Tech website Quartz discovered the flaw and got in touch with the photo-sharing site.
On the surface it would appear that Instagram’s privacy settings are very simple, with users able to choose between public and private. This apparent simplicity is in stark contrast with the more complicated web of settings available on parent company Facebook’s privacy page.
Available for all to see
However a flaw was discovered which allowed other users to see photos that you marked as private if they had once been available for public viewing. In other words if you shared links to a photo when your account was public, but later changed to a private account, publicly viewable images would still be displayed on those links.
This loophole only functioned on the web, and not on the iOS or Android apps, before it was fixed on Friday.
Following the fix, the photos contained in those links can only be seen by followers. However if you share the photo on other social networks, such as Twitter or Facebook, at the same time, then anyone can see it. In that case the photo will always be publicly available unless you delete it.
Those photos which you only share to Instagram will now be limited to the audience specified by your privacy settings, which should always have been the case. Instagram has so far avoided controversy over its privacy policies, problems which have dogged owner Facebook.
Protecting Instagram users
It would be a real shame if Instagram started to suffer privacy issues at a time when it is about to make a big advertising push, and executives will be eager not to lose any users due to fixable bugs.
Quartz is reporting that Instagram declined to specify who game them the feedback which led to the update, or why they decided to carry out the update now. Perhaps Instagrame’s top-brass are remaining tight-lipped in order to minimize coverage of the problem.