There’s No Such Thing As Online Privacy

Send to Kindle

Do you think that file you deleted from your Chromebook is really gone? Guess again.

It’s been said that nothing posted or sent online ever goes away. That’s an exaggeration, but it’s not MUCH of an exaggeration.

The fact that you deleted an email, a Facebook post, a tweet or an Instagram photo online does not mean it’s really gone. For that matter, nothing you delete from your computer’s hard drive or any other device with a hard drive (like an iPod, for example) is really gone either, unless you use a special software program to “scrub” the drive. Furthermore, anything you send or post online is being copied multiple times as it makes its way across the web, and you have no way of knowing who may be doing what with those copies. There’s no need to panic, but before I get into the nitty gritty on this topic let me just say this:

NEVER, EVER post or send anything online you would have grave concerns about if it became public. Never. Ever.

Online Privacy vs. Online Security

With online security, we’re talking about stuff like encryption: the technology banks, online stores, government agencies and some other businesses use to protect sensitive data before it’s sent anywhere. Encryption basically works like this: the sender’s encryption software scrambles the data, making it sort of like a coded message, and the recipient’s de-cryption software has the “key” that’s needed to unscramble the data. Online security that employs encryption is very sophisticated and trustworthy, so don’t worry that I’m about to tell you your online banking or credit card information isn’t safe.

Online privacy, on the other hand, is a totally different subject. Online privacy has to do with limiting access to stuff you send or post online. For example, when you send an email you can specify the recipient(s), and you can also “copy” (or “cc”) certain people and/or “blind copy” (“bcc”) certain people. Your expectation is that nobody who hasn’t been included in one of those three lists will receive, or have access to, the email.

Another good example is the way Facebook allows users to specify visibility of their posts, photos and other site content by marking it “Public”, “Friends Only”, “Friends of Friends”, or “Custom” (which allows the user to grant visibility to specific people or groups, or conversely deny visibility to specific people or groups). Here again, the expectation is that if you specify a given photo should only be seen by a handful of specific friends whose names you’ve chosen from a list, nobody else will ever be able to see it.

If it’s crucial that your boss, co-workers, significant other or family members never see it, don’t post it on Facebook.

Expectation vs. Reality: Who’s Driving the Online Privacy Bus?

Well, it’s certainly not YOU.

On every site you visit, there’s software that controls how the site looks and what you can do on the site. It’s the software that controls privacy, along with everything else on the site. This is why you’ll see a story in the news every so often about a bunch of users’ private messages being accidentally exposed on sites like Facebook and Twitter. Anytime the site software changes, the potential is there for a bug or human error to accidentally “turn off” the privacy restrictions users have set.

More than a few people have lost their jobs, significant others or dignity when a software glitch suddenly and unexpectedly exposed their so-called Private Messages or photos to the whole internet.

So I will say it again: NEVER, EVER post or send anything online you would have grave concerns about if it became public. Never. Ever.

There May Be Copies of Your Online Posts, Emails and Photos Literally All Over The World

Right about now, many of you may be anxious for me to wrap this up so you can immediately head over to Facebook and Twitter and start deleting potentially damaging messages and pictures. I’m sorry to tell you this, but deleting them won’t really make them completely disappear; this is because of all the copies—copies that most people don’t even know exist.

The internet is also known as the World Wide Web for a reason: it’s made up of a global network of very powerful computers, or servers, that are constantly relaying data back and forth to one another. As I described in another, recent post, when data (like emails, photos, Facebook status updates, et cetera) leaves your computer or other device, it’s moved across the internet to its destination by being passed from server to server until it reaches its destination. That Facebook status update you just typed in may have hit as many as a dozen servers before it was received and processed by the Facebook site, and chances are, every server along the way made a copy of it.

This is because servers are typically set up with “striping” or “mirroring”, which automatically makes copies of anything that comes to the server, as a safety precaution. That precaution ensures that if a given piece of data fails to make it to the next server down the line for any reason, there’s another copy available to be automatically re-sent.

Twitter can be a real stoolpigeon.

Many server operators retain their servers’ copies indefinitely, they may not EVER manually delete ANYTHING. It’s not uncommon to set up a server so that it only deletes stuff when more space is needed, and in that case it will usually delete the oldest stuff first. Since servers can have terabytes of storage space (one terabyte = 1,000 gigabytes), copies can hang around for YEARS before more space is needed.

How Server Copies Can Become A Problem

While most server operators are reputable and do not make any attempt to view the files on their servers, there is no guarantee. The server operator may have a sketchy employee or two, and plenty of intimate photos people thought they were sending or sharing online privately have found their way onto porn sites because a sleazy I.T. person grabbed illicit copies and shared them. It seems hardly a week goes by before some celebrity or other has nude photos leaked. This is one of the ways that happens.

A totally honest and trustworthy server operator may still end up seeing files the senders thought were personal and private, through no intent or fault of his own. If the server is running poorly or malware is suspected, the server owner may have to start examining individual files to root out the problem.

Merely Deleting A File Or Piece Of Data Will Not Really Get Rid Of It

Before I can tell you why this is so, I need to explain how your computer stores your files and data.

Norton Utilities includes a tool for data scrubbing, so files you want to delete from your hard drive really will be obliterated. But this won’t help you with online content.

You’re used to storing your files in certain folders on your computer, according to some organizational scheme you’ve set up. But on your computer’s hard drive, bits and pieces of a single file will usually be scattered across the drive’s “sectors”, or storage areas. This is because over time, sectors can become “bad”, or no longer capable of storing anything. When you save a file to your computer, the computer skips over any sectors that are bad or already in use as it “writes” the file to the hard drive.

If you were to look at the actual computer code for a given file, you’d see that each piece of the file ends with a placeholder that says where the next piece can be found on the hard drive. When you open the file, your computer works its way across the drive, locating and picking up all the pieces of the file and assembling them so that it looks like a single file to you.

So what does this have to do with deleting files?

When you’re looking at all your files in your File Manager, Finder, Explorer or whatever, what you’re really looking at is a set of “pointers”. When you save the file, a pointer, which is a sort of bookmark, is saved to indicate where that scattered bunch of data begins on the hard drive. When you click on a file name to open a file, you’re really just activating the pointer, which goes to the location where your file begins. From there your computer assembles the file and presents it to you.

When you delete a file, all you’re really deleting is the pointer. All those scattered bits of data are still on your hard drive, you just can’t find them anymore because you deleted the pointer. But a forensics expert can easily locate and re-assemble the data, which is how many white collar criminals have been caught.

You can buy certain software programs that truly do delete the data, and not just the pointer. But most people don’t have that software, because most people don’t know how their hard drives work. Most people assume that deleting a file means…well, deleting a file, and all the data that file contains.

When you delete something from Facebook, or Twitter, or your email account, unless the owner of the site server has it set up with special data-scrubbing software (and most DON’T), you’re only deleting the pointer. Without the special scrubbing software, that status update, photo, email or whatever is still on the server’s hard drive, just the same as if you’d deleted it off your own hard drive.


So say it with me now: NEVER, EVER post or send anything online you would have grave concerns about if it became public. NEVER. EVER.


Print Friendly