Social websites like Facebook always encourage users to share content with others. Users on Facebook often upload images meant to share among friends. But sometimes, it happens that you want to delete a previously uploaded image either because you feel uncomfortable with it or someone else requests you to take it down. So you eventually go to your profile and delete the image. But is your photo really deleted?
The world’s number one social networking site seems to have some serious privacy issues. Evidently, images previously uploaded to Facebook stay on their servers even after they are deleted. And though the deleted images are not accessible from anyone’s profile, one can access them if he/she had previously copied the direct URLs of the photos.
The direct URL to any uploaded photo on Facebook contains complex combinations of characters that are difficult or may even be impossible to derive through calculations. However, a person can obtain the direct URL for an uploaded image before it is deleted from Facebook.
To obtain the direct link of a particular image on Facebook, you need to open a particular image which is already shared in someone’s profile and drag the image onto the address bar. The URL in the address bar changes to something like “http://…ak.fbcdn.net/…n.jpg” and the same image loads against a white background.
The image is actually the cached copy which is fetched from the nearest server using a third party Content Delivery Network (CDN) service known as Akamai Technologies which also provide services for Yahoo! and Twitter. The URL in the address bar links directly to this image. Now, even after your deletion, the cached copy will still be available on CDN and it can be accessed through the direct URL.
According to reports, Ars Technica’s Jacqui Cheng had approached Facebook about this issue in 2009. Now, even after three years since the issue was reported, the problem remains to be solved. She has even addressed this issue in one of her blog posts. Facebook had only deleted those images which were mentioned in Cheng’s complaint. Other deleted images that were not reported are still there on the server.
Facebook is usually quick to respond to issues. However, they seem to have taken a step back on this matter. Various deleted images continue to exist in the servers and users have even begun to think twice about uploading images to Facebook. A Facebook Spokesperson said that they were constantly working with their Content Delivery Network partners to reduce the amount of time cached copies exist in their servers.
With Facebook having one of the biggest Content Delivery Networks, deleting cached copies of all deleted images across all the servers is quite a tedious task. Facebook claims that they have been migrating to a new updated system for quite some time, and only a small percentage of images remain in the old system. Whether this migration will really solve the image persistence issue, it still remains to be seen.
Taking hint from this issue, we may assume that not just images but other user data that we share or upload to Facebook and later decide to remove, in fact, might still be lurking around somewhere in the CDN. However, we do not have any hard evidence to suggest us whether that is really the case or not.
But although the images exist even after deletion, accessing them is certainly difficult and subject to external factors like knowing the address of the image before it is deleted. And people don’t usually copy-paste the image addresses on Facebook. Taking that into consideration, users can feel less threatened about their privacy.