In light of the recent scandal that revealed that Cambridge Analytica, the political consulting firm associated with Donald Trump’s presidential campaign, had access to massive amounts of personal data of 50 million Facebook users, people began to question the online security of their social media data.
But wait, who are we kidding: everyone has been questioning the security of online data since the beginning of time (or at least, the Internet). But so long as they don’t film us using the shower, we don’t care, do we? After all, the information uploaded online is uploaded voluntarily and we know what we’re doing. Or do we?
Surely, we know Facebook can access and collect our data. But do we know to what extent they actually do it?
After reading some alarming articles online, I’ve decided to download everything Facebook has on me, report back to you, and make sure all of us know the real risks and how to deal with them.
In case you want to download your own data, here’s how to do that:
Go to the Settings section of Facebook
Click on Download a copy at the bottom of the page General Account Settings.
After you'll make your request, Facebook will ask you for your password and send the email letting you know they’ve received the request. Depending on the amount of your data, it will take Facebook some time to send you a second email with the link to your archive. I’ve been on Facebook for nine years and I’m a relatively active Facebook user: it took about twenty minutes for the link to be ready. As most of data is text, it’s also not too heavy. Unless you think about how many pages this makes, it even seems not that much. Once you’ve received the archive, you’ll be asked for your password again and then you can start digging.
Inside the .zip, there is a file called “index.htm” and folders with more meaningful names, such as “photos”, “videos”, and “messages”. And a folder called html. Let's go through what they contain.
The file with the mysterious name Index has a summary of who you are. Most of this information is on your Facebook page and its settings: name, DOB, registration date, emails, phones, current city, hometown, family members (I added my friend as a family member many years ago for fun, and she’s still included in the list FB gave me), previous relationships (luckily, Facebook knows only the ones you’ve explicitly stated in the relationship status, but it saves all of them as far in the past or fake as they might’ve been), your education and employment (weirdly enough, Facebook seems to not know my employment information, although I've had it on there for a couple of months - not long enough to be saved?), music, movies, restaurants, cafes, websites, and other interests derived from pages you like, and also books/movies you’ve once claimed you’ve watched/read. Also, if you admin any pages, that’s where the information will be.
So far, not that creepy.
Facebook does save all messages from the beginning of your time on Facebook. In separate files,
God Zuckerberg knows why, the GIFs, emojis and audio messages you used are also saved.
As you might expect, the Photos tab contains every photo you've ever uploaded to the site, as well as related metadata, like the IP address from which each photo was uploaded, and extensive information of the type of camera/phone that took these photos. There’s also a link to the facial recognition data that Facebook retains. It contains nothing but mysterious numbers that enable Facebook to recognize your face amoung thousands in seconds.
As you might not expect, there are no photos where you’re tagged. According to Facebook, it’s not your data to deal with, it’s whoever’s uploaded it.
The deal is the same with the Video tab. If you filmed something ten years ago - it’s still there. If you recorded a video on Facebook but never actually posted it, Facebook still has it.
The html file contains all other information.
This folder includes several lists of friends: a list of current friends with dates when each friend was added, a list of people you’ve unfriended, a list of friend requests you’ve sent, a list of people you follow and a list of people who follow you - all with dates.
You might’ve noticed that there will be no list of people that unfriended you.
I genuinely recommend checking out installed applications. I assume most would be the ones you’re aware of - at least mine were. However, there was also one called “I bet i can find out your favorite color in 7 questions”, which doesn’t even sound like an application.
When you install an app, it asks you about the info it will require. Usually, that is your Public profile, your friend list, and your email address, or something along those lines. Think twice before agreeing to access to information that you’re not sure about (mic, camera) and check whether installed apps have this info.
Facebook collects all events that are somehow related to you. Not only that, it stores events’ descriptions, and I don’t mean date and place, I mean everything. Whatever is written in the actual events’ description. Mine were mostly parties from my time at the university. Have to admit, I had fun going through hundreds of pages that described rules of Beer Pong and prices for alcohol!
The Ads tab has a list of topics that would be interesting to you according to Facebook. Based on these topics, Facebook shows you ads. For me, some of them were understandable. I could see how based on my likes, shares, attended events and even posts they could be relevant. Some were completely random. Topics included technology, the universities I went to, the countries I’ve visited a number of times, tea, which I don’t think I’ve told Facebook about, but alright; drinking establishment (that’s mean, Facebook); anthropology, witchcraft(?!!), futsal (I don’t even like sports), and everything there has ever been on the Internet about the Muse band.
Facebook also unsurprisingly saves ads you’ve clicked to provide you with more relevant ads. But seems that they don’t save the lifetime of your clicks on Facebook, just for a recent couple of months.
Advertisers with your contact info
The other useful file is advertisers that have your contact info. Mine were quite self-explanatory: Uber, Uber Eats (which I assume just takes info form Uber), and AirBnB. Others have noticed that bands often turn out to have user's contact info, but I haven’t found that to be true for me even though I follow dozens of bands.
Now there’s also this "security" file, which I admit is creepy. It has the info of all locations, IP addresses, browsers and devices you’ve opened your Facebook from. If you’re one of those people who log in every day, it’s ridiculously easy to trace all of your movements.
As expected, everything there has ever been on your timeline, even deleted posts, is there in your Facebook data. Also, everything you've commented on someone else's Facebook wall.
If you have an Android device, you may be shocked to find your call and SMS records in the Facebook data. Many users, understandably, were.
The problem is, before Google changed how permissions worked in Android 4.1 Jelly Bean, simply allowing Facebook to access your contacts also let it grab your call and message logs. So, you may have given Facebook apps a permission to access your call and text history a thousand years ago when you installed it. By pure luck that didn't happen to me, however, Facebook does have around 20 random contacts of my phonebook and as much as I've tried I couldn't see what they have in common.
In its fact check blog post Facebook said it doesn’t sell that information to third parties. The data is used in the algorithms that help Facebook recommend friends. A bit later, I'll tell you how to delete this information, or you can find the settings yourself in the fact check blog post mentioned earlier.
Pokes are self-explanatory if you even remember that feature. If anyone has ever actually used it, they'll have the info on who they poked and who poked them (not why, which would be much more interesting).
Friend Peer Group
And finally, there’s a mysterious classification of which peer group you belong to. I, for example, belong to “Starting Adult Life”, which sounds sort of correct but also sort of condescending. I also know there’s one called Established Adult Life. I genuinely hope there’s a peer group called “Failed Adult Life”.
That’s all Facebook claims to have on you. We can definitely speculate that they have more, but we can’t know for sure.
So... What can we do about it?
The good news is, Facebook promised to make it easier for you to control your data in the nearest future. The bad news is, most information is already out there. If you're a frequent Facebook user, if there's more than one of your photos on there and you've logged in from more than a single device, you're no longer anonymous. Hashtags #DeleteFacebook and #DeleteFacebookNow (#DeleteFacebookLater, anyone?) has been used millions of times across all social networks recently. For many however, that would be impossible - Facebook has become too convenient to ditch. Besides, deactivating your account won't delete this information and even deleting your account won't erase your Facebook existence completely, as far as we can tell. So what can we do to limit the data that we're giving out?
While most information is already there and it is unlikely that Facebook will delete it any time soon, there are settings on Facebook, Facebook Like, and Messenger that limit your exposure to advertisers and stop Facebook from getting your contact info, calls and messages.
To deal with advertisers, go to your Ad Preferences. As with everything else, you'll see quite a random sample of your interesets (sometimes, not nearly close to your interests). You see that without downloading Facebook data, which is quite convenient. Here's, for example, how mine looks.
To be fair, I don't mind getting ads on relevant gigs, which I do get a lot, and others are just pages I like and interact with constantly. Below you'll see ways you can interact with advertisers: the information they see about you.
Click on Your categories, and you'll see other information available to the advertisers, the kind Facebook deduced from everything they know about you, or the kind you've stated explicilty at some point.
Click any of it to remove it from the list.
Below, there's another tab called Ad Setting. It looks like this and also allows you to hide from advertisers.
And finally, this tab, which is self-explanotory, just hard to find.
Below is a link to how Facebook Ads actually work, go here if you want to find out.
To find apps connected to you account, go here and remove any that are outdated.
Hope that helped! Leave questions or comments below - I'm sure there's still a lot that is unclear about Facebook, and I'll be happy to join a conversation and discover the truth together.