What platforms actually strip from your photos is a question almost nobody asks before they upload. Most people assume that "the big platforms" remove personal metadata. Some do. Many do not. A few strip the most visible field, GPS, while preserving the camera serial number, the timestamp, and the operating system version. The result is a privacy theater pattern: photos look "cleaned" because the lat/long is gone, but they still carry enough data to fingerprint a device or place a person at a location.
This article walks through the major platforms, what each one removes, what each one keeps, and where the gaps are. The behavior described is what we observed in testing on iOS 18.4 and a Pixel 8 in early 2026. Platforms change their behavior without notice, sometimes silently, so verify with your own files before relying on any of this.
The short answer
If you only read one thing: the platforms most people assume are private (iMessage, WhatsApp, email) generally preserve EXIF data, while the platforms most people assume are public (Instagram, Twitter, Facebook) generally strip GPS but keep camera fingerprint data. The intuition is exactly backwards. Public platforms strip more than private ones because public platforms have been sued.
Public social media platforms
Instagram strips GPS coordinates and most location-revealing fields when you upload a photo to your feed or stories. It generally preserves the camera make and model. It re-encodes the image, which destroys some original metadata as a side effect of compression. The exception is direct messages, where photos are processed differently and have historically retained more metadata than feed uploads.
Facebook strips GPS from photos uploaded to your timeline, news feed, or public posts. Photos uploaded to Facebook Messenger preserve more, including timestamps and device information. Photos shared in private groups follow the public-post stripping rules in our testing. Note that Facebook routinely re-saves images at lower quality, which incidentally removes ICC color profiles and some XMP fields along with the EXIF.
Twitter / X
Twitter strips GPS coordinates on upload. It generally preserves camera model and timestamps. Photos posted as DMs follow the same stripping pattern as public tweets, in our testing. The platform reduces image quality enough that fine detail in the pixels themselves can be lost, but the EXIF tags it does keep are kept verbatim.
Reddit's behavior depends on whether you upload directly through the i.redd.it host or link out. Direct uploads strip GPS and most identifying EXIF. External links to imgur, flickr, or your own site preserve whatever the source preserves, which is often everything.
TikTok
Photo posts on TikTok (introduced in 2023) strip GPS and most original EXIF data because the platform processes uploads heavily and exports a re-encoded file. Live stream thumbnails behave similarly. Original camera roll uploads to direct messages have not been independently audited at the same level of detail and should not be trusted to be clean.
LinkedIn strips GPS data on uploads and preserves enough timestamp and device data to be useful in a professional verification context. It is not designed as a privacy-preserving service.
Private messengers
iMessage
iMessage preserves the full EXIF block of photos sent at full quality. GPS, camera model, timestamps, software version, every standard field arrives at the recipient intact. The "Send as low quality" option compresses the image but does not reliably strip EXIF. End-to-end encryption protects the photo in transit. It does not change what the recipient receives, which is your full original file.
"I sent it through iMessage so it's private" is one of the most common metadata mistakes we see. iMessage protects the photo from third parties. It does not protect you from the recipient, who receives every coordinate and timestamp you took the picture with. If the recipient screenshots and shares, the metadata is gone. If the recipient saves the original and forwards it, the metadata travels.
WhatsApp compresses photos sent through normal photo attachments, which incidentally removes some EXIF as a side effect. However, when you send a photo as a "document" (the file icon next to the camera icon), the original file is transferred with full metadata intact. Voice messages and stickers are unaffected. WhatsApp's own help articles do not clearly document this distinction.
Signal
Signal strips EXIF data from photos before sending. This has been the default for several years. The privacy posture of the rest of the platform aligns with this choice. If your goal is to send a photo to one person and have neither metadata nor server-side records persist, Signal is the most reliable option among consumer messengers.
Telegram
Telegram's behavior depends on whether you send the photo as a "Photo" or as a "File." Sent as a photo, EXIF is generally stripped during compression. Sent as a file, the original is preserved with full metadata. Many users do not realize they are choosing between these modes when they tap "Send."
Email is not a service. It is a protocol with many implementations. None of the major email clients (Apple Mail, Gmail, Outlook) strip EXIF data from attachments by default. The recipient receives the file you sent, byte for byte. If you take a photo of your home and email it, the GPS is in the file your recipient receives.
Some webmail interfaces offer image inlining or thumbnail previews that re-encode the image, which can incidentally strip some metadata. The original file is still attached.
Cloud storage and AirDrop
iCloud Photos and shared albums
iCloud preserves all EXIF data. The photos in your library are bit-for-bit identical to the originals. Shared albums propagate the original file to other participants, EXIF intact.
Google Photos
Google Photos preserves all EXIF in stored photos. There is a separate sharing-time toggle ("Remove geo location when sharing") that strips GPS from outbound shares. The toggle does not affect the original.
Dropbox, OneDrive, iCloud Drive
Cloud file storage preserves the original file. Metadata is intact. Shared links serve the original file unless you specifically use a preview function that re-encodes.
AirDrop
AirDrop transfers original files. EXIF data is fully preserved. There is no stripping at any point in the AirDrop pipeline.
The pattern
The platforms that touch the most photos and face the most regulation strip the most metadata. The platforms that pride themselves on fidelity (email, AirDrop, iMessage, cloud storage) preserve everything. Private messengers split the difference unpredictably.
Strava is a separate case worth a footnote. The 2018 Strava heatmap incident, in which aggregated location data from fitness uploads revealed the locations of military bases, is not strictly an EXIF issue. It is an example of what happens when a platform accepts geotagged uploads without thinking through the aggregate consequences. Photo platforms have similar exposure, mostly invisible.
Don't trust platform stripping. Strip first.
StripIt removes EXIF data before your photo ever leaves your device. No platform-specific behavior to memorize, no surprises. On-device, no servers.
Download StripItThe right mental model
The right way to think about platform stripping is to assume nothing. Strip your photo before you upload, and let whatever the platform does be a redundant second layer. Photos move between platforms constantly. The clean version of your photo on Instagram becomes the original version of your photo when somebody downloads it and texts it to a friend. The only file that stays clean is the one that was clean before it left your device.
Build the habit of stripping at the source. Verify the result. Forget about platform-specific rules forever.