Yesterday TechCrunch‘s Josh Constine reported that Facebook plans to roll out verified accounts and to allow verified users to display nicknames. Real names will still be visible on profile pages, but it’s not really the details of the new nicknames feature that interests me. Instead, it’s this little bit that Constine mentioned only in passing:
These users will be prompted to submit an image of a government-issued photo ID, which is deleted after verification.
I’m not sure about that. Jacqui Cheng over at Ars Technica recently revisited an investigation she did into what happens to photos after you “delete” them from your Facebook account. She found that the “delete” button only removed the images from the directly-accessible pieces of your account, like your profile and galleries. The files themselves, however, remained available if someone had the direct link. Those keg stands you didn’t want your potential Fortune 500 employer to see? Still there, waiting to be revealed to the world by a bitter former classmate (and Facebook friend) who didn’t get the job.
A Facebook spokesperson said the company is working on a new system that will actually erase images six weeks after users “delete” them. To be fair, Facebook’s S-1 filing with the SEC said their photo database saw an average of 250 million daily uploads in the three month period ending December 31, 2011. Management of such a massive and ever-growing repository of user photos is no doubt a massive engineering challenge. Delays are reasonably to be expected. But the Ars Technica investigation started in July of 2009. Some of those photos remained accessible for years.
And that brings me to today’s story. Facebook is going to start offering some users the option to verify their accounts. Those that do so will receive higher ranking in the social network’s “People to Subscribe to” lists. For those managing personal or corporate brands, verification could be very helpful. But, as the quote above makes clear, to be verified users must upload a government photo ID, which Facebook claims it will erase after the user is verified.
Or will they? The IDs won’t be available to other users at any point like those keg stand photos are, but I’m not very confident that some enterprising hacker won’t be able to figure out how to pluck the direct image links out of the Facebook ether and start saving copies. The question is whether Facebook plans to use the same content delivery system for these IDs that it uses for party photos and the like. If so, they’ll only be truly deleted after 45 days. If not, I’d love for them to say so.
I’ve been waffling about Facebook for a long time. I don’t like how reliant so many have become on it to communicate with people. The problem is that network effects have nasty corollaries: as more people use Facebook, using Facebook becomes more effective and valuable, but that also means not using Facebook may alienate you not only from water-cooler conversations, but from knowing how your family and friends are doing.
They’re dominating the new personal communication landscape because they make it easier and more engaging than their competitors, and certainly moreso than texting or email. So I’m still there. So is KeyPulp. But I really like Google+ (and so does KeyPulp). I like it because competition breeds innovation, and some of my Facebook friends are semi-active over there. But I wouldn’t give them a copy of my driver’s license, either. At the end of the day, there’s no way to be certain someone has deleted something on a distant server.
College-age keg stands are bad enough, but I’m not willing to risk my driver’s license floating around on the web. It just doesn’t feel safe. Let me know in the poll above whether you agree with me or you think I should be wearing a tin-foil hat.
Image by author