Data deleted from the cloud doesn't always disappear, according to researchers from the University of Cambridge.
According to a study of 16 social networking, blogging and photo sharing sites outlined by researcher Joseph Bonneau on his blog, most of them failed to remove photos after users deleted them an issue with wider repercussions, especially as businesses look to move to cloud computing.
"It's often feared that once data is uploaded into the cloud,' it's impossible to tell how many backup copies may exist and where, and this provides clear proof that content delivery networks are a major problem for data remanence," he wrote.
After 30 days, the researchers found seven of the 16 tested sites failed to revoke the photos at all, while others took hours leaving the so-called 'zombie photo' still live at the same URL.
Among others, Bebo, Facebook and MySpace left the photo live for a full month after the user deleted it, while Google services Blogger and Picasa took a few hours to remove the image. Yahoo's Flickr, Photobucket and Google's Orkut removed the images immediately.
Bonneau praised Microsoft's Windows Live Spaces, which has photo servers that use session cookies and therefore avoid the revocation issue, as the URL used doesn't stay live. Bonneau offered "a refreshing congratulations to Microsoft for beating the competition in security."
Bonneau explained that such sites are likely just waiting for photos to automatically fall out of their photo servers' cache, rather than actively deleting them as it saves on costs and complexity.
"Facebook is actually quite explicit about this, stating that when you delete IP content, it is deleted in a manner similar to emptying the recycle bin on a computer'," he noted.
While such systems may be laid out in the Terms of Service, Bonneau suggested it may be illegal under the UK's data protection act and the EU's data protection directive.
"Architecture matters, and though it may be more complicated, sensitive personal data must be stored and cached using reference counts to ensure it can be fully deleted, and not simply left to be garbage collected down the road," he noted.
The researchers have restarted the experiment with live viewing, "just for fun".
Read on here to find out if cloud computing is secure enough for business.
-
Why keeping track of AI assistants can be a tricky businessColumn Making the most of AI assistants means understanding what they can do – and what the workforce wants from them
-
Nvidia braces for a $5.5 billion hit as tariffs reach the semiconductor industryNews The chipmaker says its H20 chips need a special license as its share price plummets
-
How digital marketing will evolve beyond social mediaIn-depth Twitter's ongoing destabilisation proves businesses can't rely on social media for digital marketing forever
-
TikTok launches programme to help SMBs with social media marketingNews Six-week initiative aims to equip businesses with the skills they need to get started on the social platform
-
Snapchat now allows you to display subscriber numbersNews This update will help companies to show their influence on their industries
-
New chatbot and nano influencer services help online sellersNews Online sellers will be able to grow brand awareness, boost buying frequency and build brand loyalty
-
Businesses should act fast during upcoming Twitter purgeNews Twitter is freeing up dormant accounts, with hugely valuable handles available to the fastest fingers
-
What is Facebook Analytics and how can businesses get value from it?In-depth Google Analytics isn’t the only way to see how your business app or website is performing
-
Developing your social media voice and followingIn-depth Learn how to hone a voice that's in line with your brand's tone and goals
-
Choosing your social media contentIn-depth The audience for each platform goes to each site for different content. Here's a closer look at each one.
