Why this is life-and-death, not housekeeping
For most people, metadata is a privacy nuisance. For a journalist working with a source, it can be the difference between protecting someone and exposing them. A leaked document carries the author name and the editing account. A photographed document carries the GPS of where it was shot. A PDF carries the software and timestamps that can narrow a leak to a handful of people. These have all unmasked sources in documented cases.
The two-job rule
Protecting a source means doing two separate jobs, and conflating them is the classic mistake. First, redaction: removing the visible identifying content from the page. Second, metadata removal: stripping the hidden layer. A document with the names blacked out but the author field intact is not protected. Both jobs must be done.
Why in-browser processing is the point
A tool that uploads a sensitive document to a server has created a copy on infrastructure you do not control — one that could be logged, breached, or subpoenaed. This tool processes files entirely in your browser. The document never leaves your device. You can verify this in your browser's developer tools (Network tab — no upload), and you can even work offline after the page loads. A server that never receives a file has nothing to hand over.
What to clean
- Leaked or shared documents — use the Word, Excel, PowerPoint, and PDF tools. These also scrub tracked changes and comments.
- Photographs — use the image tool to strip GPS and device data, including from HEIC iPhone photos.
- Audio and video — recordings carry device and location metadata too; the format pages handle MP3, WAV, MP4, and MOV.
For the underlying detail, our guides on tracked changes and a pre-publishing checklist are written with exactly this work in mind.
This tool removes metadata. It is one layer of source protection, not the whole of it. Combine it with proper redaction, secure communication channels, and operational security appropriate to the risk. When lives are at stake, consult your organization's security desk.
Frequently asked questions
How has metadata exposed journalists' sources?
Author fields in leaked documents, GPS in photographed materials, and software and timestamp metadata have all narrowed leaks to specific individuals in documented cases. Removing metadata closes these routes.
Is removing metadata enough to protect a source?
No. Metadata removal is one layer. You must also redact visible identifying content, use secure communication channels, and apply operational security appropriate to the risk.
Why does in-browser processing matter for sensitive files?
A tool that uploads a file creates a copy on infrastructure you do not control, which could be logged, breached, or subpoenaed. In-browser processing means the file never leaves your device.
Can I verify nothing is uploaded?
Yes. Open your browser's developer tools, go to the Network tab, and clean a file — you will see no upload. You can also disconnect from the internet after the page loads and the tools still work.
Does it remove tracked changes and comments from documents?
Yes. The Word, Excel, and PowerPoint tools remove tracked changes, comments, author names, and company fields, not just the basic properties.