Tickets for the Kyber bez keců conference (May 21) are now available – register by the end of March and get the early-bird discount. 🚀

Metadata

Metadata is data that provides information about other data, such as the author, date, or file format, often used to organize, search, or manage large data sets, but also contains sensitive information that can be exploited by attackers.

 

 

What is metadata?

Metadata are pieces of information that describe other data. For example, when you save a document, the metadata might include the author’s name, the creation date, last modified time, or the file version. In the case of a photo, metadata can include the device type, resolution, or GPS coordinates. Metadata help organize, classify, and locate data—but they can also unintentionally expose sensitive information.

 

Where metadata appear and why they matter

Real-world examples:

  • Office documents often contain the author’s name, company name, and edit history.
  • Photos taken on smartphones include location, date, and device model.
  • Emails include metadata about sender, timestamp, and mail server.
  • Cloud-stored files track access history—who edited what and when.
  • System logs record metadata such as IP addresses and login times.

 

Summary:
Metadata are usually created automatically and often hidden from plain view. Yet they can contain valuable information from a security, privacy, or compliance standpoint. Overlooking metadata can lead to accidental leaks or poor data governance.

 

Metadata vs. data vs. personal data – What’s the difference?

  • Data – The main content (e.g., document text, photo image, audio recording).
  • Metadata – informace o – Information about that content (e.g., who created it, where and when).
  • Personal Data – Any data that identifies a person (sometimes found within metadata).

 

Why this distinction matters:
Under data protection laws like GDPR, metadata may contain personal data and must be handled accordingly. Metadata are also vital for digital forensics, audits, and automated processing. Knowing what metadata your files hold helps control what you share—and protect what’s confidential.

 

How does the metadata in your company

Recommended steps:

  1. Check metadata before sharing documents – especially those sent outside the company.
  2. Remove or customize metadata – before publishing—using built-in tools in MS Office or PDF export options.
  3. Use automated tools – to clean metadata—especially for legal, marketing, or HR documents.
  4. Include metadata policies in your company’s data security procedures.
  5. Educate employees – most users don’t realize files contain hidden information.

 

Why It Matters
Metadata may seem like a minor technical detail, but it can reveal more than you intend—employee names, locations, or file change history. Many companies overlook metadata, yet it can be the key to preventing leaks or targeted attacks. Awareness and control over metadata are essential parts of modern information security.

back to glossary