Troubling iOS 17.5 Bug Reportedly Resurfacing Old Deleted Photos

[skoor101]

They only returned the deleted photos they could not sell. How nice!

 

[AdamNC]

Emails too?

It was a file of emails of a car accident I was in late 2007. I figured I could delete them. But they are back. I have already deleted them again. If more pop up I am contacting Apple. I don’t know what to think.

 

[GrayFlannel]

nothing is ever truly deleted from the internet. Deleted just means: "set visibility to 0"

So what that means is deleted space is never reused. I kinda doubt that, don’t you?

 

[ke-iron]

This tells me that your deleted photos are never really deleted.

Exactly! As much as I love Apple this is a major flaw. This also happens with text messages, almost ended my relationship when messages from past showed up at random in my phone. What saved me was the dates were there, but I still caught hell for it tho. It’s sad to see this happening but I’m glad it’s getting much exposure that the system is flawed.

 

[Velin]

What’s the latest on this? How or why are these “deleted” photos being restored?

 

[840quadra]

Think that thought through.

If a “goof” in an iOS update can bring those Back (to a device not in use at the time of the pics), that means that Apple has a way to gather and deliver that data. This means it is accessible to Apple. While getting there may be something not commonly done (maybe), it is apparently available.

This is something I never really checked during the betas and until this item showed up in Reddit or here, I would not have looked.

Now I am in the process of checking and have 165 pics (approx) that I didn’t have a couple of weeks ago on my 15PM. 435 at bu vs 600 currently.
I don’t BU photos to iCloud. It is set to Off.
I do BU device to iCloud for emergency restores.
Pics prior to the 15PM were done to a different SSD. Haven’t checked that yet.

I am finding pics from 2022/2023 (as listed on my 15PM Photos) that were not in my last photo backup (manual BU to Sandisk Extreme). They were primarily screenshots, downloads from Pinterest, or photos. Not from Messages or Email.

UPDATE: I went ahead and bu (manual) the photos on my 15PM and have removed all but 49. This has not apparently affect my iPad Pro 11. The Recents and Deleted appear to remain unchanged after the update.

I did think it through,

If there is a quota of encrypted storage available to a user that isn't maxed out, and deleting files is similar to say (on a SSD or hard disk) for that reserved space, a glitch within that encrypted allocation is likely still protected from anyone without the encryption keys.

I don't feel that this glitch is evidence of some type of disingenuous behavior by Apple, more likely a glitch in whatever file allocation system they are using.

Question.
If you have concerns of Apple looking into your secure photos or data, why are you using their services?

 

[ipaqrat]

Whatever glitch happened is not okay. Okay? We all get that. But lots of contributors here are bandying about anger-hatey-legal words, which reveals a certain... lack of intellectual capacity for circumspect ideation.

What this glitch AIN'T is illegal. There's no misdemeanor or felony statute that locks in the meaning of "Delete", "Archive", "Backup", "Restore", "Retain", "Recover" (and a bunch more arbitrary BS) and then declare arrest, arraignment, conviction and penalties for how Apple processes data conveyed into its custodianship.

Even if a complainant could demonstrate actual harm, such an incident would still be, at worst, a civil issue, some kind of tort. We all sign a user agreement, that declares Apple effectively free of liability, and they update the verbiage whenever case law impinges on their freedom of operation.

Searching the entire U.S. English user agreements for both the iPhone and iCloud, there is no clause that states that content you intentionally delete will actually be purged. the verbiage does advose that we have no recourse if they delete data by accident, or on purpose in cases of violations.

What else this glitch AIN'T is privacy related (so far). American personal data privacy law, "Right to be Forgotten" and Europe's GDPR probably would not apply to this incident as it's been characterized so far. This incident appears to be rooted solely in the internal technical implementation of private data backup and retention policy. An associated privacy breach would change things.

What else this glitch AIN'T is gonna get explained completely and honestly. We ain't owed answers, because we agreed to the user license that says, in summary, "**** us, thanks."

If you're angry, or hurt, or threatened by this incident it's on YOU. Don't blame. Don't hate. YOU believe the marketing spiel of a megacorporation. YOU use an intrinsically connected device whose inner workings are black-boxed. YOU generate the content.

EVERYTHING gets at least buffered, even if not intentionally saved. Once you commit life content to data, and allow that data into any pipeline, it ain't YOUR data, ain't YOUR life, anymore. Reliable, selective, permanent deletion should be considered beyond your reach.

Bawling like a baby, ****-talking the megacorporations, or invoking the faux-wrath of hapless bureaucrats... just makes you sound naive. This is the world now. Beyond picking out which gadgets to buy, you don't actually have a say. Live with it.

Want to change things? Some aspects are like time travel back to 1998. Who wouldn't want to live in a time when Porsche's 993 is obtainable?

• Use a grown-up camera and store media locally, with your own local backups. Not film - unless you develop and scan/print yourself.
• Download your music, movies and books; store and enjoy the media locally. Use a standalone MP3 player. Repair a tapedeck or walkman. Media used to have a logistical aspect that made it YOURS and more or less surveillance-proof.
• Write letters on paper and make the Post Office earn its keep, again. Pens and stationery are super retro for faux-nostaligic hipsters. Especially metal nib fountain pens, or even quills. There is a huge body of law around privacy of written communications.
• Make phone calls over copper or fiber cables/trunks. There is a huge body of law around privacy of old-fashioned phone calls. Cell calls are protected, too, kinda, but not like "land-line endpoint" calls.
• Send only plain-text email, and have inbound mail converted to plain text before download to the in-box. Make sure attachments are screened (Apple's and Microsoft's built-in security software are decent.). Use a local desktop eMail client that processes messages from your ISP's mail server, to read and store locally. Do not use Apple or Google or HotMail or Yahoo web mail. Do not cross-connect your ISP mail account to a web mail service.
• Use every ad blocker you can get your mits on, everywhere because **** advertisers. Pay your favorite content creators directly.
• Tag/watermark content that you DO publish to block AI scraping, or even better, to poison AI interpolation.
• You're gonna need a local backup mechanism like TimeMachine, or even just an external SSD. Do not back up to cloud services. The instant Quantum gets out of the lab, literally NOTHING you leave on the web, anywhere, will remain secure.

HACK THE PLAN... errr... wait... TAKE BACK THE PLANET!

At least clean, baseline Google Android is open-source. One could make the personal investment to learn the code and confirm how it works, compile it, and install it. Remember, proprietary OS skins, such as samsung, motorola, Huawei or ZTE (😂) turn 'Droid into black-boxed snakes, just like Apple.

 

[novagamer]

100% agree, we should not jump to conclusions without evidence. If something did occur I would very strongly bet it was unintentional, I highly doubt some conspiracy exists here.

I can’t be the only one with a backup like this but since I have it and know what I’m looking for I will continue.

My backup is organized in a disaster fashion so I extracted every photo file and am re-indexing my entire drive so I can search for text, I found one possible discrepancy so far but it may just be incorrectly dated and I can’t 1:1 match filenames since they change with a new setup. This is probably going to take all day but I will post results when I finish.

I‘ve done pretty much all I can with my backup. Due to the third party tool I used I can’t count on the dates being correct, but I believe there are some discrepancies but I’m mostly seeing things like incorrect dates or duplicates.

A few photos I’m 99% sure I deleted came back, that were never sent via messages or email or imported to my current device, if they were in fact deleted previously, but since iCloud syncs things it’s difficult to know what the root cause is here.

It’s tragic that.I don’t have good timestamp metadata for my backup (and that I don’t have a very recent one) or this would be a 100% certainty. As it is, I can’t make the case one way or the other and I don’t want to spend the rest of the week going through thousands of photos a/b checking more in-depth.

Hopefully Apple will provide a detailed technical explanation when they issue a fix, and I am inclined to believe this is a bug, whether from Photo Stream, old backups not being overwritten, stale data not being deleted from e.g. a Mac and then merged back into the library, or something else. As it stands I do not believe it was the case that Apple kept previously deleted backups which was my biggest concern given the settings I use for my devices and account.

I will say I am also positive I did not recover a lot of previously deleted items, there are probably ~50-100 photos and possibly a video or two that I’m in question of but I can’t prove because my offline backup is too old and not tagged well enough to be useful to suss out what exactly is happening.

None of it is serious in my individual case but I’d still like a good technical explanation for the issue from Apple instead of just a fix without comment.

I’m satisfied that there probably isn’t data mishandling happening and it’s a technical glitch. I do have a Mac that’s been running for 4+ years and if there was an OS bug involving not deleting photos it could explain things, as some others have speculated. Interestingly, I did see one screenshot with metadata showing it was from 2010, and a duplicate showing I took it in 2023 (I know I took it in 2023, not 2010). No idea what that’s about.

Hopefully pressure from the media, and more concrete investigations from others to back that up can compel Apple to explain what happened. Otherwise, yeah, we’ll never hear any specific details about this.

 

[kaved]

As deeply concerning all of this is, to the people speaking of GDPR and other EU / U.K. laws, the legal requirements around deletion of data pertain to right to be forgotten requests only. Which is why the U.K. law specifically mentions it by name.

Regular day to day usage of deleting one’s data from an app doesn’t qualify under right to be forgotten and can be “soft deleted” (where the data itself is there but the reference to it is removed and the data gets marked as “deleted”).

Equally, there isn’t a legal maximum to the retention period of that data. There are specific minimums around specific types of data based on jurisdiction but there is no legal maximum, only a guidance that data should be kept for the minimum possible period that the company deems it necessary. Which basically means, as long as you can provide a reason for keeping it, you can keep it.

The only exception to this is the “right to be forgotten” which requires the business to respond within a certain period and if the request is deemed to be valid then they must action that within a certain period of time as well. This too can be done via soft deletes depending on the type of data as it only really pertains mostly to PII data but with things like user generated content I’d imagine that a hard delete would be the easiest.

TLDR - What Apple did is a deeply concerning bug, but it’s most likely not illegal as the laws people are throwing around are a lot more lenient and flexible than they imagine.

Disclaimer: not a lawyer but have worked closely on systems that have close concern with those laws.

• Comment: "The legal requirements around deletion of data pertain to right to be forgotten requests only."
• Correction: GDPR indeed provides a specific right to be forgotten (Article 17), but it also emphasizes the importance of data minimization and the proper handling of personal data throughout its lifecycle. Even if a formal right to be forgotten request is not made, service providers must ensure that personal data is not kept longer than necessary for the purposes for which it was collected (Article 5(1)(e)).
• Comment: "Regular day-to-day usage of deleting one’s data from an app doesn’t qualify under right to be forgotten and can be 'soft deleted'..."
• Correction: While soft deletion (where data is marked as deleted but not physically removed) might be used for practical reasons, it must comply with GDPR principles. If a user deletes their data, the service provider must ensure it is no longer accessible or used for any purpose, aligning with the principle of data minimization.
• Comment: "There isn’t a legal maximum to the retention period of that data."
• Correction: GDPR does not set specific maximum retention periods, but it does mandate that personal data should not be retained longer than necessary. Organizations must establish and justify their data retention policies and ensure compliance with the principle of storage limitation.
• Comment: "The only exception to this is the 'right to be forgotten'..."
• Correction: GDPR has multiple provisions for data subject rights, including the right to access, rectify, erase, restrict processing, and data portability. The right to be forgotten is just one aspect of GDPR’s broader framework to protect personal data.
• Comment: "What Apple did is a deeply concerning bug, but it’s most likely not illegal..."
• Correction: If Apple failed to properly delete user data as requested, it could indeed constitute a breach of GDPR. The severity of the breach would depend on the specific circumstances, including whether the data was actually accessible or used after the deletion request.

 

[kaved]

Whatever glitch happened is not okay. Okay? We all get that. But lots of contributors here are bandying about anger-hatey-legal words, which reveals a certain... lack of intellectual capacity for circumspect ideation.

What this glitch AIN'T is illegal. There's no misdemeanor or felony statute that locks in the meaning of "Delete", "Archive", "Backup", "Restore", "Retain", "Recover" (and a bunch more arbitrary BS) and then declare arrest, arraignment, conviction and penalties for how Apple processes data conveyed into its custodianship.

Even if a complainant could demonstrate actual harm, such an incident would still be, at worst, a civil issue, some kind of tort. We all sign a user agreement, that declares Apple effectively free of liability, and they update the verbiage whenever case law impinges on their freedom of operation.

Searching the entire U.S. English user agreements for both the iPhone and iCloud, there is no clause that states that content you intentionally delete will actually be purged. the verbiage does advose that we have no recourse if they delete data by accident, or on purpose in cases of violations.

What else this glitch AIN'T is privacy related (so far). American personal data privacy law, "Right to be Forgotten" and Europe's GDPR probably would not apply to this incident as it's been characterized so far. This incident appears to be rooted solely in the internal technical implementation of private data backup and retention policy. An associated privacy breach would change things.

What else this glitch AIN'T is gonna get explained completely and honestly. We ain't owed answers, because we agreed to the user license that says, in summary, "**** us, thanks."

If you're angry, or hurt, or threatened by this incident it's on YOU. Don't blame. Don't hate. YOU believe the marketing spiel of a megacorporation. YOU use an intrinsically connected device whose inner workings are black-boxed. YOU generate the content.

EVERYTHING gets at least buffered, even if not intentionally saved. Once you commit life content to data, and allow that data into any pipeline, it ain't YOUR data, ain't YOUR life, anymore. Reliable, selective, permanent deletion should be considered beyond your reach.

Bawling like a baby, ****-talking the megacorporations, or invoking the faux-wrath of hapless bureaucrats... just makes you sound naive. This is the world now. Beyond picking out which gadgets to buy, you don't actually have a say. Live with it.

Want to change things? Some aspects are like time travel back to 1998. Who wouldn't want to live in a time when Porsche's 993 is obtainable?

• Use a grown-up camera and store media locally, with your own local backups. Not film - unless you develop and scan/print yourself.
• Download your music, movies and books; store and enjoy the media locally. Use a standalone MP3 player. Repair a tapedeck or walkman. Media used to have a logistical aspect that made it YOURS and more or less surveillance-proof.
• Write letters on paper and make the Post Office earn its keep, again. Pens and stationery are super retro for faux-nostaligic hipsters. Especially metal nib fountain pens, or even quills. There is a huge body of law around privacy of written communications.
• Make phone calls over copper or fiber cables/trunks. There is a huge body of law around privacy of old-fashioned phone calls. Cell calls are protected, too, kinda, but not like "land-line endpoint" calls.
• Send only plain-text email, and have inbound mail converted to plain text before download to the in-box. Make sure attachments are screened (Apple's and Microsoft's built-in security software are decent.). Use a local desktop eMail client that processes messages from your ISP's mail server, to read and store locally. Do not use Apple or Google or HotMail or Yahoo web mail. Do not cross-connect your ISP mail account to a web mail service.
• Use every ad blocker you can get your mits on, everywhere because **** advertisers. Pay your favorite content creators directly.
• Tag/watermark content that you DO publish to block AI scraping, or even better, to poison AI interpolation.
• You're gonna need a local backup mechanism like TimeMachine, or even just an external SSD. Do not back up to cloud services. The instant Quantum gets out of the lab, literally NOTHING you leave on the web, anywhere, will remain secure.

HACK THE PLAN... errr... wait... TAKE BACK THE PLANET!

At least clean, baseline Google Android is open-source. One could make the personal investment to learn the code and confirm how it works, compile it, and install it. Remember, proprietary OS skins, such as samsung, motorola, Huawei or ZTE (😂) turn 'Droid into black-boxed snakes, just like Apple.

• Comment: "What this glitch AIN'T is illegal... There's no misdemeanor or felony statute that locks in the meaning of 'Delete'... and then declare arrest, arraignment, conviction and penalties for how Apple processes data."
• Correction: While the commenter is correct that specific terms like "Delete" may not be precisely defined in criminal law, GDPR and other privacy regulations impose clear obligations on data handling. Failure to comply with these obligations can result in significant penalties, even if they are not criminal charges. This is especially relevant in the context of GDPR, where fines can reach up to 4% of a company's global annual revenue.
• Comment: "We all sign a user agreement, that declares Apple effectively free of liability..."
• Correction: User agreements cannot override statutory rights under laws like GDPR. Even if a user agreement attempts to limit liability, it cannot exempt a company from regulatory compliance or absolve it from penalties for breaches of data protection laws.
• Comment: "This incident appears to be rooted solely in the internal technical implementation of private data backup and retention policy. An associated privacy breach would change things."
• Correction: If the resurfacing of deleted data means personal data was retained without a valid legal basis or beyond the necessary period, it can indeed be considered a privacy issue under GDPR. Technical implementation details do not exempt a company from complying with data protection regulations.
• Comment: "If you're angry, or hurt, or threatened by this incident it's on YOU... YOU believe the marketing spiel of a megacorporation."
• Correction: While users should be cautious and informed about the services they use, companies have legal obligations to handle personal data responsibly. Blaming users entirely ignores the regulatory framework designed to protect them and the accountability of companies.
• Comment: "Use a grown-up camera and store media locally... Download your music, movies and books; store and enjoy the media locally... Use a local backup mechanism like TimeMachine..."
• Correction: The advice to use local storage and backups is practical for those concerned about data privacy and control. However, this doesn't negate the need for companies to adhere to data protection laws when handling user data.
• Comment: "EVERYTHING gets at least buffered, even if not intentionally saved... Reliable, selective, permanent deletion should be considered beyond your reach."
• Correction: While it is true that data can be cached or buffered in various systems, this does not absolve companies from their responsibilities under GDPR to ensure data is properly deleted when required. The expectation for permanent deletion is reasonable and mandated by law.

 

[rjp1]

Did your company build itself on a walled garden, as the ones who genuinely cared, and was worth paying extra because they could be trusted? That a "delete" function would do just as it says?

There needs to be investigations and hearings, and fines of $10,000 per device should not be off the table.

Even if there ends up being no specific law saying delete actually has to delete, this is a major, major breach of the trust we all gave Apple.

I don't think any company should be retaining stuff when we delete it. I was just pointing out even small companies engage in this.

 

[DENZIE]

Yes.

I guess I fell off the train and I’m not even 40. ****.

 

[Spline]

Hopefully Apple will provide a detailed technical explanation when they issue a fix

LOL

 

[Heelpir8]

I guess I fell off the train and I’m not even 40. ****.

I think that's great. I should go out and touch grass more often so I'm not perpetually up to date on the internet lingo.

 

[novagamer]

LOL

Hey, I said hopefully.

 

[Naraxus]

I would agree except for the fact that everyone here never has anything positive to say about Apple, its leadership, its products, its software, its policies. Nothing satisfies MacRumors commenters. So I would ask again why still buy from the company? Why do you?

A bit of hyperbole don't you think? I've seen plenty of commentors with many positive things to say about Apple.

 

[Jim Lahey]

...trust we all gave Apple.

Any remaining trust I had in the likes of Apple evaporated the moment it was revealed they had been colluding with the spooks in clandestine surveillance operations involving notification metadata and their excuse was that they weren't allowed to tell us. That very moment the masks were off. No one in this game can be trusted. In my estimation the whole circus amounts to not much more than a monumental data mining operation.

 

[Nikobai]

Same thing.

After this version update then suddenly when I opened my photo app then I see a deleted photo way back about six years ago. The only way to explain this is, somehow Apple do store all of our photo for undisclosed reason. Whatever reason that is, it is not right to keep other's without asking.

 

[Avidos1]

when your priority is a pride wallpaper rather than fixing problems and creating real enhancements to the user experience then you know something is wrong

“
This update introduces a new Pride Radiance wallpaper for the Lock Screen, Apple News enhancements, and other features, bug fixes and security updates for your iPhone.



Some features may not be available in all regions or on all Apple devices. For information on the security content of Apple software updates, please visit this website:

https://support.apple.com/kb/HT201222

“

 

[lpuerto]

Before anyone panicking, let's leave room for these users having somewhere a device with these very old photos cached in some way.

If indeed very old photos resurface out of nowhere this is a very serious bug, enough to justify even a class action lawsuit.

And it's the best response to every bot writing a "what about privacy" comment under every article about a Google product...

yeah! I really think this is the case. I think they are photos that were somewhere in the device and the update did some kind of garbage collection that made them resurface. Nothing more, nothing less. It's pretty funny when people say, "delete means delete" and they don't really know a deletion of data happens regularly on any OS.

Folks, you are not really deleting your data, your are just unlinking it so you can't access anymore, but in general, until other info occupies that same spot on your drive the data is going to linger there forever. If you really want to delete your data, you need to wipe your devices, several times, at least the "free space" after you delete stuff.

I think this is even worse on the SSD, since to prevent wear writing is avoided as much as possible.

 

[svish]

Hopefully Apple will fix this immediately.

 

[Jim Lahey]

yeah! I really think this is the case. I think they are photos that were somewhere in the device and the update did some kind of garbage collection that made them resurface. Nothing more, nothing less. It's pretty funny when people say, "delete means delete" and they don't really know a deletion of data happens regularly on any OS.

Folks, you are not really deleting your data, your are just unlinking it so you can't access anymore, but in general, until other info occupies that same spot on your drive the data is going to linger there forever. If you really want to delete your data, you need to wipe your devices, several times, at least the "free space" after you delete stuff.

I think this is even worse on the SSD, since to prevent wear writing is avoided as much as possible.

That's all well and good and I don't disagree but the majority don't need to know or understand the technological minutiae. When they say they want delete to mean delete they mean they don't want decade old di@k pics suddenly reappearing and being uploaded to an iCloud Photo Library. Potentially a shared library. Whatever the underpinnings of how and why this kind of thing happens, seemingly downplaying the outcome with technological explanations is just a distraction.

ETA: On further pondering - once the 30-day grace has expired or been expedited by the user, deleted photo data should be encrypted and the keys trashed. This is how they handle erase all contents & settings, and should be fairly trivial to implement for a company that exalts itself as the paragon of data integrity.

 

[Ctrlos]

Apple have bene keeping old data around on iCloud for a while. For example I can buy an iPhone 4 and Notes no longer accessible with newer versions of the app will reappear as will old Reminders.

The Photos thing appears to be from undeleted thumbnails hanging around to one side waiting to be overwritten. I normally give it a month before updating to any new software so haven't been affected yet. If you're still on 17.4 I'd advise turning off automatic updates.

Having old images reappear is one thing but its a LOT more troubling if those same thumbnails are hanging around on previously sold or traded devices and reappearing on some strangers phone. Thats the sort of problem that will tank shares and result in a string of lawsuits.

 

[Apple_Glen_UK]

Apple have bene keeping old data around on iCloud for a while. For example I can buy an iPhone 4 and Notes no longer accessible with newer versions of the app will reappear as will old Reminders.

The Photos thing appears to be from undeleted thumbnails hanging around to one side waiting to be overwritten. I normally give it a month before updating to any new software so haven't been affected yet. If you're still on 17.4 I'd advise turning off automatic updates.

Having old images reappear is one thing but its a LOT more troubling if those same thumbnails are hanging around on previously sold or traded devices and reappearing on some strangers phone. Thats the sort of problem that will tank shares and result in a string of lawsuits.

But how have old photos appeared on my iPhone when I have iCloud turned off and have never used iCloud? Exact same thing happened with my wife's phone. All very strange.

 

[sracer]

Y'all broke the GateCon indicator.... 😂

Given past history, we should be at either GateCon 5 or GateCon 9 but no one is defending Apple.

GateCon xx

Here's the typical cycle for problems reported on Apple products:

1. A few members post reports of the problem, report it to Apple
2. No response from Apple
3. Increased number of people report the issue
4. No response from Apple
5. Apple apologists dismiss the reports as very rare, the result of trolling, or exaggeration by drama queens
6. Even more reports of the problem
7. No response from Apple
8. News of the problem hits blogs
9. Apple apologists dismiss the blogs as simply engaging in clickbait
10. No response from Apple
11. Those affected by the issue threaten a class-action lawsuit
12. Apple apologists decry the "sue happy" nature of American consumers
13. Apple acknowledges the legitimacy of the problem
14. Apple apologists are silent
15. Apple release an update to correct the problem or
16. They set up a "program" to address the problem.
17. Apple gains some positive publicity
18. Apple apologists applaud Apple for doing the "right thing". (for an issue that they said from day-1 was not actually an issue)
19. First hand experience with the “program” reveals very strict guidelines and restrictions that greatly reduce the number of affected customers that can participate in the program.