What \”fingerprints\” does your digital camera leave behind?

It was widely reported earlier this month that pages from Harry Potter and the Deathly Hallows were photographed and published on the Internet in advance of the official release. The Electronic Frontier Foundation had an interesting take on this story:

Perhaps the leaker didn’t realize that the digital camera he or she used — a Canon Rebel 300D — left digital fingerprints behind in every image. We downloaded a copy of the leak and took a look at the images with the open-source ExifTool, one of dozens of programs capable of reading the industry-standard EXIF digital photo metadata format. As the press reported, the camera’s serial number is in there, along with over 100 other facts including the date and time that the photos were taken and an assortment of photo-geek details about focus and lighting conditions.

It may be, then, that the leaker can be traced; there are several ways Canon might know who owns (or used to own) this camera, including a possible warranty registration or service or repair on the camera. A retailer might also have kept relevant records when it originally sold the camera. Another prospect: if images taken with the same camera were uploaded to a photo-sharing site like Flickr, their EXIF metadata might associate use of that camera with a particular account. (Flickr and other sites usually don’t allow the public to search by EXIF tag values. But it’s possible that Flickr itself, or a third-party spider that had downloaded all of its images, could perform such a search.)