Facebook has a data addiction—it can’t help itself. The social media giant’s entire business model is built around collecting, processing and then monetizing our personal information. Facebook seemingly can’t contemplate user information that crosses its path which it doesn’t harvest and add to its data vault. And while its privacy settings are materially better than they were, there remain frightening gaps.
Much of this has been exposed by the ongoing battle between Facebook and Apple over the privacy of iPhone users—cutting access to tracking IDs and the location data limitations introduced with iOS 14. But there are still those gaps. If you tell Facebook not to collect location information from your iPhone, then it doesn’t, right? Wrong.
I’ve warned on the risks of image metadata before. When you take a photo with your iPhone, data is embedded in the image file. Much of this EXIF (Exchangeable Image File) metadata is technical, relating to the camera and the photograph settings, but EXIF also includes the date and time the photo was taken, the phone model, “iPhone 12 Pro Max,” for example, the version of iOS and, critically, the precise location.
You can turn off the GPS location tagging on your iPhone’s camera, but that will prevent your phone displaying photos by location, which is useful. But when you share your photos, that EXIF data may go along as well, data that will stay with your photo everywhere it’s shared. Protecting this data is not just a Facebook issue, ironically sending photos from your iPhone by WhatsApp or Facebook Messenger strips the metadata, but iMessage will not, unless you share your photos in a specific way.