EXIF · 2026

What Is EXIF Data? The Complete Guide (2026)

Published April 12, 2026

Every digital photo you take contains two things: the image you can see, and a hidden data record you cannot. That record is called EXIF data. It travels with the file wherever it goes. Most people have never looked at it. Most people do not know it exists.

Quick Answer

EXIF (Exchangeable Image File Format) data is metadata stored inside every digital photo. It contains the date and time the photo was taken, GPS coordinates, the make and model of the device, camera settings (aperture, shutter speed, ISO), and often a unique device serial number. You cannot see it in the image -- it lives in the file header.

What does EXIF stand for?

EXIF stands for Exchangeable Image File Format. The standard was defined by JEITA (Japan Electronics and IT Industries Association) in 1995, originally to allow digital cameras to embed technical shooting data directly into image files so that photo editing software could read it automatically.

What started as a camera manufacturer standard now ships inside every photo taken on a smartphone, tablet, drone, or processed by an AI image tool. The specification defines exactly which fields exist, where they live in JPEG and TIFF file structures, and what data types each field accepts.

What is stored in EXIF data

The EXIF standard covers dozens of fields across device information, shooting parameters, timestamps, and location data. Here is what a typical iPhone photo embeds by default:

Field	Example value
Date/Time Original	2026-04-12 14:32:07
GPS Latitude	40.7128° N
GPS Longitude	74.0060° W
GPS Altitude	12m above sea level
Make	Apple
Model	iPhone 16 Pro
Software	iOS 18.3.2
LensModel	iPhone 16 Pro back triple camera
FNumber	f/1.78
ExposureTime	1/120 sec
ISO	64
FocalLength	6.765mm
DeviceSerialNumber	[unique device ID]
ImageUniqueID	[unique per-photo ID]

Where EXIF lives inside a JPEG file

JPEG files are built from a sequence of segments. Each segment starts with a 2-byte marker: 0xFF followed by a code that identifies the segment type. EXIF data lives in the APP1 segment (marker 0xFFE1). Here is the order:

SOI (0xFFD8)→APP1 / EXIF (0xFFE1)→APP11 / C2PA (0xFFEB)→...→SOS (image data)→EOI (0xFFD9)

The APP1 segment immediately follows the SOI (Start of Image) marker at the very beginning of the file, before any pixel data. It starts with the ASCII string "Exif\0\0" followed by an IFD (Image File Directory) containing tag-value pairs for every EXIF field present.

This structure is why removing EXIF is a clean operation: the image pixel data lives in an entirely separate segment (SOS, Start of Scan). Binary-level removal touches only the APP segments and leaves the pixel data byte-for-byte identical.

GPS data: the most dangerous EXIF field

Every photo taken on a smartphone with location services enabled embeds exact GPS coordinates. The precision is within meters. The embedding is silent -- no notification, no confirmation, no visible indicator in the image.

What GPS EXIF enables

Reverse geocoding from coordinates to a specific street address
Identifying your home, workplace, or children's school from photos taken there
Tracking movement patterns across a batch of photos over time
Pinpointing your location at a specific timestamp with millisecond precision

Photos shared directly as original files -- via email, iMessage, Dropbox, AirDrop, or direct download -- carry full GPS data unless you strip it first. Platforms like Instagram strip GPS from publicly displayed images, but they receive and process the original file before stripping.

Device serial numbers in EXIF

Many camera apps embed a unique device identifier in EXIF under the DeviceSerialNumber or BodySerialNumber field. This ID is hardware-level and consistent across every photo taken on that device.

The practical consequence: a batch of "anonymous" photos can be linked to a single person using the serial number alone, even if names, locations, and timestamps are removed. Two photos from different accounts or different contexts sharing the same serial number come from the same device.

Forensic investigators and journalists use this technique routinely. It is a documented method in OSINT (open-source intelligence) workflows. Security-conscious photographers strip device identifiers before publishing or sharing any images.

EXIF in AI-generated images

AI image generators embed different metadata than cameras. The approach varies by tool:

DALL-E / FireflyEmbed C2PA content credentials -- not standard EXIF, but stored in the same file in the APP11 segment. Instagram reads this to apply 'Made with AI' labels.
Stable DiffusionEmbeds your full generation prompt, seed, steps, and model name as PNG text chunks (tEXt / iTXt). Readable by anyone who opens the file in a metadata viewer.
MidjourneyEmbeds XMP creator fields including the Midjourney job ID and creator handle.
Some pipelinesWrite EXIF Make/Model fields populated with camera-like strings despite no camera being involved.

Binary-level stripping handles all of it -- EXIF, XMP, IPTC, C2PA, and PNG text chunks -- in a single pass. See also: What Metadata AI Puts in Images.

For AI-generated images specifically, stripping before sharing prevents automated AI detection systems from reading C2PA provenance data and applying platform labels.

Which platforms read EXIF data

Instagram, LinkedIn, Pinterest, TikTok, and X (formerly Twitter) all receive EXIF on upload. What happens after varies:

Instagram / FacebookStrips EXIF from the publicly accessible file. Reads C2PA (stored near EXIF in APP11) to apply 'Made with AI' labels before stripping. Original file with full metadata is received server-side first.

Twitter / XStrips EXIF from publicly shared images. Server-side retention of original metadata is not publicly confirmed.

LinkedInProcesses metadata on upload. Public-facing file behavior varies by content type.

PinterestStrips EXIF from public pins. Crawled images from external URLs may retain metadata depending on origin server.

Dropbox / Drive / emailNo metadata stripping. Original file with full EXIF is stored and shared as-is.

The key point: users cannot confirm what any platform retains server-side. Stripping before upload is the only method that gives you complete control.

How to check EXIF data on your image

Three methods, from basic to complete:

Mac: Get Info

Select the image in Finder, press Command+I. The More Info section shows basic EXIF fields. Does not show GPS coordinates, device serial numbers, XMP, or C2PA data.

Windows: File Properties

Right-click the image, select Properties, then the Details tab. Shows standard EXIF fields including GPS if present. Does not show XMP history, C2PA, or AI-specific fields.

StripShot: Full metadata view

Drop any image. The detection panel shows every field present -- EXIF, XMP, IPTC, GPS, device serial, C2PA content credentials, and AI generation signatures. Then strip in one click. Free. Nothing leaves your browser.

How to remove EXIF data

There are two fundamentally different approaches. The one you choose determines whether your image quality survives the process.

Binary-level removal (StripShot)

✓Removes EXIF bytes directly from the file
✓Image pixel data never touched
✓Zero quality loss
✓PNG stays PNG, transparency preserved
✓Handles EXIF, XMP, IPTC, C2PA, PNG text chunks

Canvas re-encoding (most browser tools)

✕Draws image through HTML canvas, exports new JPEG
✕Pixels re-encoded at 85-95% quality
✕JPEG compression artifacts on every save
✕PNG converted to JPEG, transparency destroyed
✕May introduce new browser metadata

EXIF vs XMP vs IPTC vs C2PA

These four standards coexist in the same image file, in different segments, serving different purposes. They are often confused because any of them may contain overlapping information.

Standard	Where it lives	What it contains	Who uses it
EXIF	JPEG APP1	Camera settings, GPS, device	Cameras, phones
XMP	JPEG APP1/APP13 or dedicated	Creator, software, keywords	Adobe tools, AI generators
IPTC	JPEG APP13	Caption, credit, byline	Journalists, stock photo
C2PA	JPEG APP11	AI provenance certificate	Firefly, DALL-E, Copilot

Check and strip your EXIF data now

3 free/day · Binary-level · C2PA removal · No account

📷

Drop images here or browse

Select files· JPEG, PNG, WebP · Up to 20 at once

0/3 images today·Go unlimited →

Frequently asked questions

Is EXIF data the same as metadata?

EXIF is one type of metadata embedded in image files. Metadata is a broader term covering EXIF (camera data), XMP (creator/software info), IPTC (editorial info), and C2PA (AI provenance certificates). All four are separate segments in the same image file.

Can someone find my location from a photo?

Yes, if GPS EXIF data is present and the image is shared without stripping. The GPS fields in EXIF contain latitude, longitude, and altitude accurate to within a few meters. Reverse geocoding maps these to a specific address.

Does removing EXIF reduce image quality?

Only if a canvas-based tool is used. Canvas tools re-encode the JPEG, introducing compression artifacts. Binary-level tools like StripShot remove only the EXIF bytes -- the image pixels are identical to the original.

Do social media platforms remove EXIF?

Most platforms strip EXIF from publicly shared images. However, they may retain a copy of the original metadata server-side before stripping. For complete control, strip EXIF before uploading rather than relying on platform behavior.

What is EXIF data used for maliciously?

GPS tracking, device fingerprinting (using the serial number to link multiple anonymous images to one person), reverse engineering professional workflows, and in journalism investigations. Metadata stripping before publishing photos is standard practice in security-conscious contexts.

Can AI image generators write EXIF?

AI generators write various metadata types. DALL-E and Firefly write C2PA certificates (not standard EXIF but adjacent). Stable Diffusion writes prompt parameters as PNG text chunks. Some generators do write EXIF Make/Model fields claiming to be a camera they are not.

Related guides

AI Metadata

Remove AI Image Metadata