NewDo you know which regulations apply to you? Find out in under 3 minutes. Our sincere gift:EU scoperKorea scoper
How can we help?

Message us on

KakaoTalkLINE

Response within 48 hours

Send us an email →
Blog
Which Apps Keep Your Photo's Location, and Which Strip It
Data Privacy

Which Apps Keep Your Photo's Location, and Which Strip It

July 4, 2026·Alex Holmquist, Panke IT Solutions LLC

You assume the app handles your photo. It does — each one differently.

A photo taken with the Camera app, Location Services on (the iPhone default), carries photo location metadata: the GPS coordinates of where you stood, baked into the file's EXIF.[1] Sharing the photo doesn't leak that. Which app you share it through does.

Most apps strip it. Instagram, Facebook, Twitter/X, Naver, and Discord all remove the EXIF GPS from the file other people download.[2][3] But "strips" isn't "protects" — to strip your location, the app first had to receive the original, GPS and all. You're shielded from the crowd, not from the platform.

One app keeps it, in full: iMessage. A blue-bubble photo arrives with its original GPS intact.[4]

One original photo with GPS inside splits two ways: sent through Instagram, Facebook, X, Naver, or Discord the location is stripped from the file others receive, but sent through iMessage the location is kept in full and your home address travels with the photo.

That location goes to the contact you chose — so the risk is amplification. The photo gets forwarded, dropped into a group chat, or the recipient's device is later compromised, and your home address rides along with it.

Right instinct, specific risk. The per-share fix is real but partial: in the share sheet, tap Options and turn Location off. It drops the GPS, leaves the timestamp and camera details behind, and doesn't persist.

The durable fix is at the source: Settings → Privacy → Location Services → Camera → Never.

Nothing on screen tells you which app kept it — so which have you been trusting with your address?

References

  1. Apple Support — Manage location metadata in Photos: https://support.apple.com/guide/personal-safety/manage-location-metadata-in-photos-ips0d7a5df82/web
  2. Velog (mikio) — exiftool per-app EXIF test (Instagram / Naver / Discord): https://velog.io/@mikio/exiftoooool
  3. AboutThisImage — How social media handles your photo metadata (Facebook / Twitter–X strip GPS from downloaded copies): https://aboutthisimage.com/social-media-metadata
  4. Sammapix — Does iMessage strip EXIF metadata?: https://www.sammapix.com/blog/does-imessage-strip-exif-metadata
Concerned about your attack surface?

If you'd like to know how your infrastructure scores in an attacker's scanning model, reach out at contact@pankeit.com for an external attack surface assessment.

Subscribe to our blog

Stay up to date with the latest security trends

No spam. Unsubscribe anytime.

HomeAboutPrivacyDMCA

©2026 Panke IT Solutions LLC

Austin, TX