Retain EXIF data on optimized/processed images

[frm]

When images are optimized in 2.3 to webp, the EXIF data is thrown into the void. It could also be stripped depending on which image processor is used on a forum too (pre-2.3, or choosing a different processor that discards EXIF).

I would propose an option for admins to enable or disable retaining the EXIF data, but make it either permission-based viewable in the lightbox or viewable in admin.php?attachments/.

While there are security concerns about displaying GPS info, etc., to the general public, retaining GPS info, or other identifying information such as the device the photo was taken with, could come in handy.

While most forums will never encounter either of these use cases, it could still be up to them to be "that forum" that can help aid an investigation or to simply reply that they have all the information on record that the forum has (EXIF is deleted and the photo is all that remains).

The use case for retaining the EXIF data is for, God forbid, there ever be an Emergency Disclosure Request by any number of intelligence or law enforcement agencies (US, unsure about UK and how they do things on that side of the pond) to fingerprint the photo seen. As to why they would want to see this, might be obvious to some, but if not, a photo (or video) could depict a crime that took place. Without the EXIF data, there's really no way to link the photo to anybody, let alone a device that someone could have owned, and had the means/opportunity to take a photo with that device, if the GPS is off.

The second use case would be photos taken of individuals on private property. While you have no expectation of privacy on public property, you do on your own or someone else's that didn't grant permission for photography. A request could be made to get the EXIF data (through the proper channels) to be able to prove that someone's rights weren't violated, and to determine the suspect, in this instance.

 

[mjda]

I second this. Especially for photography forums, that wish to show EXIF data with the images, this poses a problem where they can't use the image optimize, which would benefit sites that are image-heavy the most.

 

[Arantor]

Worth noting that if you upload from some devices, it’s stripped even before it gets to the browser to upload it. iOS in particular has a habit of such things in more recent years.

 

[mjda]

Worth noting that if you upload from some devices, it’s stripped even before it gets to the browser to upload it. iOS in particular has a habit of such things in more recent years.

Is this down to a setting on the device, or just something that happens regardless?

 

[frm]

Worth noting that if you upload from some devices, it’s stripped even before it gets to the browser to upload it. iOS in particular has a habit of such things in more recent years.

Was unaware of this, but if there's the possibility that it can be saved, it should be saved, for the reasons I made above.

And, it also benefits photography forums if they want to create a "photo map" of sorts, as possibly suggested.

I'm unsure if iOS would strip EXIF data from a JPEG exported from Lightroom, but, I don't have an Apple device to test it with. Perhaps, only if the photo was taken on the native camera and app only, and not if it's a random image that they downloaded which still has the EXIF attached. Mind testing it if you can?

 

[Arantor]

Will see if I can do some testing. It is infuriatingly hard to do things with Apple devices. In the media gallery I wrote many years ago, there is a commit whose first line of comments is just a string of the f word directed at Apple for making it so hard to debug this stuff causing me to pull an all-nighter to get it done.

Related: fixing image orientation is another candidate for screwing your EXIF data up.

 

[Digital Doctor]

Any site that allows location information to be retained in pictures should EXPLICITLY tell image uploaders that the exact location where you live is easily figured out by the images you upload. I think you have to warn them for EVERY image upload.
Be aware, if your software fails to extract location data .... you are extra liable.

I think location data is a huge risk.

one image upload, puts the forum user at risk - FOREVER.

NOT to mention, when some forum weirdo also to "happen upon" a user's location data ..... minds wander .... and some creep who KNOWs where a person lives ..... could ENTICE them to act on the knowledge.

Note: I am generally dismissive of forum owner's risk for most things. Location data is a HUGE risk.

 

[Arantor]

one image upload, puts the forum user at risk - FOREVER.

Not necessarily. While in principle you’re right, if I upload a holiday photo with my GPS data in it, I am in limited danger - and the further from that point I go both in time and space, the less and less relevant it is.

I am pretty sure iOS strips GPS data by default in uploads on the web. But I will try and verify this.

 

[Digital Doctor]

the less and less relevant it is.

Sure.
But one GPS leak, many years ago, can make you a target, who knows how long down the road.

Manual geolocation tagging of photos could be a method.

 

[Arantor]

Sure.
But one GPS leak, many years ago, can make you a target, who knows how long down the road.

Manual geolocation tagging of photos could be a method.

Only if that leak is at my home. And, frankly, most people also have such limited knowledge that being registered to vote typically puts you on a very searchable (often publicly searchable) record that will tie your name to your address…

 

[Digital Doctor]

Only if that leak is at my home.

for you.

it sure helps dox someone when you know their city.

 

[frm]

Any site that allows location information to be retained in pictures should EXPLICITLY tell image uploaders that the exact location where you live is easily figured out by the images you upload.

It's covered by the standard ToS.

All content you submit, upload, or otherwise make available to the Service ("Content") may be reviewed by staff members. All Content you submit or upload may be sent to third-party verification services (including, but not limited to, spam prevention services). Do not submit any Content that you consider to be private or confidential.

Terms and rules

You must agree to these terms and rules before using the site.

xenforo.com

You surely could update your ToS if there's an option to log EXIF, and you have it set to record it, how you see fit. However, that's pretty solid on its own.

Upload something with EXIF data here on XF's XFMG. I don't know if they strip data with optimization now, but it surely didn't before. And, there's no explicit warning here either.

1m30s

• frm
• Oct 2, 2019

Long Exposure 1'30"

I remember removing the GPS data from this, for privacy, but it still fingerprint my device (as I didn't remove all my EXIF before uploading as I was reporting a long exposure bug).

Had that been a photo of a potential crime, there's at least evidence that it was uploaded by me (suspect), and what would be the odds of me owning a Canon 5D IV? Enough for a warrant, perhaps?

Mind you, my suggestion was to show EXIF in the ACP — so it'd be you and other trusted super admins, not just a moderator.*

* But, logging it would also allow for custom development where a photography forum, for instance, could have user opt-in GPS, shown on their media. Lot's of photographs travel around for the perfect shot, not ever necessarily taking them at home. Nevertheless, there are birdwatchers that do it from home, but they could opt-out (or as photographers already know, export without GPS).

 

[Arantor]

for you.

it sure helps dox someone when you know their city.

Are you eligible to vote? Because if you are eligible and registered, chances are someone can find your address with limited difficulty - and more effectively than hoping you get lucky looking at photos.

 

[sdev]

This would work better as an extension for photo forums, in my opinion.

 

[Wildcat Media]

I'm unsure about using GPS data (and my DSLR doesn't offer it anyway), but offering exposure and lens data and camera used is helpful in photography-based discussions.