Understanding (and Stripping) PDF Metadata for Privacy
Every PDF carries metadata: author name, software used, creation date, sometimes location data. Here's how to see and remove it.
PDFs carry hidden metadata: who created them, when, with what software, sometimes more. For most documents this is irrelevant; for sensitive ones it can leak information you didn't intend to share.
What's in PDF metadata
Open any PDF in Acrobat Reader and check File → Properties → Description. You'll see:
- Title — usually the filename, sometimes a document title
- Author — your Mac/Windows user name unless changed
- Subject — usually blank, sometimes the source application sets it
- Keywords — usually blank
- Application — the software that created the PDF ("Microsoft Word for Mac")
- PDF Producer — the rendering library ("macOS PDF Library 4.0")
- Created — timestamp
- Modified — timestamp
- Size — file size
Some PDFs also include custom metadata fields set by the originating application.
When metadata matters
- Anonymous submissions (whistleblower documents, anonymous tips) — your username in the Author field defeats the anonymity
- Forensic analysis — investigators can sometimes match a document to a specific user/machine via metadata
- Competitive intelligence — a leaked draft contract with the law firm's name in the metadata reveals the source
- Personal privacy — sharing a document that includes your real name when you've curated a pseudonym
How to view it
- Mac Preview: Tools → Show Inspector → "i" tab
- Adobe Reader: File → Properties → Description
- Command line:
pdfinfo file.pdf(requires poppler-utils, free) - Web tools: Most online PDF inspectors show this
How to strip it
Method 1 (manual, in Acrobat Pro): File → Properties → Description → clear the fields → Save.
Method 2 (free, online): Most PDF tools — including SwitchPDF's tools — strip metadata as part of normal processing. Run any operation (compress, rotate, even no-op operations) and the output usually has clean metadata.
Method 3 (command line): exiftool -all= file.pdf removes all metadata in one command.
Method 4 (export to image and back): PDF to JPG then JPG to PDF — rasterizes the document, completely strips text and metadata. Loses searchability but maximum sanitization.
What metadata you can't strip
- Document text content — still searchable, still extractable
- Embedded images' EXIF data — separate from PDF metadata, sometimes survives
- Font subsetting choices — can hint at which app produced the file
- Compression artifacts — sometimes identifiable to specific tools
For complete sanitization (national-security-level), you'd need to re-create the document from scratch in a clean environment. For everyday privacy, stripping the obvious metadata is enough.
Setting different metadata
If you need the PDF to claim it was created by someone or something specific (legal name, company), Acrobat Pro lets you set the fields explicitly. Most free tools either strip or leave whatever the source app set.
Bottom line
Most PDFs leak your username and the software that produced them. For sensitive sharing, run the file through any free PDF tool to strip metadata, or use exiftool. For everyday work, it doesn't matter.
Related articles
White-Out for Redacting PDFs: When It's Enough and When It Isn't
Drawing a white rectangle over sensitive content looks like redaction. It usually isn't safe redaction. Here's the difference.
Digital PDF Signatures vs Physical Signatures: Which to Use
Drawing your signature on a touch screen looks the same as scanning a paper signature. They're legally and technically different.
AES-256 vs Older PDF Encryption: Why Modern Standards Matter
A PDF "password" from 2005 can be cracked in minutes. Modern AES-256 can't. Why this matters for your sensitive documents.