
How do I permanently delete my account? - cVwEq
https://www.facebook.com/help/224562897555674/
======
andkenneth
The GDPR is a huge deal and absolutely no joke. This is part of the compliance
for that.

[https://en.wikipedia.org/wiki/General_Data_Protection_Regula...](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation)

It has the potential to completely change the way tech giants are able to
provide their services. Each "purpose" that data is collected for must be
individually consented, and it's prohibited for purposes to be withheld if
others are not consented to. This allows a user to allow the purposes that are
a cost on the company, and deny those that are revenue earners.

Will be very interesting to see how these heavily data based companies adapt.

~~~
an_account
I assume that companies can deny services that cost them money if you don’t
consent to services that create revenue. Is this true?

~~~
dannyw
No, the EU doesn’t mess around. I don’t see any provisions in the GDPR
allowing companies to do that.

I guess companies can charge money for services that cost them money, and give
you money if you enable certain services.

~~~
Terribledactyl
GDPR doesn't need to reenumerate this. Selling service above cost is already
allowed.

~~~
dannyw
I mean as, want to use Messenger? That's $20 a month. Want to let us monetise
your messages for ads? We'll pay you $20 a month.

Of course, I don't see Facebook actually doing this, but just food for
thought.

------
justhw
How do we really know that this is actual deletion and not a deleted="true" in
their databases?

> It is inaccessible to other people using Facebook.

The wording does sound very convincing but I really don't think we can just
believe their word. After all it's Facebook.

~~~
Steeeve
It seems a bit naive to think that a service provider would scrub their
systems on individual requests.

It's not practical to perform a delete in some environments. It's certainly
not practical to go through backup files and delete references in others.
Everybody goes through a data recovery scenario at some point.

What you should expect is best effort. Nobody is going to re-train their
neural networks that referenced your data. It's doubtful that any provider
would delete what they have gleaned about you simply because you wanted your
account removed.

Then there's the practicality of things. If you delete your account here on
HN, would you expect all conversations that you participated in to be removed?
All references to your comments? Or all comments that you made removed? Do you
expect them to push that change out to google? Do you expect your references
in access logs removed? There's always a trail.

Facebook isn't uniquely evil. They have the same problems as everyone else,
and they have those problems at an incredible scale.

People think about these things as if they are files or entries in a simple
SQL database that can simply be removed. They may use databases, but to think
that all of your data exists in a singular database or that all of your data
only exists in databases is simply not extrapolating what you know about
technology to their environment.

If google were to remove a website from their index, how long would it take
for all of their environments to no longer have a record of it? And would that
actually be desirable? There aren't faceless drones working on these kinds of
problems. There are very smart people and most of them have a conscience and
care about end users. I don't think you would find that any large group of
people at facebook, google, amazon, microsoft, or any of the big companies are
completely apathetic to end user concerns. I'm sure plenty are far too busy to
address individuals directly, but they certainly are not apathetic.

<sorry... I seem to have rambled off on a tangent>

~~~
justhw
> Then there's the practicality of things. If you delete your account here on
> HN, would you expect all conversations that you participated in to be
> removed? All references to your comments? Or all comments that you made
> removed?

There's been few debates here about the definition of to 'delete' which I
won't get into. However, as a user, it rubs me wrong when companies equate
simple username disassociation with deletion. It's not a user's place to
wonder about the practicality of deletion at scale. A user has the right to
have removed all content they've produced regardless of whether it's linked
with other posts.

~~~
yorwba
> A user has the right to have removed all content they've produced regardless
> of whether it's linked with other posts.

Do they though? Maybe I'm understanding it wrong, but I thought the GDPR only
applies to personally identifying information, not all data ever generated by
a user. So by disassociating the user name and the post, the post has suddenly
ceased to be personally identifying information and no longer needs to be
deleted.

~~~
kelnos
That's difficult, though. What if the contents of a post provide identifying
details of the owner of the account?

~~~
PeterisP
IMHO that should be treated in the same manner that if the contents of _my_
post provide identifying details of the to-be-deleted person.

------
ninkendo
I “deleted” my account years ago using this link (back in 2014), came back
last year and found that it was never really deleted. I happened to click
“login” when I realized my password manager was still filling in my password
(to be expected), and it logged me in just fine, same profile page... it was
as if I never clicked delete.

I deleted it again, and it finally “took” this time, but I have no idea what
happened before. My best guess is that iOS was still logged into it through
its facebook integration and that counted me as having logged in before the
grace period expired. Either way it left a really bad taste in my mouth.

(I was a facebook user in 2005 and kinda stopped using it around the time they
stopped letting you have your “news feed” just be a simple time-sorted list of
your friends’ posts. Neither of my attempts to delete my account were any kind
of statement — the site was just boring to me and I never found myself posting
much.)

~~~
zuppy
There are 2 different actions: one that deactivates your account and one that
actually deletes it. You've probably used the deactivate functionality,
because the other one needs more digging in order to find it.

------
fragsworth
I did not know they really had this as an option. I'm glad to hear it's
available.

I'd like to know how thorough they are with deleting you, however. With
stories of "ghost" profiles that they build on individuals who don't have
accounts (and/or are not logged in), I would be surprised if they actually
delete everything they know about you.

~~~
0xcde4c3db
Most of the big services whose stuff I've actually read have a clause
somewhere in the ToS or privacy policy saying that "deleted" data is not
necessarily deleted from all copies in their possession. I _suspect_ the
primary purpose of this is to allow them to have append-only or offline
backups, since that's incompatible with users being able to reach in and nuke
all their stuff.

~~~
smichel17
At the time when I deleted my Facebook account, in Fall 2014, the ToS said
that if I delete (not deactivate) my account, then Facebook must delete my
data "within a reasonable amount of time".

I have not read the Facebook ToS since then; assuming that line remains the
same, if they do not delete your data and you decide to sue, it's about whose
lawyers cam make a better case for whether a reasonable amount of time has
passed.

------
a254613e
It's kinda ironic that all the people here are complaining that facebook might
not actually really delete literally every single bit of information that you
have, while hacker news doesn't allow you to edit your comments, delete them,
or delete your profile. This sort of functionality should exist on every
platform that even has accounts.

Does anyone know if GDPR (or similar law in the future) will actually force HN
and other sites that don't have this feature, to remove accounts, at least EU
ones, upon request?

~~~
e12e
> Does anyone know if GDPR (or similar law in the future) will actually force
> HN and other sites that don't have this feature, to remove accounts, at
> least EU ones, upon request?

As far as I know, the GDPR is more of a clarification (along with some
explicit guidelines for fines), than it is new legislation - so hn and similar
sites would already be in breach, _if_ they didn't allow the deletion of all
profile data. I'm _not_ certain that having to email someone at hn to do it,
would be in breach of current data protection regulation. It _may_ be that not
clearly stating: "to get a record of all data hn has stored on you, make
correction or delete all data - please email (...)" _will_ be in breach of
GDPR.

But afaik hn does no business in the EU - so it's not clear what sanctions
would be applicable.

It's different for companies that does business in the EU / EEC.

~~~
tscs37
>But afaik hn does no business in the EU - so it's not clear what sanctions
would be applicable.

Since EU citizens are registered users, it applies.

~~~
kbart
No. EU laws/regulations dont't apply outside its jurisdiction. GPDR will
affect Facebook, Google etc. just because they are operating in EU market[0]:

 _" This won't apply to every U.S. business — just the ones that are
knowingly, and actively, conducting business in the EU. In this vein, EU
courts have the discretionary ability to determine if a U.S. company was
purposely collecting EU resident data and subverting GDPR compliance."_

0\. [https://community.spiceworks.com/topic/2007530-how-the-eu-
ca...](https://community.spiceworks.com/topic/2007530-how-the-eu-can-fine-us-
companies-for-violating-gdpr)

~~~
tscs37
I respectfully disagree. As you can see at [0], quote, "as [the GDPR] applies
to all companies processing the personal data of data subjects residing in the
Union, regardless of the company’s location [...] Non-Eu businesses processing
the data of EU citizens will also have to appoint a representative in the EU."

edit: This means it applies to EU citizens regardless of where the processor
is located and to non-EU citizens if they are currently in the EU

0\. [https://www.eugdpr.org/the-regulation.html](https://www.eugdpr.org/the-
regulation.html)

~~~
kbart
Yes, but I'm sure this will only be valid for big enough companies (read
serving millions of EU citizens) as it's subjective what "processing the data
of EU citizens" actually means. It's not realistic to expect every minor
mom&pop eshop or minor online service worldwide to appoint a representative in
the EU. Furthermore, enforcing these rules will highly depend on international
relations as it's outside of EU jurisdiction and it can only reach non-EU
companies by collaboration and signing treaties with other governments, so
this means USA and maybe Canada, but I highly doubt to see companies from
China or Russia etc. to be held accountable.

~~~
tscs37
>Yes, but I'm sure this will only be valid for big enough companies

Not really, the wording is quote clear. As is "processing the data of EU
citizens".

I doubt any minor eshop or online service will appoint a representative, they
will however still have to conform to the GDPR rules.

~~~
kbart
Well, only time will tell, I just relayed what I've heard from people much
more knowledgeable in this area than me. How I understand this is that if you
serve many enough EU citizens, please be kind, open a branch in EU or at least
send a representative, because you are de-facto doing business here. Mainly
this is to avoid situations where, for example Facebook, closes its EU offices
and pretend to have no EU presence (and no need to abide EU regulations)
despite hundreds of millions EU citizens use their services.

------
1001101
I'm waiting for the next time I'm in the EU to get the 'deluxe clean.'

~~~
quickthrower2
Do you need to be an EU resident, citizen or just on holiday?

~~~
andkenneth
GDPR will cover anyone _in_ the EU. Doesn't cover citizens outside of the EU,
and does cover visitors to the EU while they are there.

EDIT: But it's also likely that they will enable the protections for everyone
in the world, because the risk of accidental non compliance is huge. Similar
to how the cookie notification is just displayed everywhere now.

~~~
hellofunk
Actually, my experience in Europe is that some organizations only remove data
that is visible by others on the same continent or even just a single country
in the EU, while allowing that content to remain visible outside the EU.

------
m6g6a
Way much easier:
[https://m.facebook.com/account/delete](https://m.facebook.com/account/delete)

~~~
sincerely
somewhat related - if anyone else is still using the browser version of
Facebook on their mobile phones (m.facebook.com) instead of downloading the
app, it doesn't let you view messages and gives you an unskippable prompt to
download Messenger, but this restriction is not there if you use the mobile
basic interface (which also uses less data! mbasic.facebook.com)

------
alexforster
There's a one-click page to permanently delete your Facebook account here:
[https://www.facebook.com/help/delete_account](https://www.facebook.com/help/delete_account)

~~~
bcook
Last I checked, this doesn't permanently delete your account. You can still
return with the same email and have all your old contacts (and post history,
etc?).

~~~
actuallyalys
If I remember correctly, this option does delete your account[0], but not
right away. If you change your mind and log in within the grace period, it
stops it from being deleted.

[0] At least to all appearances. Of course, Facebook could secretly be keeping
it, as is discussed elsewhere in this thread.

------
justboxing
Not defending facebook, but almost every social site these days, and even SaaS
applications, make it impossible to DELETE your account out of their systems.

Unless laws are passed in the US to force their hand, this sort of behaviour
will continue.

Anything and everything you post on the internet, is FOREVER.

Because chances are some dev somewhere has simply flipped an IsDeleted bit to
true / 1 in the site's database :)

~~~
cel1ne
The GDPR law in the EU allow us-companies to be fined:
[https://community.spiceworks.com/topic/2007530-how-the-eu-
ca...](https://community.spiceworks.com/topic/2007530-how-the-eu-can-fine-us-
companies-for-violating-gdpr)

------
grumpopotamus
I went through all the steps to "permanently" delete my account in 2010, did
not log in for 4 years, then tried to see what would happen, and my account
and all its data was fully restored.

~~~
Antrikshy
That was in 2010. As someone pointed out, this is likely meant to comply with
this:
[https://en.wikipedia.org/wiki/General_Data_Protection_Regula...](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation)

The law goes into effect in May 2018.

------
remarkEon
>Some of the things you do on Facebook aren’t stored in your account. For
example, a friend may still have messages from you even after you delete your
account. That information remains after you delete your account.

Why? What possible purpose does this serve?

~~~
TAForObvReasons
It's pretty obvious: A message between two people exists as two separate units
in two separate locations. Deleting the account deletes only one copy, namely
the copy that exists on your end. The digital analogue is a text message --
deleting the text message locally, say by physically destroying your phone,
doesn't actually erase the message on the other side.

~~~
dannyw
I’d be very surprised if Facebook is wasting half of their messages DCs by
storing each message twice, instead of deduplicating them.

~~~
actuallyalys
It's probably not literally true that Facebook stores two copies of each
message (or three or more copies for group chats), but it makes sense for
Facebook to act like it does because that's how email and text messages work.

------
surrey-fringe
Ever since deleting facebook I've felt so much ___. It's only once I quit the
site I was able to take a long hard look at my perception of ____ and realized
that everyone else does ____ while I should do _____. I realized that I'm
actually ____, not ____. I started handling my _____ relationships in a
healthier, more ____ manner.

~~~
Zhyl
Q: How do you know if someone on Hackernews doesn't have a Facebook account?

A: They'll tell you.

------
piyush_soni
90 days to delete my data? Is a real person going to every server and manually
changing the bits that store it? :) ... I wonder if this is an artificially
inflated time period, just like the 'Unsubscribe' feature from unsolicited
emails that tell you it might take "7 to 10 days" to unsubscribe your email
address, when it should take less than a second.

~~~
dredmorbius
Some years back working with another social service, a major issue was cached
data through third-party providers (think Akamai, Limelight, Cloudflare,
etc.). These are systems 1) outside the primary service's immediate control
and 2) with their own data-retention policies and 3) data management tools.

Someone I knew was tasked with removing large quantities of image data that
had proved inopportune. There was limited support for doing this, though a
method was developed. My understanding is that the caching service provider
hadn't had to deal with such matters at that scale previously, though this
information is incomplete. I strongly suspect that this is more frequently
encountered now.

I'm not excusing Facebook (and generally avoid doing so), but one of the
interesting things about scale is, well, its _sheer scale_ , and what seem
like simple operations become complex.

------
yotamoron
I deleted my fb account more then 2 years ago. Quality of life went up 10x. I
highly recommend it, fb's value is hugely overrated.

~~~
toomanybeersies
Your quality of life must have been rather low for it to go up 10x by deleting
facebook.

------
kevindeasis
I think what's also interesting is that some sites/apps have purposely made
their UI/UX flow for account deletion very frustrating for the user. They do
this to lower the probability of user completing account deletion

------
internalfx
Go back in time and stop yourself from ever creating it.

~~~
martin1975
RMS, is that you?

------
afro88
They suggest downloading a copy of your data first. How does one do that?

~~~
toomanybeersies
You do it from settings, from the main settings page. I just did it myself,
it's quite terrifying how much data they have on me. I also discovered that
all my contacts from my phone have been synced to Facebook, despite my trying
to avoid that.

------
RRRA
Best thing I ever did...

------
throwaway613834
Why is this on the front page...?

EDIT: I'm not complaining, I'm literally asking what there is that people find
interesting about this link, since I feel like I must have missed it. Though
feel free to keep downvoting through the floor.

~~~
nitemice
Because people want to highlight the ridiculousness of needing to contact
support to permanently delete an online account?

~~~
Mz
You don't need to contact support. The "let us know" link goes to the deletion
confirmation page.

It is stupidly worded, perhaps intentionally so to discourage deletions, but I
just did this recently.

------
whyagaindavid
Sad that Apple does not allow you to delete your account. Even Facebook does?
PS; if you think I am wrong post a direct link how to delete within Apple's
domain. Trust me it does not exist.

~~~
m6g6a
Actually there’s some security reasons why. An iCloud id have muliple purposes
in the Apple ecosystem. You can use it like an e-mail address or
caller/messaging contact id. Now imagine if they will free up your username
and later someone else will register it. Or worst, you used that e-mail
address to register in some other services.

~~~
whyagaindavid
Well they need not release the Apple-id to others.

~~~
hartleybrody
Well then some record of it existing must be stored.

------
not-sbrin
Not to beat this horse to death, but was reflecting on the same earlier today:
[https://segahmeer.com/post/stepping-out-of-sergey-brin-
shado...](https://segahmeer.com/post/stepping-out-of-sergey-brin-shadow-
thanksgiving-reflections/)

~~~
schlock509
Thank you for sharing. must have been hard to write it.

------
nodesocket
Why if you request your account deleted can you not create a new account at a
later time?

This might sound a little over the top and conspiracy theorist, but this is
all part of Facebook's and rain man Zuckerberg's psychological warfare.
Facebook hires people who work in the gambling industry to make their product
more addictive. Zuckerberg is playing us all. Facebook is a major (if not
number one) contributing factor to the polarization, narcissism, depression,
constant outrage (both sides), and dividing of the US and frankly world.

