Image Privacy Workbench: complete usage guide
Strip supported image metadata by re-encoding files locally and guide screenshot redaction in the safest order: hide visible secrets first, then remove metadata, inspect, and export.
What this tool does
It scans selected image bytes for EXIF, XMP, GPS, camera, and editor metadata markers.
It re-encodes supported images through browser canvas to produce a fresh PNG or JPEG without original metadata chunks.
It compares before and after scans so users can confirm whether obvious metadata markers remain.
It presents a screenshot sharing workflow that prioritizes visible redaction before resizing or compression.
Typical use cases
- Remove metadata from a screenshot or photo before sending it to an issue tracker.
- Check whether a camera image contains GPS, device, or editor traces.
- Prepare sanitized visual evidence after using Photo Censor for visible secrets.
- Export a cleaned image locally without uploading private content.
- Teach teammates the safe order for screenshot redaction workflows.
Input examples
Supported image
photo-with-gps.jpg (JPEG or PNG selected from the local device)
Screenshot review list
visible token, email, account name, internal hostname, browser tab title
Output examples
Re-encode result
Before: EXIF, GPS, camera marker detected
After: no EXIF/XMP/GPS marker detected in exported PNG
Safe order
1. Redact visible secrets
2. Strip metadata by re-encoding
3. Inspect export
4. Download sanitized image
Common errors and fixes
Removing metadata before covering visible secrets
Redact visible tokens, emails, and hostnames first, then strip metadata.
Assuming all metadata formats are detectable
Use the scan as a safety check, then manually inspect the exported file before sharing.
Persisting original uploads
Do not save original images in recipes, URLs, cache, or shared notes.
Security and privacy notes
For the shared privacy terminology, local processing model, external-request labels, and DevTools verification workflow, see the Trust Center.
- Selected images are processed locally with browser APIs.
- Uploaded files and sanitized outputs are not persisted by default.
- Download only the reviewed sanitized export, not the original file, when preparing public evidence.
Step-by-step workflow
- Feed Image Privacy Workbench the smallest reproducible sample you can collect from the real issue.
- Review the first findings and separate confirmed signals from assumptions or environment-specific noise.
- Compare a clean baseline sample against the problematic input when you need to isolate regressions.
- Keep one redacted output snapshot with the key findings for tickets, runbooks, or incident handoff.
Quality checklist before sharing output
- Confirm Image Privacy Workbench findings still reproduce with the same input and assumptions.
- Check that the sample includes enough surrounding context to support the conclusion you are drawing.
- Translate notable findings into concrete next checks, ownership, or remediation notes.
- Redact private hosts, tokens, certificates, or customer identifiers before sharing analysis output.
Operational notes
Image Privacy Workbench is most effective when it produces a focused, reproducible evidence bundle that can be handed to the next engineer without extra cleanup.
Frequently asked questions
Does it upload my image?
No. The file is read and re-encoded in the browser.
Does re-encoding remove visible secrets?
No. Use Photo Censor or another redaction step for visible areas before metadata removal.
How is metadata removal verified?
The tool scans before and after byte markers and reports whether EXIF/XMP/GPS-style markers remain.
