Discussion
Android now stops you sharing your location in photos
egeozcan: This must be a Chrome thing, not an Android thing, no? I didn't test this but I'd be surprised if Firefox behaved the same.
fouc: [delayed]
ieie3366: Most likely: actually using the geolocation is an extremely niche usecase for images uploaded from mobile browsers.I’d wager 99.9% of the users didn’t realize that they are effectively sending their live GPS coords to a random website when taking a photo.But yes, a prop to the input tag ’includeLocation’ which would then give the user some popup confirmation prompt would have been nice
iamcalledrob: Similarly, the native Android photo picker strips the original filename. This causes daily customer support issues, where people keep asking the app developer why they're renaming their files.https://issuetracker.google.com/issues/268079113 Status: Won't Fix (Intended Behavior).
adrianN: How good are LLMs at geoguessing?
embedding-shape: Basically all up to the training data, as things often are.
xg15: I wonder if that might be another reason to just completely disable this feature and not make it a permission: otherwise people could use it to build trainingsets for geoguesser models.
adzm: This is the right move. https://github.com/whatwg/html/issues/11724#issuecomment-419... and adding a feature to browsers to explicitly use the info is the best solution really. The problem is that there was a change without a backup solution without making a native app, but preventing people from accidentally uploading their location in an image is the right move. It really needs to be more well known and handled automatically.
lifis: Obviously an image picker shouldn't leak filenames... The filename is a property of the directory entry storing the file storing the image. The image picker only grants access to the image, not to directories, directory entries or files.If you want filenames, you need to request access to a directory, not to an image
softwaredoug: Is location sharing something you can disable in iOS?
ndegruchy: Yes. You can turn it off for Camera if you don't want the geotag to be included in the photo when taken. You can also, as part of the share media picker, opt to include or exclude location data on the photo.
zenmac: Nice drunk theme! All web site should have one.
1970-01-01: >So, can users transfer their photos via Bluetooth or QuickShare? .. Literally the only way to get a photo with geolocation intact is to plug in a USB cableBluetooth is not QuickShare, stop conflating them. Bluetooth works. I just tried it. It just sends the entire file to the destination, filename intact with all EXIF, no gimmicks, tricks, or extra toggles. As it has always done for 20+ years.
sixhobbits: It's a sad story and a fun-looking project but I think Google 100% did the right thing here. Most people have no idea how much information is included in photo metadata, and stripping it as much as possible lines up to how people expect the world to work.
maccard: If google really cared about privacy, they wouldn't have moved maps away from a subdomain. now if I want maps to have my location (logical), I need to grant google _search_ my location too.
butlike: I'm not sure I follow. maps.google.com still resolves?
celsoazevedo: For most users, I think this is a good change.I used to run a small website that allowed users to upload pictures. Most people were not aware that they were telling me where they were, when the picture was taken, their altitude, which direction they were facing, etc.
flipped: Google pretends to care and most normies are fucking stupid, like the one you are replying to, that thinks Google cares about it's users. Fuck Google.
antiloper: I don't know a good solution for this. 99% of websites asking for this hypothetical permission would not deserve it. Users (rightfully) don't expect that uploading a photo leaks their location.Element (the matrix client) used to not strip geolocation metadata for the longest time. I don't know if they fixed that yet.
embedding-shape: > I’d wager 99.9% of the users didn’t realize that they are effectively sending their live GPS coords to a random website when taking a photo.I'd wager 90% of the photos on Google Maps associated with various listings don't actually know their photos are in public. I keep coming across selfies and other photos that look very personal, but somehow someone uploaded to Google Maps, the photo is next to a store or something and Google somehow linked them together, probably by EXIF.
eru: Google prompts you in Google Maps if you want to upload your picture to Maps.I sometimes do that for random pictures, even like selfies, which I don't mind popping up there.
PokemonNoGo: Wait... You post selfies on Google Maps? The thought never crossed my mind. What would the purpose be? Sorry I'm probably thick...
flipped: GrapheneOS already does this, since forever. Android can't stop copying GOS. Maybe they'll add a network toggle after a few years and call it a privacy win.
firtoz: Pretty good. I test it every now and then from random photos. Sometimes spot on, sometimes gets very close, unless it's really ambiguous.
PepperdineG: I can say for me that after my father died I posted pictures of him at some of his favorite places or from favorite trips.
bilsbie: Does iPhone do this? Kind of scary to be accidentally sending your home address anywhere you upload a photo.
butlike: The path is different than the filename though. If I want to find duplicates, it will be impossible if the filename changes. In my use case/User/user/Images/20240110/happy_birthday.jpgand/User/user/Desktop/happy_birthday.jpgare the same image.
dns_snek: [delayed]
izacus: Apple was massively praised when they started stripping location data from shared and uploaded photos.
jorvi: AFAIK a lot of the bigger sites / services already hide or outright strip EXIF.Its better to do it from the source, obviously.
thaumasiotes: This a very weird set of choices by Google. How many users are uploading photos from their camera to their phone so they can then upload them from the phone to the web?I bet almost 100% of photo uploads using the default Android photo picker, or the default Android web browser, are of photos that were taken with the default Android camera app. If Google feels that the location tags and filenames are unacceptably invasive, it can stop writing them that way.
47282847: My phone: my private space. Anything in the browser: not my private space.I want exactly that: the OS to translate between that boundary with a sane default. It’s unavoidable to have cases where this is inconvenient or irritating.I don’t even know on iPhone how files are named “internally” (nor do I care), since I do not access the native file system or even file format but in 99% of all use cases come in contact only with the exported JPEGs. I do want to see all my photos on a map based on the location they were taken, and I want a timestamp. Locally. Not when I share a photo with a third party.
username223: > Anything in the browser: not my private space.Google’s main business is ads, ie running hostile code on your machine.
p_stuart82: defaulting to strip location on share, fine. demoting plain old <input type=file> into "find a usb cable" / "go build an app" is a hell of a line to draw
master-lincoln: Because most people have no idea how the tools they chose to buy and operate work, the few rational people who educate themselves have to suffer...This sounds like a downward spiral concerning freedom.
harvey9: I suspect there used to be a flow which was far too easy to share directly to Google maps. I was browsing the map once and found a picture of a credit card in a room in a hotel. I guess the guy intended to send it to his PA or something.
sylario: On reddit half of "the is it AI?" question are answered by "Yes, it say so in the metadata".
master-lincoln: I would agree if they switched the order: first make a UI to opt-in/out and then change the default. Now they just made operations impossible
amazingamazing: Google has your location either way. What difference does it make?
kevin_thibedeau: You can lock down their usage. Limit it to three months storage and minimize sharing. They still report an old address for home and work for me since I dialed up the restrictions years ago. They have the data but it is less exposed.
amazingamazing: I honestly don’t understand the scenario you’re defending against. Google still knows where you actually live and work trivially. If you don’t trust Google you should just de-Google completely.
palata: > Android can't stop copying GOS.Well that's a good thing, isn't it?
edent: OP here. I'm not conflating them. That's why I used the word "or".I don't know how modern your Android phone is, but on all of mine sharing via Bluetooth strips away some of the EXIF.
edgineer: It's not all-or-nothing; sometimes some people at Google push for some things to improve privacy. Rarely happens when revenue is at stake.Android used to ask you "do you want to alllow internet access?" as an app permission. Google removed that, as it would stop ads from showing up. Devastating change for privacy and security, great for revenue.
sathackr: GrapheneOS still does this -- allows controlling internet access on a per-app basis.
nozzlegear: You can choose whether you want to share the location or not when selecting photos in iOS. You'll see at the bottom a label that says "Location is included", and you can click the three dots to remove location:https://imgur.com/a/lm0stDENot sure if there's a way to do that by default, I've never checked.
jeroenhd: While I think it's the right move to disable location tags by default, I also think Google should've waited until a solution to the missing functionality had at least hit the WHATWG spec.
sixothree: I had a popup on my iPhone one day "You were in City Park last weekend, would you like to share those photos?". I stopped allowing google access to my photos after that. A little late though, they had apparently scraped all of my data already.
pjmlp: GrapheneOS only exists because Google hasn't yet completely closed shop on AOSP availability.Who knows, it may eventually be only available on Motorola devices.
NelsonMinar: I wish they'd just switch to fuzzing the location instead of stripping it entirely. Instead of specifying 6 digits of lat/lon, publish 1 digit to identify what rough area you're in (to about 10km).I've done a lot of neat projects with geolocation over the years. Including a personal travel diary, a bunch of visualizations of tweets and Flickr photos, etc etc. I am sad that's become nearly impossible but I do respect that most people don't understand the privacy risk.Meanwhile on the advertising backend Google knows your exact location and is using it to help third parties target ads to you. And sleazy apps like Grindr sell location streams to anyone who asks. The bad guys get this data, just not the useful apps.
simonw: Surprisingly iOS doesn't do this - at least not for photos uploaded via a web form these days. Try this tool to see that (it should demonstrate the Android EXIF stripping behavior too): https://tools.simonwillison.net/exif
sib: "Obviously"There are plenty of use cases where the filename is relevant (and many, many people intentionally use the image name for sorting / cataloging).
smileybarry: iOS does this by default too, but it tells you about it and gives you the option to not strip the location from EXIF: the bottom of the photo picker has the text "Location not included", and the context menu opened by the "..." button on the left has a "Location" toggle. Just tested this myself on iOS 26.4.1.
lukan: For those of us stuck on normal android, is there a way to achieve that? I know it used to work with some firewall apps but nowdays they all require root access.
d2323: Netguard No Root Firewall still works for me: https://github.com/M66B/NetGuard
Shalomboy: My first eye-opening moment working within the government was with team of herpetologists at the state conservation agency. They had a pretty slick public education campaign around protecting Gopher Tortoise habitats and a grand call-to-action "let the agency know where and when they see their nests". The whole thing fell apart because they were getting tons of earnestly-submitted junk data from earnestly-engaged citizens. Turns out the application was just a form that they asked people to fill out. I suggested they ask for user photos and scrape the EXIF data or ask them to opt-into sending their location and got laughed out of the room. Turns out that they discovered users immediately nope out of government websites that ask for their location! What a shame.
MostlyStable: A colleague of mine tried doing this after a large sturgeon die off in the San Francisco Bay a few years ago. Citizens were asked to upload photos of dead sturgeon washed up on beaches. They actually got pretty good data (sturgeon are very easily identifiable) and lots of participation, but the location data ending up being largely useless because it was fuzzed (I think by iOS?) to a large enough degree to no longer be helpful, and the fields for manual coordinate entry had very low usage
akamaka: I just tested this and the default setting is to include location, but once turned off it stays off (unlike the iPhone share sheet where you need to turn it off each time).
tart-lemonade: If your camera (or phone) uses the DCF standard [0], you will eventually end up with duplicates when you hit IMG_9999.JPG and it loops around to IMG_0001.JPG. Filename alone is an unreliable indicator.[0]: https://en.wikipedia.org/wiki/Design_rule_for_Camera_File_sy...
WarmWash: It's not great for revenue, it is their revenue.People act like Google products are a charity that had been free forever, and then this mega-corp called Google came along and started harvesting the data of innocent people who just want to get directions to Starbucks.
lxgr: 100% agreed; people generally don't realize how deanonymizing EXIF data can be.I remember one of my cameras or phones including a "seconds since device startup" counter; together with the exact time the photo was taken, this yields a precise timestamp of when a phone was last restarted. This by itself can be highly deanonymizing out of a small to medium sized set of candidate phones/photographers.
buildbot: I mean the serial number of the camera and possibly lens are included too…
lukan: I also don't trust my government. So should I just degovernment completely? Sounds just as practical or realistic for most people.
shibapuppie: "Just move" seems to be a pretty popular sentiment, in the that scenario.
