I'm torn. Maybe a better approach would be a prompt saying "you're giving access to images with embedded location data. Do you want to keep the location data in the images, or strip the location data in this application?"

I might not want an application to know my current, active location. But it might be useful for it to get location data from images I give it access to.

I do think if we have to choose between stripping nothing or always stripping if there's no location access, this is the correct and safe solution.

▲

Aurornis 6 days ago | parent [-]

> saying "you're giving access to images with embedded location data. Do you want to keep the location data in the images, or strip the location data in this application?"

This is a good example of a complex setting that makes sense to the 1% of users who understand the nuances of EXIF embedded location data but confuses the 99% of users who use a product.

It would also become a nightmare to manage settings a per-image basis.

	▲	fc417fc802 6 days ago \| parent [-]
		Not per-image, it would be per-app. The first time it happened it would ask you. There are already quite a few per-app toggles for things like this so it wouldn't be anything new or particularly surprising. That said, an alternative to bugging the user might be that when the app makes the call to open the file that call should fail unless the app explicitly passes a flag to strip the location data. That way you protect users without causing needless confusion for developers when things that ought to "just work" go inexplicably wrong for them.