The exploit, if you could call it that, in the app’s procedures allow images from a public account shared via a web link to be accessible even following a change of the account’s status to a private one. This meant that users on a computer, not an app on an Android or iOS mobile device, could still access the photos that were meant to be private in a web link directly on the site.
The patch fixed the issue in a simple manner – now once you set your account to private status, only followers of the account can access web links created by that account. However, the only way to make photos private if shared via Facebook or Twitter is still to remove them from that website itself. Private photos posted on social media therefore are governed by that individual site.
Instagram acknowledged the flaw soon after it was discovered and posted online via online news outlet Quartz. The social network issued a statement to the website following their article, and following that statement the patch was rolled out across the service.
Social media is continually become the subject of privacy concerns as both criminal hacking and government snooping have become the issues of the day, blowing up last year especially following NSA snooping revelations as well as hacking of major companies and social networks.
Users need to be able to review the operating policies of social networks which they have come to be dependent on for their day to day activities. Whilst the finer details of certain parts of apps are of course subject to a degree of secrecy, you would think something as simple as revealing the procedures behind this particular breach of privacy would not be all that damaging for Instagram.