Living-room sofa
A daylight snap from the corner of your living room. The GPS in the JPEG is accurate to a few meters — that's the room you sleep in.
For Marketplace · Craigslist · Vinted · Depop · eBay
List the sofa.
Not your home address
±3 metres on a map.
Every photo you take inside your home for a Marketplace listing carries the exact coordinates of the room it was taken in. Buyers download those photos. So do scrapers, opportunists, and — in 2018 — anyone who knew about a now-patched Facebook Marketplace API that returned full latitude / longitude on every listing. Strip it once, locally, and the file you upload has no address to leak.
Clean listing photos
Batch up to 20 photos
Real incident · 2018
Facebook Marketplace returned exact seller coordinates.
UK researcher John Moss demonstrated that listings created in the Facebook mobile app returned the seller's full latitude and longitude through the public API — not the "approximate" location Facebook claimed in the UI. The bug was fixed. The platforms that haven't been audited that publicly are still a question mark.
The lesson generalises: stripping at the platform layer is something the platform does for you, as a favour, subject to bugs, undocumented edge cases, and revision. Stripping at your machine is something you do once and can verify.
In the file
A typical listing photo
- GPS · lat / lon50.0755°N · 14.4378°E
- Accuracy±3 m
- Capture time + tz2026-05-27 11:14 +02:00
- Device serialiPhone 15 Pro
- Owner (IPTC)Sarah Mitchell
- Embedded thumbnail160 × 120 — uncropped scene
Combined with a real first name, a buyer can identify the seller and the address from a single photo. The platform can claim the location is "approximate" in the UI, but the file you uploaded is exact.
Three rooms · same address
Every photo points to one map pin.
Bike in the hallway
Shot in your apartment building's entryway. Same GPS. Buyers ride away with the photo. So does anyone scraping the listing feed.
Watch on the kitchen counter
Even a tight product shot of a watch carries the kitchen's coordinates. The fact that the picture shows no context doesn't protect the file.
FAQ for sellers
Selling-online questions.
Does Facebook Marketplace remove EXIF from listing photos?
Facebook strips EXIF from the publicly viewable image — but their public-facing API has, in the past, returned the seller's exact latitude and longitude alongside listings, even when the UI claimed the location was "approximate." The original you uploaded sits on Meta's servers untouched. The safest play is to never hand them the GPS in the first place: strip it locally before you click "List."
Does Craigslist remove metadata from photos?
Craigslist strips most EXIF when they re-host uploaded images, but the behavior isn't documented or guaranteed, and image hosts they've used over the years have changed. Strip locally and the question doesn't apply.
What about Vinted, Depop, eBay, OfferUp?
Behavior varies by platform, by year, by upload path (web vs. app), and by image format. Treat them all the same way as Marketplace: assume the original lands on their servers in full, and the public-facing strip may or may not catch every field. Strip before upload and you're covered regardless.
I took the photo in my living room. Why does that matter?
Because the photo carries the exact coordinates of that living room, accurate to ~3 meters. Anyone who saves the file from the listing — a buyer, a scammer, a thief — has your home address. The historical 2018 Facebook Marketplace API leak exposed exactly this for thousands of UK sellers: the latitude / longitude was in the response JSON.
Doesn't an embedded thumbnail show what I cropped out?
Often yes. EXIF carries a small embedded thumbnail (typically 160 × 120) that's used for quick previews. When you crop a photo in Photos.app, the thumbnail is NOT always regenerated — so the version someone extracts from the file can show the un-cropped scene. Tracemute strips embedded thumbnails along with everything else.
Does Tracemute work for video listings (car walk-arounds, real-estate tours)?
Yes. MP4 and MOV walk-around videos carry the same per-frame GPS, camera serial, and capture metadata as still photos — and on modern iPhones, even more of it. We strip the container's metadata atoms losslessly: same picture, same audio, no location track.
Batch up to 20 photos at once. Strip every photo
Strip every photo
before the listing goes live.
Drop the whole batch into Tracemute, review the dossier (GPS, device, owner, capture time), download the cleaned files as a zip. The picture stays identical. Nothing inside it points to your door.
Clean a batch now
0 KB uploaded · 0 accounts
More situations