As shown below, the EXIF data within the test video file contains not only the time and date the clip was taken, but also the GPS location and the software version of the iPhone that took it:
[email protected]: exiftool IMG_0183.MOV ... GPS Coordinates : 51 deg 18' 39.60" N, 0 deg 0' 9.72" E, 145.068 m Above Sea Level Make : Apple Model : iPhone 11 Pro Software : 14.0.1 Creation Date : 2020:10:10 10:03:17+01:00 Image Size : 1920x1080 Megapixels : 2.1 Avg Bitrate : 7.9 Mbps GPS Altitude : 145.068 m GPS Altitude Ref : Above Sea Level GPS Latitude : 51 deg 18' 39.60" N GPS Longitude : 0 deg 0' 9.72" E Rotation : 90 GPS Position : 51 deg 18' 39.60" N, 0 deg 0' 9.72" E
|Social Network||Photo (Mobile)||Video (Mobile)||Photo (Web)||Video (Web)|
Overall, 11 out of the 18 tested applications successfully removed the location data from the test files. Interestingly there was a noticeable difference between the mobile and web results. For example, Telegram scrubbed the EXIF data from the photo and video when uploaded from the app, but failed to remove the location data when uploading the same files through the web interface.
Discord, GitLab, Imgur, LinkedIn, Medium, Reddit, Signal, Strava, Tumblr and Twitter all managed to remove the location data. However, the worst performer was the encrypted messenger app Wire, which didn't scrub metadata.