Social Media and Information Storage

Posted by Katie McLaughlin on April 16, 2015

Any social media account you create stores information about you.

Hopefully you realise this. If they didn’t, they would be useless. Storing information about you includes your identity - email, name, sometimes things like your date of birth and employer - but also your actual posts.

Never think that a social media network doesn’t know anything about you.


On that note - remember that the information they have about you is not ephemeral.

Many networks now days implemented policies to prevent abuse, like username sniping. For some networks that allow complete account deletion, there will be policies in place to prevent a deleted username from being reused. Instagram uses this policy - if you delete an account with the username “HorseStapleBattery”, that username can never be re-used. Even if you have the same email address, most networks will still not allow re-enabling. This makes complete sense when you think about it - if I wanted to access your disabled account, all I had to do was control your email, and ask them to re-enable the account. Then, I just have to change the email and your account password, and you now have a unknown user controlling what was once a known instance of you on the internet. The abuse possibilities are endless.


You also must remember that social networks live off use. If you are angry about something, and use their network to voice your concern, you are generating content and traffic. This drives up usage, and revenue from ads and clicked links, and the like.

What’s also a real driver for these networks is user signups.

If you create an account and use an email address that others know you as, they will be notified.

Here’s how it can work - networks like Twitter and LinkedIn actively recommend that you upload your email contacts list to see what friends you have on the network. The email address is used as a unique identifier, and they will tell you who out of your list is already using the service.

This can work retrospectively as well. If your friend has previously uploaded their contact list, and you signup using an email known to the network, then your friend will get notified that you signed up. This happens on many networks. It can be a little bit scary if you are signing up for the first time, and all of a sudden people you know, or may not want to know, start following you.

Also slightly worrying is the fact that this isn’t advertised very well. It takes no less than 5 clicks, and a scheduled task on the backed for twitter to remove a list of previously uploaded contacts. They don’t guarantee that the information will be removed in a timely manner.


Also remember that there is no deletion on the internet.

As soon as you post something, people will see it. You can’t delete memories. Web crawlers will see it, and cache it. Archive services will take a copy. Even if you remove the post, it will be stored somewhere on the host’s servers. It could be in an audit log somewhere, it could just be marked as ‘deleted’ in a database, but the data is still there. This information can be used by the network for their own purposes, pending what you signed in the Terms and Conditions. Also, if that network ever got hacked, that information could leak out.


If in doubt, never share anything in any recorded medium that you would not want shared with everyone.

This includes: social media posts, social media private messages, instant messaging, email and email drafts (yes, there is anecdotal evidence of information from draft emails being used to create input for the email banner ads). This is not an exhaustive list. But it is something to be aware of. Any data you transmit from your device can and probably will be broadcast in some form.

Stay safe.