The date and time you took a photo or video are saved as part of the descriptive information for each media item. The phone model may also be saved. This descriptive information is called EXIF data.
Location information may also be saved as part of EXIF data.
If you upload photos or videos to a website (Twitter, Facebook, Flickr, YouTube, your blog), the descriptive information may be preserved. Anyone viewing your media could see where, when, and with what phone you created it. Some sites strip this information off during the upload process (at the time of writing, Facebook was one that did), but it’s never worth relying on this.
If you send photos or video as an email attachment, the descriptive information is always preserved.
MMS, like SMS, can be intercepted and viewed by the network operator. Information about your phone (identifying numbers, location) is also available to the network operator.
Although mobile viruses and malicious mobile software are rare, there are cases where MMS has been used to install these on unsuspecting feature phones.
Phones with cameras can pose a surveillance risk. If someone has unauthorized remote access to the phone, the camera can potentially be remotely activated to take pictures without a user’s knowledge.
Protect Yourself
If possible, securely upload images and video to a website rather than sending an MMS.
Unless you really need MMS functionality on your phone, check the settings to see if it can be disabled.
Turn off geotagging in phone settings, and also consider turning off all location services. For smartphones there is a guide here.
If the site you are uploading media to allows it, go through your account settings and disable display of any additional information about your images.