The potential perils of metadata
Metadata - one of the most universally overlooked tools that is capable of enhancing our lives in incredible ways. Metadata allows for machines, software and applications to communicate using the same language regardless of their origin, operating system or primary functions. Additionally, we as users utilize this concept on a regular basis without even noticing with some users with visual or hearing impairments being quite reliant on it.
However, while it can be incredibly useful, metadata can also turn out to be harmful as well due to the sheer amount of technology that implements it. But what exactly is metadata? Where do we use it? Why can it be harmful? Let us answer these questions while delving deeper into the principles and working mechanism behind the different types of metadata.
What is metadata?
In order to understand why metadata can be both useful and problematic, we need to get a full understanding of the concept. So, what really is metadata?
The explanation that is most often given about the term is ‘data about data’. Simple, right? Well, not quite. While this definition is correct and it is possible to look at metadata as an extra description to a given application, file, item, concept or event, there is a lot more to it than just being described as ‘additional information’.
Technology in our current environment has many variations including a substantial amount of divergent devices, operating systems, software development languages, tools, machines among other examples. Furthermore, the list of these technologies and examples will constantly keep on expanding as we move into the next generation of technological advancements. This diversity also means that each device or system will have its own way of communicating information with others, identical or similar to it in nature.
To put this into a real-world perspective, Imagine being able to speak only one language. While English as a language for example is quite universally spoken, you will find that not everyone can talk or understand it completely.
This is where metadata comes in, acting as the tool that can bridge the gap between so many different technologies and computer languages to make our lives easier and more efficient. Many different principles, schemas and governance rules have been established that use specific metadata variations and configurations to help systems, devices and users communicate with each other.
Information and metadata in Web 2.0
Online privacy and security have been a major problem over the last couple of decades. Ever since the inception of the Internet data has always been collected and stored to later on be processed in a way to redefine user experience and expectation. However, since going into the Web 2.0 development stage of the Web, this data has been utilized by large companies to make their products better, to create personalized content and to utilize targeted advertising.
This has consequently made user data and information highly sought after, with companies constantly striving to obtain as much of it as they possibly can. Selling user information has also been a much debated issue that has especially risen to prominence as of recent years, not to mention the amount of data leaks that have also occurred.
Due to this constant data-striving, companies did not take long to turn to metadata, acknowledging it as a very powerful instrument that can be used to collect and store the lucrative user information.
Perils of traditional metadata
Given that the devices that we regularly use need to gather and process information, it comes as no surprise that metadata is sometimes labeled as potentially harmful. But why is that?
Metadata is regarded as harmful for multiple reasons. As we have already discussed, metadata appears in a number of forms and is utilized in many different areas of our everyday lives and activities.
For example, most software that you use will automatically store metadata about any changes you make to a project, be it an image file, a simple document or even something as complex as a 3D model.
Password-protecting that document or file will also not do much to keep the data safe as exposing it is just a matter of a mere right-click from your mouse and a ‘properties’ button tap. If you want to disable metadata storing, you need to go into the particular software you are using and try to manually turn off the option (if it even exists), otherwise you risk exposing potentially exploitable information such as when the file was created, by who it was generated, what changes were made to it and in the case of images - lens size, date taken as well as the location.
While this type of metadata is quite useful for cultural heritage institutions and the different objects that they need to store and create records of, you will not want to have this sort of metadata attached to your private pictures for example as there can be severe consequences if they happen to fall into the wrong person’s hands. You would be surprised just how much information is supplied with every file and picture on your desktop, tablet or mobile device or the abundance of data that smartwatches, vitals trackers and other gadgets for example can store.
Dangers of online metadata
As we already mentioned, online technologies also use metadata to establish a communication channel between themselves. Websites, web applications and other online or network connected systems can all collect metadata about you and your online activity.
Let’s say you wanted to talk to someone in private. You decide to use an encrypted messaging application or go incognito so that you can avoid recording the conversation. However, metadata about your discussion can still be collected featuring your name and that of the other chat participant(s), the time when the conversation took place and how long it went on for. While the contents and messages of the talk will be kept a secret, there is sufficient evidence there to prove that you did carry out that chat. Additionally, if you do not wish to make use of such an messaging service or app, your conversation could also have some metadata about it such as length of the messages, their time of sending and receiving and other potentially exploitable and exposable information.
Browser cookies in their purest form can also be regarded as metadata tokens because of the fact that they collect information about your session to save you time the next time you enter a given website or page. Data such as your language settings, location and even IP address are also capable of being collected. Because of this, it is important to always refuse these cookies to keep your data secure.
Additionally, there are national authorities worldwide that can request your metadata from different websites, social media platforms and other applications that you visit or use. This consequently means that if the metadata for one user is extracted, then your metadata might also be up for grabs. This intrusion is exactly why metadata is also deemed to be quite dangerous as it can breach your privacy.
How can you protect yourself from metadata leaks?
There are many things which you can do to preserve your privacy when it comes to metadata.
First and foremost, it is crucial to consider using a metadata removing tool to strip any metadata from your files (even before you delete them), pictures and any other documents which you are concerned might serve as a metadata leak point.
Secondly, disable location tracking on your phone and other devices. Location is probably the most commonly utilized metadata attribute and can be utilized to determine your position when a given picture was taken.
Thirdly, as we mentioned previously, refuse any website cookies. Not all websites will allow you to not accept their cookies as sometimes the site or web application might not be able to work without them, but strive to manually remove as many of them as possible.
Ultimately, it is vital to remember that your security and privacy while browsing online are of the utmost importance and you should always strive to protect your personal information as much as possible.