:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/37866236/482358015.0.0.jpg)
As a number of celebrities were reminded over the weekend, photos uploaded to online services such as iCloud are vulnerable to hacking. And often users aren't even sure which photos have been uploaded or how to remove those they don't want there.
Technology companies haven't helped. In their eagerness to get users to use these services, companies have configured online services to pester users about enabling cloud backup services. A lot of users, including hacking victim Jennifer Lawrence, have found the whole process confusing.
JLaw: "My iCloud keeps telling me to back it up, and I'm like, I don't know how to back you up. Do it yourself." http://t.co/kIsOsy8VOs
— nilay patel (@reckless) May 13, 2014
So here's a quick primer on how to remove sensitive photos from cloud services. It's worth noting that these methods may not be totally foolproof. Technology companies have been known to hold on to files long after they were deleted by the user, so you can never be sure that a "deleted" file is really gone. But these methods will likely foil someone who — like whoever was responsible for this week's celebrity photo thefts — simply obtained a victim's login credentials.
Deleting photos from iPhones and iPads
Photo syncing in iOS, the operating system that powers iPhones and iPads, is controlled by Apple's Settings app. If you don't want photos you take with your iPhone automatically uploaded to Apple servers, you can follow directions for disabling automatic photos uploads here. iCloud's device backup feature also saves a copy of your photos. There are directions for disabling that here.
What if you want to use photo sync but remove an individual photo from iCloud? To do that, open the Photos app.
Go into the photo stream album, select the photo you want to delete and click on the trash icon. It should give you a message indicating that the file will be deleted from the photo stream album on all of your synced devices:
Part of the confusion around deleting photos from Apple devices is that you must delete the photo from more than one album to get rid of it completely. The steps above will delete the photo from the cloud, but not the device's camera roll album. (You have to manually delete it there, too). If use the photo stream option and you only delete a photo from the camera roll album, it will still exist on the cloud. So if you want to erase the photo from both your device and the cloud, you must delete it from both albums.
Deleting photos from Android phones
The steps for enabling and disabling the photo backup service on Android are available here.
If you want to use photo syncing but delete individual photos, you use Google's own "Photos" app. On my version of Android (4.4.2, released in December), this is separate from the Camera and Gallery apps.
The Photo app also allows you to delete individual photos in a way that should also delete them form Google servers. Tap the photo you want to delete and then select the "trash" icon in the lower right.
You'll be asked to confirm that you want to delete the photo, and you'll be warned that this will delete copies of the photo everywhere.
Selecting yes will move the photo to the trash folder. To fully delete it, you need to navigate to the trash folder and then choose the "empty trash" menu item.
Will following these steps guarantee that my private photos are gone for good?
It's hard to be certain. Most of the time, the top priority of online services is to avoid losing customer data, and they achieve that by keeping lots of redundant copies of data. But that same strategy means that there might be extra copies of a file lying around that aren't easy for a user to find.
Still, deleting photos using the techniques described here definitely reduces the risk that they'll fall into the hands of hackers like the one responsible for this week's photo dump. Many hackers gain access to files by impersonating users. So even if Google or Apple has a spare copy of your file on a backup tape somewhere, if you don't have access to it then a hacker probably won't have either.
