Photo Metadata Standards for Production Compliance

Three metadata standards live inside every production photo — EXIF (camera-generated technical data), IPTC (descriptive and rights information), and XMP (Adobe's extended framework) — and each one can leak confidential production details if not audited before distribution. IPTC captions and keywords pose the highest compliance risk because photographers routinely embed scene descriptions, character names, and plot details during tagging. Before sharing any production photo externally, strip GPS coordinates from EXIF, audit caption fields in IPTC, and check for collection names in XMP sidecar files that reference episode numbers or story beats.

You just exported 200 set photos for the publicity team to review. The copyright fields are correct, the filenames follow the naming convention, and everything looks clean. But buried in a caption field, one of those images reads "Scene 47: character death reveal, INT. HOSPITAL." And in the folder alongside 30 of those JPEGs sits a batch of .xmp sidecar files that reference a collection called "Episode 9 Finale Selects."

That's how IPTC metadata photography becomes a compliance problem. Not through some exotic hack, but through the normal, everyday act of exporting photos with default settings.

Three metadata standards live inside every production photo, and most photographers only half-understand the differences between them. That gap between half-understanding and full understanding is where NDA violations happen.

The three metadata standards living inside every production photo

Every digital image you shoot on set carries up to three layers of metadata, each written by different software at different stages of the workflow. They overlap in confusing ways, and the confusion itself is the risk.

EXIF (Exchangeable Image File Format) is what your camera writes at the moment of capture. Shutter speed, ISO, focal length, GPS coordinates, date and time, camera serial number. You don't choose what goes into EXIF. Your camera does.

IPTC (International Press Telecommunications Council) is the standard designed for descriptive and rights information. Copyright holder, creator name, caption, keywords, usage terms. This is what you (or your team) fill in after the shot, and it's what delivery specs from streaming platforms and distributors typically reference.

XMP (Extensible Metadata Platform) is Adobe's framework, and it's the wild card. XMP can store everything IPTC and EXIF store, plus ratings, color labels, collection memberships, edit history, and custom fields. It lives either embedded in the file or in a separate .xmp sidecar file sitting next to your image.

As Denise Kremer, a picture researcher and IPTC member, put it in an interview with FotoWare: "Metadata is fundamental in image management. It is through it that we guarantee the information contained in the image is read correctly. It also allows the correct inclusion of new data."

She's right. But on a production with NDA-protected content, that same metadata can guarantee information gets read by people who were never supposed to see it.

Here's what makes the production context different from general photography: according to Imatag's 2018 study on the state of image metadata, 85% of images published on the internet have no metadata at all. Out of a sample of over 40 million images, only 15% contained any IPTC, EXIF, or XMP data. The general market barely thinks about metadata. Production teams can't afford that luxury.

EXIF: what your camera embeds automatically

EXIF is the least dangerous of the three standards from a production security standpoint, but "least dangerous" isn't the same as safe.

Your camera writes EXIF data at the moment you press the shutter. Aperture, shutter speed, ISO, white balance, focal length, camera make and model, serial number, and (if enabled) GPS coordinates and precise timestamps. You don't control what goes in. The camera firmware decides.

For most production leak scenarios, EXIF is low-risk. It doesn't contain scene descriptions, character names, or plot details. Nobody's going to piece together your show's storyline from an f/2.8 aperture reading.

But there are two EXIF fields that production teams should think about. GPS coordinates can reveal an unannounced filming location. If you're shooting a major franchise at a location the studio hasn't disclosed, embedded GPS data in a leaked still tells the world exactly where you are. And timestamps can reveal shoot schedules, which on some productions counts as confidential information.

Most editing tools treat EXIF as read-only after capture. You can strip it, but you can't easily edit individual fields. That limitation actually works in your favor from a security perspective: there's no risk of someone on your team accidentally adding sensitive info to EXIF fields. The risk is only in what the camera already put there.

The practical move: disable GPS on your camera bodies during NDA-protected shoots, or strip GPS from EXIF during export. Everything else in EXIF is generally safe to leave.

IPTC: the fields that streaming platforms actually check

IPTC is where photo metadata management gets complicated for production teams.

The IPTC Photo Metadata Standard defines fields for descriptive information (captions, keywords, scene codes), administrative information (creator, job title, source), and rights information (copyright notice, usage terms, rights URL). It's the standard that was designed for the media industry, and it shows.

When a streaming platform or distributor sends you delivery specs for production stills, the required fields almost always map to IPTC. Copyright notice, creator name, caption/description, and keywords are the baseline. Some platforms require specific IPTC fields for content categorization.

That same Imatag study found that over 90% of professional photographers know what metadata is and 82% fill it in to protect their photos. Good. But on a production, knowing what metadata is and knowing which metadata to share externally are two very different skills.

And on news websites? Only 8% of published photos have enough metadata to identify the author or distributor, according to the same study. That stat tells you how much metadata gets stripped (or was never there) by the time images reach the public. For production teams, the question isn't whether to include metadata. It's which metadata to include, and where.

Which IPTC fields travel with exported files (and which shouldn't)

Think of your IPTC fields in two buckets.

Fields that are safe to embed in exported files include copyright notice, creator/photographer name, credit line, usage terms, and basic content description suitable for public context. These are what delivery specs ask for, and they don't expose production secrets.

Fields you should strip before export include detailed captions with scene descriptions, internal keywords (episode numbers, scene codes, character names), project codes, job identifiers, internal contact information, and supplemental categories that reference plot elements.

Here's the scenario that keeps compliance officers up at night. Your unit still photographer writes a thorough caption for internal tracking: "Scene 47, Episode 9: [Lead character] discovers [major plot point], INT. HOSPITAL ROOM, Day 34 of principal photography." That caption is genuinely useful for organizing thousands of photos internally. It's also an NDA violation the moment the file leaves your server with that field intact.

The caption field is the most common offender because it's the most useful field for internal organization. The more detailed and helpful your captions are for your team's workflow, the more dangerous they are if they leak. That tension is the core problem of photo metadata management on NDA-protected productions.

XMP: the sidecar problem no one talks about

If IPTC is where the obvious risks live, XMP is where the hidden ones are.

XMP was created by Adobe as an extensible metadata framework. "Extensible" means it can store practically anything: all the IPTC and EXIF fields, plus star ratings, color labels, collection names, develop settings, crop coordinates, edit history, GPS data, custom namespaces, and whatever else your software decides to write.

XMP data can be embedded directly in the image file (like IPTC and EXIF), or it can live in a separate .xmp sidecar file. And this is where production teams get into trouble.

When a unit still photographer works in Capture One or Lightroom, their edits, ratings, and organizational metadata often get written to .xmp sidecar files. These files sit next to the original images and contain everything the software knows about that photo's processing history and organizational context.

A sidecar file might contain a collection name like "EP09_FINALE_SELECTS." Or color labels that map to your internal system: red for "talent rejected," green for "approved for EPK." Or keywords that were added for internal searching but were never meant to be seen outside the production.

This isn't hypothetical. Fans have picked apart metadata in released production stills to figure out which episode each photo came from, analyzing timestamps and contextual clues embedded in the files. On a show with bigger secrets than a martial arts dramedy, that kind of analysis could reveal genuine plot spoilers.

The talent approvals workflow in ReelStorage specifically addresses the challenge of preserving XMP sidecar files from Capture One during the approval workflow, because losing the sidecar means losing edits and metadata that the photographer needs. But there's a security tension here: the sidecar your photographer needs to preserve their work is the same sidecar that could expose production details if it ships with an external delivery.

And unlike IPTC caption fields, which at least show up visibly in most metadata panels, sidecar files are easy to forget about. They're just little XML files sitting in a folder. Someone drags a batch of images into a WeTransfer upload, and the .xmp files come along for the ride. Nobody notices.

Catalog-only vs. embedded metadata: the NDA compliance split

Here's the concept that should anchor your entire metadata workflow: two layers.

Catalog-only metadata is rich, detailed, and stays in your photo management system. Scene numbers, episode references, character names, internal project codes, detailed captions, talent approval status, collection memberships. This metadata makes your thousands of photos searchable and organized for your team. It never leaves your system.

Embedded metadata is minimal and travels with the file. Copyright notice, creator credit, basic usage rights, and a generic caption suitable for public context. This is what streaming platforms need in their delivery specs, and it's what should be in files sent to press, talent, or any external recipient.

The split between these two layers is the difference between a metadata workflow that serves your team and one that serves your team while also protecting your production.

Most photographers and post-production coordinators don't think in these terms because most photography doesn't require it. A wedding photographer wants maximum metadata in every delivered file, so clients can find, credit, and reuse their images. Production photography is the opposite: you want maximum metadata internally and minimum metadata externally.

This approach also protects you when things go sideways. If a file leaks from a press outlet, embedded metadata can prove copyright ownership and identify the creator. But it shouldn't reveal which episode the still is from, what scene was being shot, or what day of the production schedule it represents.

For talent approval workflows and export controls, this split is especially relevant. Files sent to talent for review need enough metadata to identify the image and assert copyright, but captions like "Scene 47: character confrontation" should be stripped. Your internal system tracks which photos are pending talent approval. The exported files don't need to carry that context.

Building a metadata workflow that satisfies both search and security

The practical challenge for post-production coordinators and unit stills teams is implementing the two-layer approach without creating so much extra work that people start cutting corners.

Here's the thing: if your metadata workflow requires manual stripping of sensitive fields on every export, someone will eventually forget. Or they'll be rushing to meet a same-day publicity deadline and skip the step. The workflow needs to be built into your tools as presets and defaults, not as a checklist that relies on human memory at 11 PM on a Friday.

Manual vs. Automated Metadata Management

Setting up metadata templates before day one of production

Before the first shot on any production, your unit stills team should have a metadata template that covers four areas.

Start with the IPTC fields you'll always embed: copyright notice format, creator credit format, contact information, source field. These are your "always embed" fields. Then define which fields are internal-only: caption/description (internal version), keywords with scene codes and episode numbers and character names, supplemental categories, special instructions. These stay catalog-only.

Your team also needs documented conventions for XMP namespaces and custom fields used for organization, including collection naming conventions, color label meanings, and star rating criteria. Document these so everyone uses them consistently, and so everyone knows they're internal-only. Same goes for keyword naming. If your keywords include things like "EP09" or "CHARACTER_DEATH" or "FINALE," everyone needs to understand these are catalog-only fields that get stripped on export.

Doing this before the first shot saves weeks of cleanup later. I've seen productions where the metadata cleanup before delivery took longer than the actual culling process, because nobody established conventions at the start. For a walkthrough of setting up metadata fields in your asset management system, see our guide on editing metadata for production assets.

Export presets that strip what shouldn't leave

Every major photo management tool supports export presets with metadata options. Use them.

Lightroom Classic has a Metadata section in the Export dialog where you can choose to include only copyright and contact info. Create a preset called something like "PRODUCTION EXTERNAL" that strips everything except your approved fields.

Capture One export recipes control metadata inclusion. You can create a recipe that removes IPTC fields you've designated as internal-only. Pay special attention to the sidecar handling. Make sure your external export recipe does not include .xmp files.

Photo Mechanic gives you granular control over metadata inclusion at export. Build an export template that matches your production's approved external fields.

The common mistake is leaving the default "include all metadata" setting in place. Most software defaults to including everything, because most photographers want everything included. On an NDA-protected production, that default is a compliance risk. If you're using tags and keywords as part of your internal organization, our guide on tags and metadata best practices covers how to keep those useful internally without exposing them in exports.

One more thing nobody tells you about: if you're using ReelStorage to manage metadata in production photo workflows, the system can enforce the catalog-only vs. embedded split at the platform level. That means the workflow doesn't depend on individual photographers remembering to use the right export preset.

For teams managing secure photo sharing for production teams, automating this split is the difference between a process that works on paper and one that works at 2 AM during a press junket.

FAQ

What's the difference between IPTC, EXIF, and XMP metadata?

EXIF is technical data your camera writes automatically (shutter speed, ISO, GPS, timestamp). IPTC is descriptive and rights information you add after capture (caption, copyright, keywords). XMP is Adobe's extensible framework that can store both of those plus custom fields, either embedded in the file or in a separate .xmp sidecar file. For production teams, the key difference is what each standard can expose when files leave your control.

Can metadata in production photos violate an NDA?

Yes. IPTC caption fields with scene descriptions, XMP sidecar files with collection names that reference plot points, and EXIF GPS data revealing unannounced filming locations can all constitute NDA violations when they ship with exported files. Fans have demonstrated this by analyzing metadata in released production stills to identify episode details and plot clues.

Which metadata fields do streaming platforms require for photo delivery?

Most streaming platforms and distributors reference IPTC fields in their delivery specs: copyright notice, creator name, caption/description, and keywords are the typical baseline. Specific requirements vary by platform. Check delivery specs early in your production and build the required fields into your metadata template so you're not scrambling at delivery time.

Should I delete XMP sidecar files before sending photos externally?

Don't delete them from your working files. Your photographer needs those sidecars to preserve edits and processing data. But don't include them in external deliveries either. Sidecar files contain edit history, ratings, collection memberships, and custom fields that can reveal internal production details. Export with embedded-only metadata using a stripped preset, and leave the sidecars on your internal system.

How do I strip metadata from photos before sending them to press or talent?

Use export presets in your editing software (Lightroom, Capture One, Photo Mechanic) configured to include only copyright, creator, and basic contact fields. Avoid "include all metadata" defaults. For extra security, run a batch metadata audit on exported files before delivery. Tools like ExifTool can verify that your exported files contain only the fields you intended.

Key takeaways

Metadata isn't just an organizational tool. On NDA-protected productions, it's a security surface. Every caption field, every sidecar file, every keyword is a potential leak vector if your export workflow doesn't account for it.

Four things to do now:

Split your metadata into catalog-only and embedded layers from day one of production. Rich, detailed metadata stays in your system. Minimal rights metadata travels with exported files.

Create export presets before the first delivery, not after someone notices a caption with scene details made it to a press outlet. Build the presets, name them clearly, and make sure every photographer on your team knows to use them.

Handle XMP sidecars deliberately. Preserve them internally (your photographers need them), exclude them from external deliveries (your compliance team needs that).

Audit exported files as part of your delivery checklist. A quick metadata check before files leave your system takes seconds. Cleaning up after a metadata-driven leak takes considerably longer.

As streaming platforms tighten their delivery specs and productions handle more images across more platforms, metadata literacy is becoming a baseline professional skill for production photo teams. The photographers and coordinators who treat metadata as both an organizational asset and a security concern are the ones who won't get the call asking why episode 9's plot twist showed up in a photo caption three months before air.