Friday, July 20, 2007

Harry Potter Leak: EXIF Is Not A Smoking Gun

Much has been made of the Harry Potter torrent and the fact that the digital images available contain data that can be used to trace the images back to the camera if it has been serviced. What no one seems to recognize in this discussion is that EXIF data is easily edited if you know it's there. Programs which allow you to do so and even facilitate EXIF editing of 314 of the 355 EXIF fields are priced from cheap to free.

EXIF data in digital images offers a wealth of data storage - not just date, time, and camera information but everything from GPS info (that's what makes photo geotagging possible) to information about the camera settings when the photograph was taken to all kinds of custom fields that can be edited to help protect copyrights (image credits, license terms, etc.). Virtually all of these fields can be edited with the exception of date and timestamps. (View a PDF guide to EXIF fields.)

Not many people make use of EXIF data to edit it but it is perfectly legal to do so, at least when it isn't covering up a crime, and there is no way of knowing with certainty that the author of the Potter photos now circulating on the Pirate Bay did not edit the photos' EXIF data.

If they didn't, law enforcement is in luck, and of course any EXIF data is a place to start in tracking down the culprit, especially one with such horrible carpeting. But news outlets are treating EXIF data as the equivalent of a DNA test, which is only true if you could change your own DNA with a freeware computer program.

No comments: