to Settings > Privacy > Photos > App Name and select None. That way, Facebook and other nosy apps can’t access your photo library at all.
Stripping Location Metadata Should Be the Default
WWDC is only days away, and we’d like to see Apple add better control of location metadata to iOS 15 and iPadOS 15. Photos for Mac can already strip this data on export, and iOS and iPadOS can do it on a per-photo basis. Facebook’s behavior shows that this is not enough.
Apple’s next step should be to add two switches at the top of Settings > Privacy > Photos. The first would globally prevent all apps with access to photos from reading EXIF data, and the second would automatically strip location metadata on export, just like in Photos for the Mac. Apps could request permission to override either setting, and the user could grant such permission on a per-app or per-export basis.
I am sure these recommendations are on point, however, the real issue is in the first sentence. Nobody has to have a Facebook account. Sharing news and information with family and friends was not invented by Facebook. There are plenty of ways to do this which do not jeopardize one’s privacy and the privacy of everyone you contact, not to mention the integrity of our democracy. The best way to stop Facebook from snooping is to close your account.
Metapho is an excellent app on iOS for viewing and editing photo metadata, and it also allows you to easily share photos with the location and identifying metadata removed. This can be done both from within the Metapho app, and from any app’s share sheet (by selecting the Metapho extension in the share sheet and sharing again from it).
I highly recommend it, it’s useful in all sorts of ways.
The few times that I post a photo on Facebook or Instagram, I’ll share the photo from the Photos app after tapping Options at the top and turning off sharing all photos data (mostly to remove access to location). This was maddening with iOS 14 first came out because there was a bug that caused apps not to appear on the share sheet. I had to restart my phone to get them back. Thankfully, this seems to be fixed.
That’s easy to say if your community isn’t Facebook-centric, and you’re not involved with any groups that use Facebook for communications. My wife has been trying to avoid Facebook for her mental health, and it’s remarkably difficult because there are some things she needs to be able to see. Besides, Facebook tracks you even if you don’t use it.
Doesn’t turning off location services in the iPhone photos solve this problem? I realize I’m on an older iOS but if I look at the map in iOS Photos, I only have a couple that show up and one wasn’t even taken by me, it was sent to me. Sierra Preview doesn’t show any locations in the exif when I move them to my computer.
That’s just not the point. Of course dropping FB now may seem painful, but if you don’t do it now, you’ll be suffering from them forever. The only way Zuck will adapt is if he is forced to. And the way to force his hand is to vote with your feet and $. The argument about community just goes nowhere except to perpetuate the abuse. That “community” is being played by Zuck. I’d claim it’s smarter and more conducive to rip off the bandaid now and suffer some brief pain, than spend the rest of your life suffering from the same old agony that you are, essentially, enabling by refusing to take appropriate countermeasures.
If you don’t use FB why troll FB users?
Understood. Fortunately Facebook does not have access to PII of those without an account who use pages on sites with Facebook links (or does it?).
I am sure your wife’s predicament is shared by many others but there is little positive to be said for a ‘service’ that people use because they have to not because they want to.
I know some people who work in public facing positions that are required to use Facebook and/or Twitter for work.
Another oddity is you often need a public social media account to apply for jobs. Some companies don’t trust applicants who don’t have a social media prescence. Of course, that’s maybe less of a problem with the current labor shortage.
Yes, but at the loss of being able to see where you took your photos, search on location, and so on. There’s a lot of data that you have every right to see and that significantly improves your life and iPhone experience, but that you shouldn’t have to ever share with the likes of Facebook.
Seriously??? Wow. Just wow. That should be illegal as it’s a form of discrimination. I’ve contemplated lawsuits against companies who run promotions (contests) but you can only enter via FB, which should be illegal. I really hate this assumption that everyone has an FB account.
Decades ago when Facebook was just becoming a thing a relative sent me photos I couldn’t access because I didn’t have an account. I suddenly understood why FB was growing so rapidly. It so turned me off I refused to ever get an account.
Now with all the privacy hubbub I look like a genius.
Because Facebook tracks you weather you are a member or not. Using the information it collects from members about non members is a big source of revenue for them, and they cross reference among apps, locations, time frame, etc., etc. to more precisely target ads. They track both online and offline behavior that retailers share with them across their entire network, including Instagram, Etc. The more they can personalize ads, the more effective they will be, the more money they can charge for them. They sell ads across Instagram, WhatsApp, Etc., plus what is probably millions and millions more members of third parties that participate in Facebook’s Audience network:
It’s the reason why Facebook has gone bat s—- about Apple’s App Tracking Transparency.
Okay, here’s something that’s easy to say and possibly more on point: Keep Facebook off your phone and use it only on your desktop or laptop, where its settings and configuration can be more closely controlled with the use of system settings, browser settings, and browser extensions such as FB Purity. Keeping Facebook off your phone not only limits data mining and makes it more difficult, it’s the single most effective step for keeping Facebook interactions to a manageable level that’s less injurious to mental health.
To step up one further, download your Facebook data and make an archive of it, then delete your account. Set up a new account under a pseudonym and set your privacy settings as you want them from the get-go. Connect only with organizations and people that you trust completely. This is what I’ve done, and it’s the balance of privacy and connection that suits me best.
Thanks! I’ve installed Metapho.
Makes a lot of sense!
This is excellent advice; only 1.7% of Facebook users log in on a desktop or laptop:
I wish all apps would have the Photos privacy setting for Add Photos Only like iCab has (left over from ios 11?). Much easier than setting up an album for each app (why yes, I do have too many apps…)
ViewExif is another good app that will show and strip metadata via the share sheet.
Facebook is the modern AOL. A huge number of people, companies, and even parts of government think that it IS the internet. Most restaurants and stores around here have ‘websites’ on FB, sometimes requiring an account for access just to see the menu. I’ve seen city and county information links to FB with no availability elsewhere. Twitter is bad too–many of our city and county services have twitter feeds for status stuff such as traffic reports and road closures with no other recourse. “But everyone is on FB and twitter!”
I’m not, so “everyone” must be a limited set smaller than “all persons”.
Hey, there are two of us! We should form a club!
I’ve seen organizations decide to direct their patrons to their FB pages for information, and then ignore their carefully curated and logically laid out web sites. (Like musical organizations, public service orgs, and others.) All the while their own members are posting additional junk, jokes, cartoons, comments, and the like to their FB page, which normally should never be seen by “customers.”. And of course FB never posts a page the same way twice, and the utility of a web presence is lost.
Ditto. If someone asks me why I’m not on Twitter, I jokingly say it is because I’m not a twit. BTW, I think Twitter should actually be renamed “Tweeter” since that describes it properly.
Does anyone know if and when “removed” metadata is definitely unrecoverable or not? I’ve used the (downloadable) command line “exiftool” utility to remove metadata but (if you read enough) you are warned that the metadata hasn’t been deleted from the file. I did not read the explanation of how it’s recovered. I assume Facebook, Google, and Twitter would find your moved (and not removed) metadata if it is easily automated. I am aware that there is a command line tool (qpdf) that can be used to make such changes permanent for pdf files.
My photos are stored in the iCloud Photo Library. I do like having an approximate location stored with them, However, for ‘private locations’ (homes, offices, etc.) , I go into the info window on Mac Apple Photos and change the location to a nearby landmark such as a park.
After I do that, if I accidentally share it with the location, the result is pretty harmless.
Facebook is a quite wonderful resource. It lets me keep in touch with literally hundreds of people I wouldn’t otherwise and be part of their daily lives in a way simply impossible otherwise. So, no, giving up Facebook is not an option.* What is an option is trying to limit the amount of intrusiveness the company can manage, especially since they seem to be run by the 21st century version of the East German Stasi (slogan: “Yes, that’s a microphone. That is too. Also, your children work for us.”). One of the reasons I stay with Apple is that the company – despite a lot of failures – does seem to have a genuine commitment to some level of privacy, as opposed to FB’s commitment to getting everything they can, no matter how.
*Telling me I’m wrong about this will not be a useful reply.
Settings > Privacy > Location Services > Camera > Never
Yep, but as I said:
I think that points out to the lack of regulation of what is allowed and not allowed for companies to do… I have even read about the need to have a decoy media presence if you use a work phone if the US Border Agents inquire into your phone…
Every employer is different, but mine has a very simple policy. You’re not allowed to put personal content on a company-issued phone. If law enforcement insists on accessing it, you give them the phone number for the company’s security department and let them make the decisions.
Personally, I think this is a good rule even if your employer isn’t that strict. It’s never a good idea to use company equipment for personal purposes, because your employer has a legal right to access anything you store on their equipment and you probably don’t want them to have access to at least some of your personal information.
I asked above if removing the exif data (metadata) was a reversible operation (no one answered) and apparently I misunderstood the exiftool documentation as I now believe the removed metadata is only recoverable if you do not overwrite and keep the original file. (I don’t know if I read sloppily or if it’s sloppy doc.)
Anyway, other free options for removing metadata that I just found (but haven’t fully used) are exifcleaner (github download) which is a drag-and-drop macOS gui that uses exiftool and removes all metadata (and overwrites files). This webpage image scrubber removes metadata from photos but you can download the webpage and run it locally (offline via index.html) to ensure privacy.
Yes, removing metadata is a lossy process—take it out and it’s gone forever unless you’ve retained an unmodified copy.
For the Mac, perhaps the best option for images is PhotoShrinkr since it removes all exif data when it shrinks photos while maintaining image quality.
Location services on photos is nice. It helps me find a photo simply based upon the location. Turning it off because I occasionally share photos on Facebook isn’t what I want to do.
However, I created a quick shortcut that strips the data from the picture before I share it.
It’s a bit strange to use. You select a photo, bring up a share sheet, select Share without EXIF Data. This brings up a second share sheet where you can specify you want to share the newly created EXIF dataless jpeg with Facebook or text it to someone or email it, etc.
Making it a shortcut you call up from a share sheet makes it pretty simple to use.
It’s pretty short, so I took a screenshot of the whole shortcut.
Join the discussion in the TidBITS Discourse forum