Sign up to our newsletter
The latest security news direct to your inbox
In Europe, a user can make a request to an online company for all personal data they may have stored about them. One user did just that, and found 880 PAGES of data stored about him by Facebook! Other users listed on the Europe vs. Facebook website had even more. They include the usual data you might find displayed on a public profile, but also droves of information about events attended (or declined), e-mails that were deleted, and a whole slew of other data. This raises questions about how long they are keeping the data and what their criteria is for keeping it. It also seems like an obvious treasure trove for third party advertisers who seek targeted marketing information. Also, if an agency were able to get a court order to have Facebook release it for legal proceedings, it seems like a boon.
Remember those snarky friends of yours who like to snap pictures at the most inopportune time and upload them? Plenty of users have had horror stories of jobs lost (or not gotten), court cases gone awry, and a litany of other woes, based on information publicly available. The irony of this data set is that users submit the information voluntarily. Also, it’s interesting how old some of the entries were in this report.
The report also shows the location the user last logged in from, including latitude and longitude, the IP of past logins, what machines you used, friends you removed, and a host of other nuggets. The longer reports seem (at first blush) to correspond to users who were more active on the site for longer periods of time.
Right now Europeans can make personal requests for data from Facebook, due to the data protection law there, every individual has the right to get a copy of all personal data a company holds about him/her (right to access). If you live in a jurisdiction that allows the request, it might be interesting to request a report. It also might be of interest to request one periodically, in light of the changes in security that are rolled out from time-to-time. There have been reports of users being caught off guard by security updates to the website, this might be one way to keep an eye open, and see how future changes relate to what information they have stored on you.
Author Cameron Camp, ESET