The researcher said that he had reported the bug to Instagram in October 2019 as part of its bug bounty program.
An independent security researcher has recently revealed that Instagram was not deleting the photos and messages that he had deleted from his end more than a year ago. When Saugat Pokharel, the researcher downloaded his
data from Instagram’s tool, he found that the data included messages that he had sent to others and posts that he deleted a long time back. So viewing as well as downloading the data from the server was possible. The
**data download tool was launched** by the firm in 2018 to help users restore lost data and to comply with new European data rules. [caption id=“attachment_7478291” align=“alignnone” width=“1024”]![Representational Image.]()
Representational Image.[/caption] Instagram users can access the ‘Data Download’ option by visiting a download request link or by going through the privacy settings in the app itself. Users can download images, videos, archived stories, profile, account information, comments and direct messages using the tool. Saugat
spoke to Tech Crunch about the issue and said he had reported the bug to Instagram in October 2019 as part of its bug bounty program. “Instagram didn’t delete my data even when I deleted them from my end”. Instagram has since then told the tech portal that they fixed the bug earlier this month. According to them, the researcher reported an issue where someone’s deleted Instagram images and messages were included in a copy of their information if they used Instagram’s Download Your Information tool. A spokesperson from Instagram added that they have fixed the issue and have seen no evidence of abuse. They further thanked the researcher for reporting it.
Tech Crunch also pointed out the similar problem users faced with Twitter last year. A security researcher had found that the microblogging platform was retaining old messages even after years of them being deleted. Also, messages from deleted or deactivated accounts were also stored on Twitter’s servers. According to the CEO of GajShield Infotech, a network security technology company, Sonit Jain, “Biometric privacy law needs to be strong and consumers well protected against any infringement of it. Sometimes collection of data is hidden in terms and conditions or privacy settings, they need to be simplified and any collection of data should be clearly highlighted. The settlement of facial recognition suit by Facebook, is a warning to all tech companies who collect highly personal information of consumers without their explicit opt-in and would desist them too from doing it.”
 "Instagram stored deleted pictures, messages for over a year, reveals researcher")
 "Charlie Kirk, shot dead in Utah, once said gun deaths are 'worth it' to save Second Amendment")
 "From governance to tourism, how Gen-Z protests have damaged Nepal")
 "Did Russia deliberately send drones into Poland’s airspace?")
 "Netanyahu ‘killed any hope’ for Israeli hostages: Qatar PM after Doha strike")
 "Charlie Kirk, shot dead in Utah, once said gun deaths are 'worth it' to save Second Amendment")
 "From governance to tourism, how Gen-Z protests have damaged Nepal")
 "Did Russia deliberately send drones into Poland’s airspace?")
 "Netanyahu ‘killed any hope’ for Israeli hostages: Qatar PM after Doha strike")
