Metadata removal is one layer of protecting your identity, not the whole of it. If your safety or freedom depends on staying anonymous, this page is a starting point — combine it with secure channels, careful operational security, and guidance from a trusted organisation such as the EFF's Surveillance Self-Defense or a press-freedom group. No single tool can keep you anonymous on its own.
How metadata unmasks people
People who carefully remove their name from the visible content of a document or photo are often caught by the data they could not see:
- A leaked document carries the author and last-edited-by names, the company from the software licence, and sometimes tracked changes showing who wrote what.
- A photographed document carries the GPS of where it was shot and the phone's identifiers — narrowing the source to a specific device, in a specific building, at a specific time.
- An image carries the camera serial number that links it to every other photo from the same device, potentially connecting an anonymous leak to a known account.
In documented cases, exactly these fields have identified sources who believed they were anonymous.
The two separate jobs
Protecting your identity means doing two distinct things, and confusing them is the classic mistake. Redaction removes the visible identifying content from the page. Metadata removal strips the hidden layer. A document with names blacked out but the author field intact is not anonymous. Do both.
Why in-browser processing is the entire point
A tool that uploads your file to a server has created a copy on infrastructure you do not control — one that can be logged, breached, or subpoenaed. This tool processes everything in your browser; the file never leaves your device. You can verify it in your browser's developer tools (Network tab shows no upload), and you can work offline after the page loads. A server that never receives your file has nothing to hand over about you.
What to clean
- Documents — the Word, Excel, PowerPoint, and PDF tools also remove tracked changes and comments.
- Photos — the image tool strips GPS, serials, and timestamps, including from HEIC.
- Audio and video — recordings carry device and location metadata too.
If lives or liberty are at stake, do not rely on any single tool, including this one. Consult a press-freedom or digital-security organisation experienced in source protection before you act.
Frequently asked questions
How can metadata identify a whistleblower?
Author fields in documents, GPS and device identifiers in photographed materials, and camera serial numbers that link images together have all identified sources who thought they were anonymous.
Is removing metadata enough to stay anonymous?
No. It is one layer. You must also redact visible content, use secure communication channels, and follow operational security guidance. No single tool provides anonymity by itself.
Why does in-browser processing matter so much here?
An uploaded file creates a copy on infrastructure you do not control, which can be logged, breached, or subpoenaed. In-browser processing means the file never leaves your device, so there is nothing for a server to retain.
Can I verify nothing is uploaded?
Yes. Open developer tools, go to the Network tab, and clean a file — you will see no upload. You can also disconnect from the internet after the page loads and the tools still work.
Does it remove tracked changes from leaked documents?
Yes. The Word, Excel, and PowerPoint tools remove tracked changes, comments, author and company fields — not just basic properties.
Where should I get proper guidance?
A digital-security or press-freedom organisation experienced in source protection, such as the EFF's Surveillance Self-Defense guide, can help you plan beyond this single step.