Metadata - What it is, common risks, and how to share it safely

Metadata

What it is

Metadata is information about your data. It describes who made a file, when and where it was created, what device or app was used, and how it should be organized. Think of it as the label on the box that helps systems and people understand the contents.

Why it matters

Metadata makes search and sharing easy - but it can also expose private details like location, author, or edit history if you share files as-is.

Common examples

  • Photos: camera model, date, and GPS location

  • Documents: author name, company, version, track changes

  • Emails: sender, recipients, subject, routing headers

  • Media: titles, tags, album, codec, duration

Red flags

  • Posting images with location tags from home or office

  • Sharing a contract that still contains hidden comments or revisions

  • PDFs that reveal author usernames or internal paths

Good practices

  • Strip location data from photos before posting.

  • Export a clean copy of documents without comments or track changes.

  • Review PDF properties and sanitize before sharing externally.

  • Use clear naming and tags internally, but keep external shares minimal.

  • Set tools to prompt before embedding metadata you don’t need.

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Inference Attack

        What it is An inference attack is when someone pieces together harmless-looking data to figure out sensitive information. No single detail gives it away, but combined facts - dates, locations, habits - can reveal things like your identity, health ...

      • General Data Protection Regulation (GDPR)

        What it is The GDPR is the EU’s data privacy law. It sets clear rules for how organizations collect, use, share, and store personal data - and gives people strong rights over their information, no matter where a company is based if it serves EU ...

      • Data Breach Prevention

        Why it matters Breaches drain money, trust, and time. Strong basics turn scary “what ifs” into non-events: a phish gets ignored, a stolen password is useless, a lost laptop holds only encrypted gibberish. The short, smart checklist MFA everywhere: ...

      • Data Breach

        What it is A data breach is when someone gets into a company’s systems without permission and steals sensitive info—customer names, emails, passwords, payment details, medical records, and more. For overview: see our data breach guide How it happens ...

      • Data Execution Prevention

        What it is Data Execution Prevention (DEP) is a Windows safety net that stops code from running in places it shouldn’t—like the stack or heap. If malware tries to execute from those memory areas, Windows blocks it and shuts the app down instead of ...