Facebook saves everything forever, has ‘shadow profiles’ for non-users
Posted on October 18th, 2011
From http://www.identityblog.com/?p=1201
no | date | topic | status | files |
01 | 18-AUG-2011 | Pokes. Pokes are kept even after the user “removes” them. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
02 | 18-AUG-2011 | Shadow Profiles. Facebook is collecting data about people without their knowledge. This information is used to substitute existing profiles and to create profiles of non-users. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
03 | 18-AUG-2011 | Tagging. Tags are used without the specific consent of the user. Users have to “untag” themselves (opt-out). Info: Facebook announced changes. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
04 | 18-AUG-2011 | Synchronizing. Facebook is gathering personal data e.g. via its iPhone-App or the “friend finder”. This data is used by Facebook without the consent of the data subjects. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
05 | 18-AUG-2011 | Deleted Postings. Postings that have been deleted showed up in the set of data that was received from Facebook. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
06 | 18-AUG-2011 | Postings on other Users’ Pages. Users cannot see the settings under which content is distributed that they post on other’s pages. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
07 | 18-AUG-2011 | Messages. Messages (incl. Chat-Messages) are stored by Facebook even after the user “deleted” them. This means that all direct communication on Facebook can never be deleted. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
08 | 18-AUG-2011 | Privacy Policy and Consent. The privacy policy is vague, unclear and contradictory. If European and Irish standards are applied, the consent to the privacy policy is not valid. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
09 | 18-AUG-2011 | Face Recognition. The new face recognition feature is an inproportionate violation of the users right to privacy. Proper information and an unambiguous consent of the users is missing. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
10 | 18-AUG-2011 | Access Request. Access Requests have not been answered fully. Many categories of information are missing. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
11 | 18-AUG-2011 | Deleted Tags. Tags that were “removed” by the user, are only deactivated but saved by Facebook. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
12 | 18-AUG-2011 | Data Security. In its terms, Facebook says that it does not guarantee any level of data security. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
13 | 18-AUG-2011 | Applications. Applications of “friends” can access data of the user. There is no guarantee that these applications are following European privacy standards. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
14 | 18-AUG-2011 | Deleted Friends. All removed friends are stored by Facebook. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
15 | 18-AUG-2011 | Excessive processing of Data. Facebook is hosting enormous amounts of personal data and it is processing all data for its own purposes. It seems Facebook is a prime example of illegal “excessive processing”. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
16 | 18-AUG-2011 | Opt-Out. Facebook is running an opt-out system instead of an opt-in system, which is required by European law. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
24-AUG-2011 | Letter from the Irish DPC. | Letter (PDF) | ||
15-SEPT-2011 | Letter to the Irish DPC concerning the new privacy policy and new settings on Facebook. | Letter (PDF) | ||
17 | 19-SEPT-2011 | Like Button. The Like Button is creating extended user data that can be used to track users all over the internet. There is no legitimate purpose for the creation of the data. Users have not consented to the use. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
18 | 19-SEPT-2011 | Obligations as Processor. Facebook has certain obligations as a provider of a “cloud service” (e.g. not using third party data for its own purposes or only processing data when instructed to do so by the user). |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
19 | 19-SEPT-2011 | Picture Privacy Settings. The privacy settings only regulate who can see the link to a picture. The picture itself is “public” on the internet. This makes it easy to circumvent the settings. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
20 | 19-SEPT-2011 | Deleted Pictures. Facebook is only deleting the link to pictures. The pictures are still public on the internet for a certain period of time (more than 32 hours). |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
21 | 19-SEPT-2011 | Groups. Users can be added to groups without their consent. Users may end up in groups that lead other to false impressions about a person. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
22 | 19-SEPT-2011 | New Policies. The policies are changed very frequently, users do not get properly informed, they are not asked to consent to new policies. |
Filed with the Irish DPC | Complaint (PDF) Attachments (ZIP) |
International, Science and Technology
data mining, Facebook, Internet, privacy, spying, Warrantless Wiretapping
Leave a Reply
You must be logged in to post a comment.