Metadata Privacy Linter
Paste base64 image bytes or a data URL and see what EXIF, XMP, or IPTC metadata would leak if the image were shared. Values are hidden by default so reports are safe to share.
About this tool
Metadata Privacy Linter checks an image for embedded metadata that can leak private
information when you share a photo or screenshot. Paste base64 image bytes (or a
data:image/...;base64,... URL) and it scans the container for EXIF/TIFF, XMP,
and IPTC/IIM fields.
It flags common privacy risks:
- GPS location — coordinates, GPS timestamps, and GPS processing hints.
- Device identifiers — camera/lens serials, camera owner names, model names.
- Personal identity — creator, by-line, copyright, credit, and owner fields.
- Timestamps — capture, digitized, created, and modified dates.
- Software and descriptions — editing apps, host computer, captions, keywords.
Values are hidden by default so you can share the report without re-leaking the metadata you are trying to remove. Turn on Reveal concrete metadata values to show field values, decoded GPS coordinates, and an OpenStreetMap link.
Worked example
A PNG containing XMP creator and serial metadata:
image_base64 = iVBORw0KGgpwcmVmaXg8eDp4bXBtZXRh...
min_risk = all
reveal_values = false
output = report
The report lists high-risk creator/device fields without printing the actual name
or serial number. Switch output to json when you need structured data for a
pipeline.
FAQ
Is the image uploaded?
No. The scan runs in WebAssembly in your browser. The pasted base64/data URL is processed locally and never uploaded by this page.
Why does the tool ask for base64 instead of a file picker?
This gizza page model is text-input based, so base64/data URLs are the portable way to pass exact image bytes through the CLI, chat tool, and browser page. Use a local encoder or a previous tool output to provide the bytes.
What metadata formats are scanned?
The linter detects common image containers (JPEG, PNG, TIFF, WebP, HEIF, GIF) and scans EXIF/TIFF, XMP packets, and JPEG IPTC/IIM resources when those metadata blocks are present.
Does it remove the metadata?
No. It is a linter: it tells you what would leak and how risky each field is. Use an image metadata stripper or re-export workflow to remove the fields after you identify them.
Why are values hidden by default?
A privacy report can itself become sensitive if it prints GPS coordinates, serial numbers, or names. Hidden values let you share the report safely; reveal values only when you need exact coordinates or field contents.
Developer & Automation Access
Run it from the terminal
Same engine as this page, headless — via the gizza CLI:
gizza tool metadata-privacy-linter "iVBORw0KGgo... or data:image/jpeg;base64,..."New to the CLI? Get gizza →
Open it by URL
Pre-fill and auto-run this tool with query parameters — the names match the API/CLI:
https://gizza.ai/tools/metadata-privacy-linter/?image_base64=iVBORw0KGgo...%20or%20data%3Aimage%2Fjpeg%3Bbase64%2C...&min_risk=all&reveal_values=true&output=reportMachine-readable descriptor: tool.json — title + parameters JSON Schema for agents.
