Sydney: Social networking giant Facebook has been slammed for keeping deleted pictures of a profile up to 30 months after removing them.
It has admitted it had been keeping deleted photos for a ``limited`` amount of time.
However, users who have kept the direct link to photos that were originally uploaded to the social networking site have been able to still gain access to them months, even years after deletion, reports the Sydney Morning Herald.
In one report, a Facebook user said they had deleted an image from the site 2.5 years ago (30 months), and that it was still available to see on the site.
Another said a photo from April 2009 was still accessible after it was deleted.
The revelation comes as encryption expert and author Bruce Schneier slammed the site at the RSA Conference in London, saying social networking companies were deliberately killing privacy for commercial gain.
The Facebook photo matter centres on what is known as a content delivery network, or content distribution network (CDN), which stores multiple copies of content on servers around the globe.
Facebook uses such a delivery method when you upload a photo to the site. However, when you delete your photos from the site, despite them being removed from view, if you still have the image``s direct URL it may still be accessible for a period of time after its removal.
Simon Axten, Facebook spokesman told ArsTechnica that the company was actively working with its CDN on this issue.
His statement was confirmed with Facebook``s Australian public relations firm.
"It``s possible that someone who previously had access to a photo and saved the direct URL from our content delivery network partner could still access the photo," said Axten.
"However, again, the person would have to know the URL, and the photo only exists in the CDN``s cache for a limited amount of time.
We``re working with the CDN to reduce the amount of time that the photo remains in its cache."