Slashdot Mirror
European Users Overwhelm Facebook With Data Requests
An anonymous reader writes "If you've ever wondered how much personal data Facebook holds about you then prepare to be surprised. Using European data privacy laws, it's possible to request the data Facebook has stored about you. The document can total 800 pages covering everything from the expected name, address, and date of birth, right through to every event you've attended, every message you've deleted, and your political and religious views."
The best part is that Facebook has to send a physical disc containing the data. This has been exploited by a number of users, completely overwhelming Facebook's ability to make the discs.
From the Reddit post they discussed: http://www.damnlol.com/watermarked/ea83e08059fd271293365560edd6d795.jpg
It's always confirmation bias!
Hundreds of pages of tracking and logging every single user in that kind of detail?
And that's why I use Facebook as little as possible.
What if my purpose in requesting the data about me isn't to help DDoS Facebook with a deluge of requests, but because I actually want to know what data Facebook's compiled on me. That is, after all, why the law exists in the first place, and it's not at all strange that someone might want to know that information.
If Facebook finds it expensive and inconvenient to mail out physical CDs, they could agree to allow at least optional delivery by other means, such as over the internet.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
I know, it is hard to fathom that anyone would not have an account, but I have intentionally avoided it myself. However since I do appear to be the only person left in the world who doesn't have one, there is bound to be something that someone who knows me has posted that relates to me.
Is it possible to request it? After all, if a user requests all the info that facebook as on them, and all they give them is the information that they posted, that is - to be kind - a very incomplete version of the data set.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
You may not use Facebook, but that doesn't mean you're not on it. You may be in a picture, or mentioned in a comment somewhere by a friend. You can be tagged, at which point it's your full name, picture, (time-dependent) location, the activity you were engaged in (therefore hobbies or social activities), you are linked with others tagged in that photo and their hobbies, religions, political affiliations, relationships. Someone could mention that you were at the office party, at which point they know you work for the same company as $FBuser.
Don't assume that because you didn't create a profile yourself that Facebook doesn't have one anyway.
Finally had enough. Come see us over at https://soylentnews.org/
Funny how the Personal data request form actually collects even MORE personal information about requesters, such as (real) birth date, personal phone numbers and of course full mailing address, all information many people do not enter in their profile..
You should add to Step One: "Use free servide that you are in no way obligated to use to track communication by you and your friends
And reword Step Two: "Complain about how the service records your communications on said free site
Ken
if you didn't want Facebook to have the info, you shouldn't have given it to them in the first place.
To your friends? ;-)
That's easy enough on Slashdot
Yeah, just post it in an article, no one will read it. ;)
They say a little knowledge is a dangerous thing, but it's not one half so bad as a lot of ignorance. - Terry Pratchett
It takes a woefully naive person to use a service like Facebook for free and not expect that Facebook is collecting your data and somehow profiting from it.
I want a new quote. One that won't spill. One that don't cost too much. Or come in a pill.
Well, the point is that the law requires them to send you a physical copy.
There is another means: https://www.facebook.com/settings Click "Download a copy of your Facebook data." and follow the instructions.
Except that that only gives you the information that's currently accessible to you and other facebook users. It does not include the photos and posts you've "deleted" (but which facebook still stores). It certainly does not include the history of sites you've visited while logged into facebook, or any other tracking history which facebook has gathered and associated with your name. Think about it: facebook has at least an order of magnitude more information on you personally than you appear to think. All of it is used for customizing sales of your identity and your interests and so forth to facebook's customers (you're the merchandise, not a customer).
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
After making a request under the DPA I received the following :
Hi,
We have received your subject access request (the "Request").
Due to the volume of personal data access requests that we have recently received, we are experiencing significant delay in processing such requests. We therefore are unlikely to respond within 40 days of your initial request. We appreciate your patience and will respond as soon as possible.
We are presently refining our request response processes and approach to align the present high volume of access requests with the resources available to process these requests. We appreciate your patience and will respond as soon as possible.
Please be aware as well that we are not required to comply with any future similar requests, unless, in our opinion, a reasonable period of time has elapsed.
Again, we appreciate your patience and we will respond as soon as possible.
Thanks for contacting Facebook,
Facebook User Operations - Data Access Request Team
God: An invisible friend for grown-ups.
Completely correct.
The same thing goes for Google: you may not have an account with them, but chances are they have a lot of your e-mail (people you correspond with use Google Mail). Use Google's search engine? They have your queries. If you post to Usenet, they have those posts, too. And I am sure they collect data through ads on non-Google sites, too. It is their stated mission to "Googleâ(TM)s mission is to organize the worldâs information and make it universally accessible", and they're very good at it.
A lot of people don't realize, or vaguely know but don't quite grasp just how much of what they consider private is collected by companies like Google and Facebook. Asking for a copy of what they know about you and receiving several hundred pages in return really drives the point home.
Please correct me if I got my facts wrong.
What a great idea. About the only bit of personal information that most Facebook users haven't already given to Facebook is their postal address. Yet this process does just that.
Wouldn't surprise me if this "Annoy Facebook" thing was actually started by Facebook to harvest postal addresses. :-)
"If you think the problem is bad now, just wait until we've solved it." --- Arthur Kasspe
There might be a more nefarious reason for the physical mailings. You see, they might only have your expected name and address. Physical mailings will allow FaceBook to add your EXACT name and address to their database. If they didn't have it before, they surely have it now!
This may not be a popular viewpoint, but I think it's a very relevant issue, and I do not use Facebook. I believe its very existence is an ethical issue though. Facebook represents a truly evil company, not in the unethical-business-practices sense, but a whole different order of that, I'd say they're rapidly approaching Gestapo-evil. Facebook stores enough information to learn a lot about specific individuals, and Facebook is conditioning people to give up their privacy. It might just be one of the most useful tools for an oppressive government or unethical intelligence organization to blackmail someone or, better, ruin their public image.
Facebook is not run by idiots. Those people know what they're doing, they know they're storing even "deleted" data and they know they're building very detailed profiles on every user. They also, unlike most of actual Facebook users, probably have the intelligence and foresight to imagine how it all may be used for horrible things, so there's no way I can see them as morally innocent.
So, if I want to use this form to request the information they have about me, I have to give them a postal address, a phone number, and a copy of a state issued ID. I'm not sure I'm willing to give them even more information, just to know that they store about me...
Step 1: Pass a similar data protection law in the US. Require the requestee to provide the data in a physical format if the requester asks for it.
Step 2: Get lots of users to request their data from Facebook - make sure they insist they want the data on CD.
Step 3: ?????
Save the USPS and annoy Facebook? Sounds like a win-win to me!
"Those people know what they're doing, they know they're storing even "deleted" data and they know they're building very detailed profiles on every user. They also, unlike most of actual Facebook users, probably have the intelligence and foresight to imagine how it all may be used for horrible things"
OMG.
Zuckerberg's ambition isn't limited to being CEO of Facebook, bitch.
Zuckerberg will run for Governor and then President. Information is power. Personal information is personal power.