Newsletter

Season of Sharing: Metadata Safety Tips for the Holidays 

By

As the holidays approach, many of us will be snapping photos and sharing our celebration recaps through various applications on our devices. While this connectivity can enhance our experience, it also exposes us to potential security risks. Understanding how our metadata—such as location, photos, and app-sharing permissions—can be compromised is crucial for maintaining our privacy and security.

More Than a Festive Snapshot

Metadata refers to the data that provides information about other data, such as the time, location, and device details attached to files like photos or documents. During the holiday season, it’s common to share photos from gatherings, check in at locations, and use apps that may request access to your contacts or camera roll. However, we should reflect on whether these requests are necessary for usage and if we are content with our information shared being freely available to these applications and companies. 

In a recent social experiment, Harvard students used smart glasses to demonstrate how easily personal data could be captured and disseminated. The students could pull information such as names, addresses, phone numbers, and even relatives in live time by scanning someone’s face with their technology. The Verge article writes that “the most unsettling part is the demo uses current, widely available technology like the Ray-Ban Meta smart glasses and public databases.”  From these data pulls, they went on to further demonstrate their ability to strike up conversations with complete strangers pretending to know each other from the information they found online. While not everyone around us wears smart glasses and knows how to pull this kind of data on others, it is current and possible. This raises important questions about our digital footprints and what information we knowingly or unknowingly share online. 

For guidance on safeguarding your privacy, consider implementing the following strategies the WashU Awareness, Behavior, and Culture (ABC) team has compiled for customizing your location and privacy settings to help you secure your metadata. 

Five Selective Settings for Secure Celebrations

  1. Review App Permissions: Regularly check the permissions granted to your apps. Both iOS and Android devices allow you to customize permissions for location, camera, and other sensitive data. For instance, you can disable location sharing for apps that don’t require it by going to your device’s settings.
  • For iOS: Go to Settings > Privacy > Location Services. Here, you can see which apps have access to your location and change their settings. 
  • For Android: Navigate to Settings > Location > App permissions to adjust which apps can access your location. 
  • Use Temporary Permissions: When an app requests access to your location or camera, choose options that allow access only while using the app, if available. This limits the time your data and metadata can be accessed. 
  1. Disable Automatic Location Tagging: Many social media platforms automatically tag your location in posts and photos. Consider disabling this feature to protect your privacy. 
  2. Educate Yourself on Privacy Policies: Understanding how your data and metadata are collected, stored, and shared can empower you to make informed choices. 
  3. Be Wary of Public Wi-Fi: Avoid accessing sensitive information over public Wi-Fi networks. Use a Virtual Private Network (VPN) for an extra layer of security when sharing data on public networks. 
  4. Selective Photo Sharing: When sharing photos, take advantage of the selective sharing options offered in platforms like Apple Photos. This allows you to share only the images you choose without revealing metadata you want to keep private. 

With these safeguards in place, we can remain vigilant about our privacy while sharing our 2024 holiday celebrations online. By understanding the risks associated with metadata sharing and implementing proactive security measures, we can feel secure that we have control over what we share about ourselves online this holiday season. For further reading on securing your data, check your device’s privacy setting guides at the links below. If you have questions or need specific information, contact the Office of Information Security at infosec@wustl.edu.

Recommended 

Information Security Strategies for iOS/iPadOS Devices 

Information Security Strategies for Android Devices 

The Importance of Risk Assessment When Reading Terms and Conditions 

References 

Song, V. (2024, October 2). College students used Meta’s smart glasses to dox people in Real time. The Verge. https://www.theverge.com/2024/10/2/24260262/ray-ban-meta-smart-glasses-doxxing-privacy