It is common for people to snap some pictures everyday to capture special moments. For example, many people upload images everyday to TwitPic, making it possible for any of almost 80 million Twitter users to know the exact location of the uploader on a regular basis. A simple digital photograph may carry a good deal of information, stored as the EXIF data. Data related to the camera and picture characteristics may be useless for a snooper, but some pictures also include data about the photographers’ location. As the result, it is possible for anyone to know where the photo was taken. Some experts believe that data extraction from pictures is a gross invasion on someone’s privacy. EXIF data usually stores details on camera, including ISO settings, metering, focal length, shutter speed and aperture. This information may help a printer to optimize the color-matching to get the best final printed image. EXIF allows additional data to be stored, including camera’s make and model, as well as the location data.
The geotagging technology allows the camera to store latitude and longitude data inside the EXIF data. The information is adjusted dynamically based on the photographer’s geographic location. This data can be synchronized and charted in GPS maps or Google Earth. On earlier digital cameras, geotagging requires complicated equipments and you need to connect the camera to a separate GPS receiver. Nowadays, some high-end digital camera and many smartphone models offer an integrated geotagging feature using a built-in GPS receiver. Built-in geotagging capability is often seamless, which allows the camera to automatically store the latitude, longitude and altitude data to the EXIF data.
As GPS-equipped smartphones are becoming more common, we are witnessing the explosion of geotagged images on the Internet. It is possible for a malicious individual to harvest thousands of geotagged images from the Internet everyday using a Perl script and extract the location data, such latitude, longitude, and altitude, as well as camera owner’s street address, city and state. As the result, he can organize each entry based on location mapped on Google Map. Vulnerable victims are those who upload pictures almost daily and post related descriptions. It allows a criminal to digitally stalk an intended target and gather preliminary data, such as family members, work address and daily activity pattern from uploaded pictures alone.
Even a single photograph can unlock a huge trove of personal information, far more than we might think possible. For example, a geotagged picture may easily lead us to the actual name and address, which can lead him to the target’s Facebook account, which further yield friends’ name, marriage status and birth date. At this moment, an increasing number of people are still unaware of the risk on sharing location data real-time. Luckily, it is easy to turn off geotagging feature on many phones.
If you have an iPhone, geotagging can be blocked by disabling geolocation application, like Foursquare. Go to Settings>General and disable the Location Service. The iOS 4 allows you to disable location service for a specific app (on for Yelp, but off for the Camera app, for example). On older iOS, you should reset the Location Warnings instead. (Settings>Reset>Reset Location Warnings).
On Android smartphones, disabling the GPS can turn off all location based apps. However, to disable only the camera on an Android phone, you can disable GPS on the “Location and Service” menu, if you do it properly, you should see the “Store Location” disabled. If you have a BlackBerry phone, disabling camera geotagging is easy (Menu key> Disable GPS > Yes).