Through our testing, we showed that Signal app does indeed, stripped and removed all EXIF Metadata from our photos when we send and received them
Signal, the messaging app supported by both Android and iOS platforms, saw a huge rise in downloads in early January 2021. This came after Whatsapp announced that it would make its users share some personal data with its parent company, Facebook.
Privacy-conscious individuals found further confidence in Signal, especially when Elon Musk and Edward Snowden both gave the app confidence in their respective tweets.
This article will cover the actual testing done on the Signal app regarding how it handles our photos metadata and how much of the metadata is actually removed.
Besides Signal, we also did extensive testing on these following instant messaging apps;
Setting Up The Test Environment
Two Mobile Phones
Two separate mobile phones, each having their own Signal accounts were setup for this experiment.
Phone A will act as the Sender of the photo
Phone B will act as the Receiver
Taking A Photo containing EXIF data
Phone A took a photo with its camera app, with the purpose of capturing full EXIF metadata.
The configurations were toggled on;
Phone A then sends that photo to Phone B via Signal app.
The Difference in Signal Photo Metadata
EXIF Data on Photo | Before Sending (in Phone A) | After Sending (in Phone B) |
---|---|---|
Filename | IMG_20210602_133719.jpg | Changed (signal-2021-06-133938.jpg) |
File Size | 3991982 bytes (3.99 MB) | Reduced 302879 bytes (0.3 MB) |
GPS Location (Coordinates, Timestamp) | Yes | Removed |
Make & Model of Device Used | Yes | Removed |
Image Height & Width | 3456 x 4608 | Reduced (2048 x 1536) |
EXIF Details (Aperture, Brightness, Exposure, Mode, ISO, Flash, etc.) | Yes | Removed |
Photo Creation Timestamp | Yes, named as “Create Date” | No, only has “File Access Date” |
Test Conclusion
Q&A relating to Signal Photo Metadata
Does Signal removes or strips off photo’s EXIF metadata?
Yes, it does removes EXIF metadata from photos that we sent them over to other Signal users.
Based on our testing, values such as GPS locations containing lat/long coordinates, make & model of device used and EXIF details such as Aperture settings, ISO settings, if Flash was used, etc, are removed.
Values such as image size and image height & width are reduced.
The filename value was also changed on the recipient’s end.
Is it possible to send EXIF metadata of a photo to someone in Signal?
No, this is not possible. Signal users have no control over their photos metadata once it gets to Signal servers.
Does it matter if the Signal user is using either Android or iOS mobile device?
It does not matter at all. The testing used in this article was using an Android device and an iPhone device.
The decision to strip off EXIF metadata from photos are entirely on the part of Signal, not the users.