Security ยท Journalism 8 min read

Metadata risks for journalists,
sources and whistleblowers

For most people, leaked metadata is embarrassing. For a confidential source, it can mean prosecution โ€” and for a journalist, it can mean burning the person who trusted you. Here is where the risks are and a practical workflow to handle files safely.

calendar_today July 2026

This has happened before

In 2012, Vice journalists accidentally revealed John McAfee's hiding place through GPS data in a published photo. In 2017, a leaked NSA document identified its source partly through printer tracking dots. Metadata failures have real, documented consequences for sources โ€” we cover these cases in detail in famous metadata leaks.

Where source-identifying metadata hides

Documents from a source

Author name, username, company, printer info, revision history showing who edited what and when

Photos and videos

GPS coordinates of where evidence was captured, device serial data, timestamps that narrow down who was present

PDFs and scans

Creator software tied to one office, scanner model, creation timestamps matching building access logs

Your own published files

Photos you publish can reveal where you met a source, where you live, and what equipment you use

The danger is asymmetric: the person analysing a leaked file โ€” an employer, a government, an intelligence service โ€” often has access to internal logs that turn a small metadata detail into a positive identification. A timestamp plus a printer name plus an access log can be enough.

A practical workflow for handling sensitive files

1

Inspect before you do anything else

Before forwarding a file to an editor or colleague, analyse its metadata so you know what it contains. You can't assess the risk to a source without seeing what the file says about them.

2

Document, then strip

Metadata can also authenticate a document โ€” note anything relevant for verification (in a separate secure record), then remove it from the copy that will circulate.

3

Never publish an original

Anything that goes online โ€” an embedded document, a photo in an article, a PDF exhibit โ€” must be a cleaned copy. Recompression by your CMS is not a guarantee.

4

Clean your own output too

Photos you take in the field carry your GPS trail. Documents you draft carry your name and newsroom. Strip them before they leave your machine.

What metadata removal does not solve

Be honest about the limits. Stripping metadata does not remove identifying details visible in the content itself (a reflection, a badge, a distinctive view from a window). It does not undo watermarks or printer tracking dots baked into the pixels of a scan. And it does not protect the transmission channel โ€” a clean file sent over a monitored network still exposes the fact of contact.

Metadata hygiene is one necessary layer in a broader operational security practice โ€” alongside secure drop systems, encrypted messaging, and careful handling of physical documents. It's the cheapest layer to get right, and one of the most common to get wrong.

For newsrooms

RemoveMD offers an API that can be integrated into editorial workflows, so every image and document is automatically cleaned before publication rather than relying on each journalist remembering to do it.

Inspect and clean a file now

Free analyzer & remover ยท Files processed privately.

Remove metadata free arrow_forward

Related articles

True Stories

5 famous cases where metadata exposed someone

McAfee, BTK, Reality Winner and more.

Security

Can metadata be falsified?

Authenticity and manipulation explained.