When she published her two-part feature, Norton knew that she wanted to keep her source’s identity confidential, even from her editor. She could crop the photo so that the subject’s face was cut out of the frame, but she knew that the exif data would reveal not only the GPS location of his house, but an uncropped version of the photo in thumbnail form. So, to be extra safe (and fast), she opened the photo on her laptop back at home and took a screenshot, and sent that to her editor. The quality wasn’t the best, but any metadata embedded in the screenshot would just point back to her own computer, and Sunde’s identity was safe. “All you saw were his skinny arms,” she says.

So, “the screenshot hack,” as she calls it, will certainly work in a pinch—as long as you’re not revealing anything sensitive about your location at the time. Norton stresses that the standard photo management tools that come with your computer may not hit all the relevant exif fields, so be sure to be thorough and be aware of everything that’s being recorded each time you take a photo.

Norton also points out that digital photos aren’t the only type of files with exif data attached—audio and video files carry that information, too. Word documents and PDF files also have all kinds of embedded stuff that can identify the owner of the computer that created the files and other sensitive information. (Hill’s Forbes piece, referenced above, has some helpful instructions and links to scrubbing software that can clean that metadata up, too.)

In summary: be clean, be safe, and check your defaults.

If you'd like to get email from CJR writers and editors, add your email address to our newsletter roll and we'll be in touch.

Lauren Kirchner is a freelance writer covering digital security for CJR. Find her on Twitter at @lkirchner