- the data that Facebook collected about you from various other sources, e.g., data brokers
Mr. Zuckerberg and other Facebook staff assert: "We do not sell data."
Does Facebook acquire/purchase data about people from other sources, e.g., data brokers, and then combine it with (a) the highly personal data people voluntarily submit to Facebook and (b) the highly personal behavioural data people consent to allow Facebook to collect from their use of the Facebook website, Facebook app, and websites hosting Facebook anchors.
Is Facebook allowing users to download all the data Facebook has on them?
Apparently, incognito mode uses the same temporary cookies folder as regular chrome, so FB looks at this folder if incognito is open in one window while FB is being used in another.
Are you sure about that? Wouldn't it mean that all third party trackers could continue to track you while in incognito mode? How could it be called incognito mode if sites can still read your non-incognito cookies?
I'm 95% confident. And yes, I think it does mean that. The trackers have to be active in a non-incognito window for it to work. It reads the shared temporary cookie folder.
I had to know the answer, so I wrote a quick script to test it. It appears that incognito windows can't read cookies from normal windows. I've linked to the source code there. If I've missed anything, let me know.
Here's what Google says about cookies in incognito mode:
"If you use Chrome in incognito mode (or in guest mode on Chrome OS), it will not transmit any pre-existing cookies to sites that you visit. Sites may deposit new cookies on your system while you are in these modes; these cookies will only be temporarily stored and transmitted to sites while you remain in incognito / guest mode. They will be deleted when you close the browser, close all open incognito windows or exit guest mode."
Source: https://www.google.com/chrome/browser/privacy/archive/201408...
I first noticed that FB might be able to detect sites you visit while in incognito mode when I noticed that I was personally being retargeted by sites I visited in incognito mode while on Facebook. Here's an interesting quora thread I found while looking into it:
"Also the cookies act too important role here. Cookies during Incognito Mode are saved in temporary folder, and they get purged after session ends. But when browsing Facebook and Google in the same session, they both share same cookies folder and cookies help to send tailored ads to users."
https://www.quora.com/Im-using-Incognito-mode-for-Google-sea...
A simple test suggests otherwise, using Gruez's recipe above but swapping the private and non-private windows.
There are potential information leaks, such as the combination of IP address, user agent, screen size, and fonts available. And there may be bugs in 3rd party plugins like Flash that fail to respect private mode. But it doesn't seem to be anything as simple as cookies being shared.
Thanks. If they're not using the temporary cookies folder, I'm curious how Facebook shows ads based on incognito browsing. Some form of device fingerprinting?
2. check http://httpbin.org/cookies/, the two cookies should be there, and if you check the dev console, the expiry date is 1970-01-01 - 1 second. firefox says it's "until end of session".
Yes, it does. And your client side “steps to reproduce” do not, in fact, reproduce server-side client fingerprinting to correlate between two disconnected browser identities.
In theory, GDPR doesn't change very much in this area. Data subjects already had similar rights to access personal data about them under existing law in much of the EU. The potential fines for non-compliance may be much bigger, though. There is also some expansion in what constitutes personal data under the GDPR, which might be relevant if we're talking about areas where you could have tried to argue they didn't count before but they're going to be explicitly covered in the new scheme.
In case, anyone is wondering how to get to the "Your Categories" option on Facebook. Go to Settings -> Ads and the tab will appear.
I have always been paranoid about sharing information on social media. So, this section has only Facebook access information - 4G, Ipad etc. Couple of categories are even incorrect.
This 'Download Your Data' tool is highlighted every few years when ire toward facebook is renewed, but while appealing it's never seemed more than table scraps to me looking at the data.
Even without looking, the idea that a data broker would just willingly give us all the information it has is unbelievable. The scale is so large, how would you even know?
Not only will it require them to include the info they're using to target you with ads, but also their source for that info (if it wasn't submitted by the user itself), the existence of automated-decision making, and "meaningful information about the logic involved".
That's yet to be seen.
Can you imagine the ire when Europeans are able to download a rich set of information on how they're being tracked and so on, whereas Americans and the rest of the world has no access to that information? I can't. What is more probable is tha FB will try a legal trick claiming they are an American company and they follow the laws of California, not EU, even if they gladly accept European advertisers's money via Ireland.
"What is more probable is tha FB will try a legal trick claiming they are an American company and they follow the laws of California, not EU, even if they gladly accept European advertisers's money via Ireland"
That is specifically not possible under GDPR. It doesn't matter where your company sits, if you store data from europeans (or people living in europe) you have to follow the GDPR with potential for severe punishment. There really is no loophole afaik.
No. For all users within EU it must follow the GDPR. If you are a US citizen and access FB from EU, they must follow the GDPR, as far as I understand it.
And being FB, they really do not have a choice, since the EU do have leverage over them because they're doing business here.
I live in the EU. If I'm your "customer" (as in, you store my personally identifiable data), you have to comply with GDPR, regardless of where your company is.
It's so the non-EU users won't have any rights under the GDPR. All non-US users were officially being served by Facebook Ireland instead of Facebook US, which would have put them under GDPR too (like India, Australia, etc.).
I don't see it in a quick scan, but I wonder if that means all the revenue from those countries will no longer be shielded from US taxes, which might indicate how seriously FB see the GDPR as a threat.
EDIT: pdkl95 mentions in another comment, they claim it doesn't.
According to Reuters[1], "Facebook said the latest change does not have tax implications." If they are still paying taxes through Ireland for the profit they make off those 1.5b users, they seem to be choosing to EU jurisdiction (which would include the GDPR) regardless of any contract of adhesion they forced users "agree" to.
Facebook could have made a startegic decision to permanently repatriate profits based on US tax law changes before making the GDPR decision, which would make the GDPR decision tax-consequence free.
GDPR's right to portability only extends to things you provide directly, or are collected on the basis of explicit consent, or wmthings which are required to fulfill a service or contract, like status and photos. There are explicit exclusions for a lot of things like things collected in service of antifraud & security efforts, and for things collected offline (IIRC), leaving a big set of holes that they can hide quite a bit.
They're also not allowed to infringe on the data rights of other users which is why the friends list export is so anemic, for example.
Not covered here: it does not really export your social graph. Just a list of names. No way to easily import that into contacts etc. This is making quitting Facebook time-consuming, but I'm getting there.
Similarly with birthdays, although it's quite easy to work around that via their calendar link.
> No way to easily import that into contacts etc. This is making quitting Facebook time-consuming, but I'm getting there.
Also, IIRC, all the photos are resized smaller and recompressed, while the full-res versions are still accessible through the Facebook website. This also makes it harder to quit if 1) you don't have the original photos and 2) don't want to live with the unnecessary sacrifice of quality.
Facebook really ought to include the best versions it has of the data you've uploaded, even if it makes the archive size enormous. The option to shrink things should be a non-default option only, since the download might be a prelude to an irreversible account deletion.
An important omission is the data that Facebook collected on you using browser fingerprinting.
Since a fingerprint is like a hash, it is theoretically impossible for Facebook to determine if the data really belongs to you, or to someone else who happened to have the same browser fingerprint.
This means that if Facebook is legally obliged to offer a complete user data download, then the practice of fingerprinting is illegal.
I don't think fingerprinting in the interesting target here -- it's whether anything derived from somoene's data is part of their data and if so where the boundaries are.
* Can I use differential privacy? Can a user request a correction to such a dataset?
* If I train a ML model on some user data what responsibility do I have with acquisition or deletion?
Thought experiment: if after 5/25, I download my data, then revoke consent and delete my account, then a while later reactivate my account and log back in -- if any of my previous personal data is tied to my "new" account, have I proven that my personal data wasn't entirely deleted since Facebook could still uniquely identify me?
Sorry, I'm not hip to most of this stuff. I just thought it would be a fun event. Perhaps it's already on the social media calendar, complete with a cat logo?
Good question. Yahoo/Verizon put one in, and Google did too last week.
EDIT to say: Well, I came across Google's last week. I don't really know when they put it in.
I recently received an email with subject "Alan, please accept our updated Terms by May 25 to continue using Facebook".
Currently I haven't done anything in response to it. I don't want my account but it's not clear what happens should I not accept. Does my account get deleted, or does it just get put in purgatory? Should I login and just delete after the 25th?
>"Thought experiment: if after 5/25, I download my data, then revoke consent and delete my account, then a while later reactivate my account and log back in ..."
If you actually delete your account you won't be able to reactivate it. There is an option to deactivate it but then all of your personal data is preserved anyway.
If you delete your account, only your data is erased, not your "ghost profile".
I don't know if it is the official term but your ghost is all the data Facebook has about you that doesn't come from you. For example, friends can talk about you and even tag you even if you never touched Facebook. It means that if you are the only one within your group of friends not using Facebook, they already know pretty much everything they need to know.
If you delete your account, unless all your friends do the same, your ghost won't disappear, and it can be easily reconnected if you create a new account.
> If you delete your account, only your data is erased, not your "ghost profile". I don't know if it is the official term but your ghost is all the data Facebook has about you that doesn't come from you.
It is not the official term, because Zuck is shocked—shocked!—at the term:
> Lujan: So these are called shadow profiles, is that what they’ve been referred to by some?
> Zuckerberg: Congressman, I’m not, I’m not familiar with that.
(OK, I realised just after posting that you said 'ghost profile', not 'shadow profile'. Anyway, my snarky point stands that there is no official term for this, because it doesn't officially exist.)
I'd say that assumption would be correct. Otherwise they have access to some serious non-facebook metadata repository! But then again how would they assume it was you without a trace of the former data.
I'm not familiar with FB's APIs...do they allow for programmatic download of your data with the same set as via the manual download tool? Because if they do, then a neat little script - leveraging their API - could be used periodically to download one's data to at least address the issue with 2-month expiration on the ad data.
One thing is clear. If they delete my data upon my request, they do not,for obvious reasons, delete it's contribution to any ML that was trained with it. Also, when deleting data, I wonder whether they delete any derived scores based on my data.
I really can't even figure out what posessed the writer to put that line in there. It has absolutely nothing to do with the story, and kind of comes out of nowhere.
The author linked to Tweets from said individuals who were mentioning the tool. So it's relevant, however a bit odd they chose those specific examples when I'm sure they're are other "celebrities" who also linked to the tool. Maybe the author thought of these people as those most interested in data privacy?
I'm not so sure, considering how their coverage of the DNC lawsuit read like a press release, with zero journalistic objectivity. It treated the currently unproven claims of a civil suit as if it was already assumed fact.[0] It contains this gem of a paragraph:
> The leaks continued steadily from there, as the suit details. Guccifer 2.0 struck again on June 27, June 30, and July 6. On July 22, WikiLeaks took the wheel, releasing nearly 20,000 internal DNC emails. The following day, according to the suit, multiple DNC employees received an email that said: “I hope your children get raped and murdered. I hope your family knows nothing but suffering, torture, and death.”
All evidence suggests, as Wikileaks has maintained, that their emails came from a physical source, and not Guccifer 2.0.
I think there is a larger editorial bias at play at Wired.
It seemed like both an attempt to associate Assange/Wikileaks with the "alt-right", and an attempt to associate the desire to find out what Facebook has on you with the same.
It felt forced and awkward in the context of the article.
This is how Wired rolls lately, unfortunately. I'm a subscriber and noticed that even innocuous articles frequently attempt a jab at Trump, for example. I really don't understand attempts to politicize all issues, when it's not called for.
There is a potentially disastrous blow to FB's business model in the GDPR that relates to this sort of profiling. It is forbidden under GDPR, unless the user grants explicit consent (opt-in). See [1].
Without this, FB's targeting abilities for ads just evaporates. It is going to be interesting to see how this pans out.
Despite never enabling location services, Facebook once (briefly) gave me a weather forecast when I was traveling. Spooked me quite a bit.
The best I could figure is that I temporarily enabled access to my camera roll so I could post a few photos (ordinarily I just copy/paste them to keep Facebook out of my photos), and either it scanned the photos' exif data during upload or directly from the roll once I enabled it.
I wasn't remotely surprised to find that particular piece of location data wasn't part of the data download.
Makes me wonder how many "features" considered internally at FB, Google, etc are being scrapped only because it would not be worth the risk of potential backlash by spooked out users even though they have in their possession all the necessary data.
Geo IP location is possible but unlikely: the location was very precise and accurate, and I would assume Verizon (wasn't on wifi) wouldn't be handing out IPs with that level of specificity.
Geo IP location is possible but unlikely: the location was very precise and accurate, and I would assume Verizon (wasn't on wifi) wouldn't be handing out IPs with that level of specificity.
I'm surprised this article does not mention Max Schrems, who requested all data Facebook had on him in 2011:
> He later made a request under the European "right to access" provision for the company's records on him and received a CD containing over 1,200 pages of data, which he published at europe-v-facebook.org with personal information redacted.
The zip file Facebook provides doesn't include full resolution photos I uploaded, only heavily compressed low-resolution low-quality previews. Useless.
100 comments
[ 3.2 ms ] story [ 235 ms ] thread- information Facebook collects about your browsing history;
- information Facebook collects about the apps you visit and your activity within those apps;
- the advertisers who uploaded your contact information to Facebook more than two months earlier;
- ads that you interacted with more than two months prior.
Download Your Data is particularly spotty when it comes to the information Facebook taps to display ads."
---
TL; DR When you get too close to their business model, Facebook clams up.
Mr. Zuckerberg and other Facebook staff assert: "We do not sell data."
Does Facebook acquire/purchase data about people from other sources, e.g., data brokers, and then combine it with (a) the highly personal data people voluntarily submit to Facebook and (b) the highly personal behavioural data people consent to allow Facebook to collect from their use of the Facebook website, Facebook app, and websites hosting Facebook anchors.
Is Facebook allowing users to download all the data Facebook has on them?
https://cookiechecker.netlify.com/
Here's what Google says about cookies in incognito mode: "If you use Chrome in incognito mode (or in guest mode on Chrome OS), it will not transmit any pre-existing cookies to sites that you visit. Sites may deposit new cookies on your system while you are in these modes; these cookies will only be temporarily stored and transmitted to sites while you remain in incognito / guest mode. They will be deleted when you close the browser, close all open incognito windows or exit guest mode." Source: https://www.google.com/chrome/browser/privacy/archive/201408...
I first noticed that FB might be able to detect sites you visit while in incognito mode when I noticed that I was personally being retargeted by sites I visited in incognito mode while on Facebook. Here's an interesting quora thread I found while looking into it: "Also the cookies act too important role here. Cookies during Incognito Mode are saved in temporary folder, and they get purged after session ends. But when browsing Facebook and Google in the same session, they both share same cookies folder and cookies help to send tailored ads to users." https://www.quora.com/Im-using-Incognito-mode-for-Google-sea...
Curious for your take.
To be clear, the claim I'm making is that normal windows can read cookies from incognito windows.
There are potential information leaks, such as the combination of IP address, user agent, screen size, and fonts available. And there may be bugs in 3rd party plugins like Flash that fail to respect private mode. But it doesn't seem to be anything as simple as cookies being shared.
edit: tried it on chromium 66: doesn't work.
steps to reproduce:
1. open new (non-private) tab, go to http://httpbin.org/cookies/set?k1=v1&k2=v2
2. check http://httpbin.org/cookies/, the two cookies should be there, and if you check the dev console, the expiry date is 1970-01-01 - 1 second. firefox says it's "until end of session".
3. open new private tab, go to http://httpbin.org/cookies
4. cookies from above do not show up.
I have always been paranoid about sharing information on social media. So, this section has only Facebook access information - 4G, Ipad etc. Couple of categories are even incorrect.
Even without looking, the idea that a data broker would just willingly give us all the information it has is unbelievable. The scale is so large, how would you even know?
https://gdpr-info.eu/art-15-gdpr/
This would be an enormously stupid move. It guarantees not only failure but an acidic backlash.
That is specifically not possible under GDPR. It doesn't matter where your company sits, if you store data from europeans (or people living in europe) you have to follow the GDPR with potential for severe punishment. There really is no loophole afaik.
Does that mean the company has to follow it even for non-European users?
And being FB, they really do not have a choice, since the EU do have leverage over them because they're doing business here.
Hope that simplifies things.
They can also file a case in the country that you do belong you to get you to pay your fines in the original country. This sometimes works.
The discussion is here:
https://news.ycombinator.com/item?id=16872542
I don't see it in a quick scan, but I wonder if that means all the revenue from those countries will no longer be shielded from US taxes, which might indicate how seriously FB see the GDPR as a threat.
EDIT: pdkl95 mentions in another comment, they claim it doesn't.
[1] https://www.reuters.com/article/us-facebook-privacy-eu-exclu...
This is an indication that they won't apply GDPR globally (for users in e.g. India or Brazil), but they don't have a choice for the EU users.
They're also not allowed to infringe on the data rights of other users which is why the friends list export is so anemic, for example.
Similarly with birthdays, although it's quite easy to work around that via their calendar link.
Also, IIRC, all the photos are resized smaller and recompressed, while the full-res versions are still accessible through the Facebook website. This also makes it harder to quit if 1) you don't have the original photos and 2) don't want to live with the unnecessary sacrifice of quality.
Facebook really ought to include the best versions it has of the data you've uploaded, even if it makes the archive size enormous. The option to shrink things should be a non-default option only, since the download might be a prelude to an irreversible account deletion.
Is it not one of their aims to make it always reversible?
Is it? Cases like this [0] make that seem unlikely.
[0] http://europe-v-facebook.org/
Since a fingerprint is like a hash, it is theoretically impossible for Facebook to determine if the data really belongs to you, or to someone else who happened to have the same browser fingerprint.
This means that if Facebook is legally obliged to offer a complete user data download, then the practice of fingerprinting is illegal.
* Can I use differential privacy? Can a user request a correction to such a dataset?
* If I train a ML model on some user data what responsibility do I have with acquisition or deletion?
* Can I anonymize my data-sets?
* How do I handle aggregate statistics?
* There's slightly more of a chance they'll actually delete my data
* If they don't, I'll be entitled to be a part of any class-action.
I had deleted (not deactivated) my account ~4 months ago and they were supposed to delete everything after 14 days but I have a feeling they didn't.
Most eu Nations don't have anything like a class action suit...
I am absolutely shocked to discover that Facebook doesn't have a class action waiver in their terms.
Currently I haven't done anything in response to it. I don't want my account but it's not clear what happens should I not accept. Does my account get deleted, or does it just get put in purgatory? Should I login and just delete after the 25th?
If you actually delete your account you won't be able to reactivate it. There is an option to deactivate it but then all of your personal data is preserved anyway.
I don't know if it is the official term but your ghost is all the data Facebook has about you that doesn't come from you. For example, friends can talk about you and even tag you even if you never touched Facebook. It means that if you are the only one within your group of friends not using Facebook, they already know pretty much everything they need to know.
If you delete your account, unless all your friends do the same, your ghost won't disappear, and it can be easily reconnected if you create a new account.
It is not the official term, because Zuck is shocked—shocked!—at the term:
> Lujan: So these are called shadow profiles, is that what they’ve been referred to by some?
> Zuckerberg: Congressman, I’m not, I’m not familiar with that.
(https://techcrunch.com/2018/04/11/facebook-shadow-profiles-h...).
(OK, I realised just after posting that you said 'ghost profile', not 'shadow profile'. Anyway, my snarky point stands that there is no official term for this, because it doesn't officially exist.)
Classic guilt-by-association propaganda technique.
> The leaks continued steadily from there, as the suit details. Guccifer 2.0 struck again on June 27, June 30, and July 6. On July 22, WikiLeaks took the wheel, releasing nearly 20,000 internal DNC emails. The following day, according to the suit, multiple DNC employees received an email that said: “I hope your children get raped and murdered. I hope your family knows nothing but suffering, torture, and death.”
All evidence suggests, as Wikileaks has maintained, that their emails came from a physical source, and not Guccifer 2.0.
I think there is a larger editorial bias at play at Wired.
[0] https://www.wired.com/story/dnc-lawsuit-reveals-key-details-...
It felt forced and awkward in the context of the article.
It'd be nice to download my data and import it into a competing social network.
Without this, FB's targeting abilities for ads just evaporates. It is going to be interesting to see how this pans out.
[1] https://ico.org.uk/for-organisations/guide-to-the-general-da...
The best I could figure is that I temporarily enabled access to my camera roll so I could post a few photos (ordinarily I just copy/paste them to keep Facebook out of my photos), and either it scanned the photos' exif data during upload or directly from the roll once I enabled it.
I wasn't remotely surprised to find that particular piece of location data wasn't part of the data download.
Plus it only ever happened that once.
Geo IP location is possible but unlikely: the location was very precise and accurate, and I would assume Verizon (wasn't on wifi) wouldn't be handing out IPs with that level of specificity.
Plus it only ever happened that once.
> He later made a request under the European "right to access" provision for the company's records on him and received a CD containing over 1,200 pages of data, which he published at europe-v-facebook.org with personal information redacted.
(See https://en.wikipedia.org/wiki/Max_Schrems.)