Hacker News new | past | comments | ask | show | jobs | submit login
Downloaded my Facebook data and it has the call history with my partner’s mother (twitter.com/dylanmckaynz)
503 points by bkfh on March 23, 2018 | hide | past | favorite | 149 comments

Heh, I didn't have a Facebook account until several years ago. At some point I heard some coworkers discussing about something posted on Facebook, a post was about me. So I decided I'd make an account.

One of the first screens was that list of suggestions for people to add as friends.

Guess what? Even though they had almost no info on me, from me, the list had almost everyone I knew, even neatly sorted by level of interactions across the time.

I had just activated the "shadow" profile they had on me from everyone else...

I decided to download Instagram the other day. I wanted to be somewhat anonymous so I created a profile with a generic username, didn’t attach my email, and didn’t allow it to download any contacts.

When I signed in, the whole suggested friend list included people I knew. Family, old coworkers, ex-girlfriends, people I haven’t spoken to in 10+ years...

The only explanation I can think of is that I had used my phone number to sign up, and they scanned all their users to see who has my phone number stored in their phones.

I got super creeped out and deleted my account. Funnily enough, I had the exact same experience with Twitter last year too.

Instagram’s suggestions are out of control. It recommended that I friend the receptionist at my old dentist’s office. I didn’t even have Instagram when I went to that dentist. I can’t even figure out how it would connect us. Even if she had my phone number in her phone and made the decision to share her contacts with Instagram, I didn’t share my number with the service. I used an email that she wouldn’t have. Maybe I browsed a website with Facebook tracking while in the office and it knew my location and made a guess, but I don’t believe that it recommended anyone else from that building. Strang

If you paid with your credit card at the dentist they probably connected you that way.

Great point! I did pay with a credit card quite a few times

They probably collect location from users and correlate time and place to infer relationships.

This is freaky for sure but it could've also just been a coincidence. If she worked at a local dentist's office it could be that she is friends with a friend of yours or something like that.

That's the thing, this account has NO friends. I follow random people who draw things or dress well. But it still recommends my son's friends' parents or people that I went to high school with two states away or even the woman who cleaned my house two years ago. I bet FB's friend matching algorithm is something special

> The only explanation I can think of is that I had used my phone number to sign up, and they scanned all their users to see who has my phone number stored in their phones.

Simple. Those services ask permission to access the contact list of their user so they can "check if they already have them in their system". And while they're at it, they just keep everything. Permission included so they can store new contacts when you add new ones.

I have denied that sort of request from LinkedIn many times, but due to the suggestions it's made, it's clear they scraped my email contacts at some point. Either I slipped up, or they found some oblique way.

This is where EU's data protection law comes into play. When someone agreed to letting the app look at their phone book, the person isn't giving the app permission to store that forever. In theory, this sort of action should be illegal under EU law.

I "deleted" my FB more than 8 years ago, but since it was not possible to actually delete the data it was only disabled. In January I decided to re-activate it to get in touch with old acquaintances. Surprisingly, all of my pictures, contacts, and other interactions were there. Even a pending friend request was pending for 8 years.

Maybe I shouldn't be surprised, though, because FB stated clearly that you cannot delete your data. I just didn't believe they would keep it for so long. It felt weird.

Edit: Just a fun addition, I also made a fake account to promote Youtube videos against FB's EULA. To get more viewers I thought it might be a good idea to make arbitrary friend requests and must have had a certain tendency to click on attractive women. Curiously, at least half of them accepted immediately. One week later I got spammed with friend request of two kinds:

(a) Asian manufacturing sites offering all kinds of machinery and services. Most of them from China, but also some in other countries.

(b) Women posting half-naked pictures of themselves on FB, apparently doing that for a living.

None of them were my target audience. I guess successful FB marketing is more complicated.

That's interesting because refusing to delete personal information is going to be directly contrary to GDPR in a few months, the penalty for which will be 4% of global turnover.

So can I then "move to London" in my account, and then request a real delete?

Best "move to Paris" since London ain't going to be in the EU soon enough

It is absolutely possible to delete your Facebook account and profile permanently. It is harder to find (I had to search the help section for "permanently delete" or something), and they give you two weeks to change your mind. Of course, they still have tons of information about you, but I am tired of hearing people claim that you can only deactivate your account.

I deleted mine two years ago, but not before downloading my data. I haven't ever gone through it, but now I am interested to see if they included call logs and stuff.

> I am tired of hearing people claim that you can only deactivate your account

I'm tired of FB (or anyone using similar tactics) hiding behind "but you can delete your account" while employing all manner of dark patterns and scare tactics to mess with people who want to do exactly that.

Maybe it's changed since you did it, but I walked a friend through it recently and it was painfully tedious (not just a bunch of "are you really, really sure"s, but a bunch of dark patterns trying to steer you away from or hide the option altogether).

I'd be surprised if even 1% of people who want to delete their account are successful.

I would not trust them with deleting any data. No deletion on another system can ever be verified.

Are you sure this was possible > 8 years ago? If I remember correctly, I researched this for quite some time then and didn't find any way of deleting the account and everything stored in it. But it's possible I overlooked the option, of course.

I believe in the past you had to open some kind of support request, as there wasn't an "automated" way to do it (and there was maybe still some kind of waiting period after having deactivated the account). It's certainly been made easier (they've gotten a lot of flack over the years oven this...)

it was possible in 2011 when I did

Have you tried to reactivate or re-register the account with the same details? Out of interest really

When I deactivated my facebook account to see what happens, literally nothing changed. Everybody else still thinks I'm there, they can send me messages, etc. When I reactivated my account by logging in, it was as if I had merely logged out.

> I "deleted" my FB more than 8 years ago, but since it was not possible to actually delete the data it was only disabled. In January I decided to re-activate it to get in touch with old acquaintances. Surprisingly, all of my pictures, contacts, and other interactions were there. Even a pending friend request was pending for 8 years.

There's a bit of a mixed message here. When you reactivated your account, you wanted to get in touch with old acquaintances. Yet you expressed surprise when your contacts were still there, even though you presumably wanted them to be. Was that a pleasant surprise? Or you were reactivating your account only with the intention of starting from scratch 100%?

I'm assuming you deactivated, not deleted, your account.

I've deleted and restarted account. Does not have old data.

You can not see the old data but for sure it is there. They just don't make it obvious by linking it to the new account.

Remember how it asks you to upload your contact lists? You probably say no, but others say yes and do it. They got this "people you may know" from THOSE people uploading their contact lists. It's kind of weird to call it a "shadow profile" when it's simply connecting those dots.

It's considered a shadow profile because they create a profile that nobody can see that aggregates data about the user. It's more than just the mutual contacts.

When people upload their contacts to Facebook to "find friends by phone or email" Facebook takes the phone numbers and email addresses of people who do not have Facebook accounts and associates them with a shadow profile. If multiple people upload contacts and have this same phone number and email address of a person, they can associate any other data uploaded (obviously name, birthday, address, other social media profile URLs?) with the same shadow profile. When the person creates an account using an email address or phone number tied to the shadow account, they already have a reasonable amount of data on the peson, including every user who has them in their contacts and others on those social graphs so that they probably know what school the user went to and current/past employers.

Has anyone from Facebook actually outed them on this or is it (highly plausible) conjecture at this point?

> It's kind of weird to call it a "shadow profile" when it's simply connecting those dots.

Is it kind of weird to call a shadow a shadow when it's just connecting the dots from yourself to the ground? What do you mean it's weird to call it a shadow profile? Just because you know how they do it does not make it "in the clear" or something not-shadow-like.

A shadow profile is a profile unknown to the victim and likely unknown to their friends. Facebook creates huge datasets of information about people without those people ever signing up for Facebook or even hearing about it. That's a shadow profile and it's creepy.

Is weird to call it a shadow profile because mow people like yourself are talking about victims. They basically just ran an SQL query. They didn't abuse anyone.

That's super creepy, but you can see how they get there.

I had a moment some time ago when it started suggesting I connect with people that I know from a private listserv I've been on for years.

Except I'm subbed to that listserv with a different email address from the one I use for Facebook, and I have no real-world interactions with these people, or friends in common. It was surreal.

Once I realized that someone on that list probably used Gmail, and shared their Gmail contacts with FB, it made more sense. Different email addresses don't do much when your name isn't very common, and the addresses vary only in domain.

My only Facebook account has entirely fake data. I use it to coordinate events with a dozen real-life friends. Facebook still manages to suggest new friends that have no obvious relationship to anyone I am friends with. I've never put their apps on my phone and used an email address I created just for Facebook.

It is creepy, but I can't help but step back and marvel at the technical achievement.

> entirely fake data.

> I use it to coordinate events with a dozen real-life friends.

These two statements are mutually exclusive.

True. I meant profile data that I was able to enter.

I wonder what percent of that profile is 'fake' and what is 'real'. Sounds like your intent is for it to be 90%+ fake but, in actuality, it's probably a lot more 'real' than you expect.

My guess.. the friends you are coordinating with have your number in their contacts list, which they then allow FB to see. FB associates that number with that group of people, and also separately associates your 'fake' account with that same group of people, since you're using it to coordinate with them. Now, if anybody else has your number in their contacts, FB might decide to show them to the 'fake' account, since they know somebody associated with the group you associate with. Three degrees of separation from your friend -> your number -> your friend group -> your 'fake' account

If all the profile data is fake, presumably the phone number is too? If not, that kind of negates the whole post.

I was referring to his real number, which isn't in his FB account, but is likely stored in his friends' contact lists on their phones, which they in turn give over to facebook. This lets FB create a shadow profile for him. Even if they don't associate that number and shadow profile directly with his fake profile, they will see that they have the same social circle, since the same group of friends will both have his real phone number in their contacts, and also be communicating with his fake profile through FB. At best, there's only two steps between his real phone number and his fake profile.

For me it's only a little creepy, but not surprising. I constantly think of Snowden and just how much our completely (ostensibly) private data actually says about who we are and what we do.

And then we're creeped out that an app that we allow to monitor our lives can know so much about us.

And I love FB, because I know that being online means sharing information. If I wasn't okay with sharing it, why in the world would I put it online with some other party controlling it?

> And I love FB, because I know that being online means sharing information. If I wasn't okay with sharing it, why in the world would I put it online with some other party controlling it?

Do you love that they track your movements across the web using phone home beacons on large swaths of the web and third-party apps?

Nope, I don't mind that. They're definitely not the only ones, and as long as that info is used for improving experiences, I'm okay with it.

Yeah, our experience of the American presidency has certainly been improved :P

That was only half-serious.

But it's not only use for improvement, but also to manipulate us in ways that may not be in our best interest.

Of course, it's your information. If you are OK with sharing it, it's your right. I say the same about smoking: you hate your lungs? Smoke away! But when tobacco companies lie about the effects of tobacco, and make it seem normal and cool, that's when I get angry.

We shouldn't be ok with our lungs going to shit and with our lives being constantly spied. But we have a right to accept this things, if anyone doesn't agree with me they can do it and I respect them.

I don't respect those who misinform, lie or deceit us to make us OK with it though.

Don't get me started on our presidency. My party sold it's soul to win (of which I've now learned, it didn't have much to sell). But when you say it's my information to share, is this somehow hidden from people? Is there some sort of system that hides that fact from people? I feel like an alien because I truly don't get the people who are griping against their information being sold/distributed. I don't mean people like my grandmother, who're just happy to purchase stuff online, but people sophisticated enough to make cogent arguments about privacy and data rights, but act as if they are taken aback by ad targeting. It's either disingenuous or mentally incapacitated, but I'm struggling to find a third option here.

> a dozen real-life friends ... used an email address I created just for Facebook

Faking data doesn't work when they have a significant shadow profile with 'votes' from many of your friends. I imagine some of your dozen real life friends have your real email in their contact lists. You giving a fake one might just set a flag that your 'vote' is not to be relied on!

Correlating with a dozen people posting events, activities etc probably reveals rather a lot about time0ut.

As well, they (and Google) are tracking your movement across the web, through affilliates and embedded webbugs. Don't think for a moment they've not connected the dots. All it takes is one gstatic image load while you're bringing up hotmail or one clicked embedded link and they've got an identity.

"Social Media" is a nasty spy network in candy-coloured wrapping.

Could it be the email address you signed up with was in their contact list?

It's probably an access point/ip based thing.

If you make a new friend(s) and visit them (before adding them on FB) and use their home wi-fi to access to FB, they will almost instantly appear on the "friend suggestions" list. I experienced this (and heard about from people I know) several times when I used to have a FB account.

Facebook can't know the MAC address of my router from my friend being here and using facebook. At MOST they could know my IP address, but everyone has Dynamic addresses nowadays and that's a useless data point.

Google _does_ know router's MAC addresses, because they mapped BSSIDs when doing streetview mapping.

Dynamic, yes. But in this situation 2 accounts have the same IP.

That would explain the list, but not the sorting.

What does the level of interactions refer to? (what kind of interaction)

Recent co-workers ahead of past ones, people I met recently ahead of those I met a longer time ago, family ahead of friends and other acquaintances.

I remember thinking: they definitely aggregated a lot of sources to get this list.

Could it be people who searched for you before you made your account? I've noticed something similar with a handful of people but always assumed they were people who searched for my name and couldn't find me at the time, so their search was put on hold until an account with the corresponding was created.

The people you interact with the most are probably also more likely to be the people that interact with each other. So FB can see everyone who has your email address in their list and then prioritize those people who are most connected with each other.

I am guessing, but it is quite amazing how freakily accurate simple statistics can be.

i deleted my facebook acc years ago, but people keep using my gmail when registring for facebook, i dont know how is facebook allowing that. i though after some time without verifying the email facebook would disable the account, so i filtered those to not go to my inbox. but facebook never did that. so i had to contact them to disable the account and verify that this is my email address and not from the person that registered it. they removed then my email for that account. after half a year somebody else registered the email again, and im getting again emails from fb and now im filtering it to go to spam directly. it makes me angry.

The verified solution to this is to recover the password for that account, login, remove phone, change the password and the profile picture to that of an ass.

You will never be bothered since they can only use an email once, and it will nicely throw a wrench into any massive surveillance machine by associating your email with a completely foreign social graph. It's also what the original user probably intended - I mean, he did use your email address, did he not?

> It's also what the original user probably intended

You'd be surprised the number of clueless people that have no idea what their email address is. They might have the username@(att|aol|yahoo) and believe now it's @gmail.

It's more ignorance than malice in cases like these. FB, OTOH, is not forcing the email verification because they know that it's a friction and they don't want that.

Yep, I believe this is exactly what happened to me a few months ago.

Someone kept using <myuser>@gmail.com to register for a bunch of different things. Based on the human name attached to a couple of the accounts, I'm fairly sure it was twitter user @<myuser>, which isn't me.

I was able to contact one of the sites and they deleted the account believing I just didn't want it anymore (they didn't seem to comprehend that someone would register with the wrong email), but most of them I just ended up using the "lost password" feature.

> FB, OTOH, is not forcing the email verification because they know that it's a friction and they don't want that.

Here's the most annoying part: Apple iCloud sent me a "please verify your email address" confirmation email, which I never clicked on. But she was able to use the account anyway, with my email address still attached - I kept getting notifications about someone else repeatedly joining/leaving her "family" group.

Yep, I have the name of this account as a gmail account as well - and I get legitimately typo'ed e-mail from someone at least once a week.

As fun as the replying to shopping list e-mails is, the auto-responders for signup forms do get quite old after a while. And it is truly amazing how long accounts will last with bad e-mail addresses on them (looking at you, Netflix).

i did try that, but you know what, facebook had a protection where it said, you are logging form an unusual place, please verify that you are the owner of the account in that they trow you a bunch of your friends and ask information about them.

Facebook did this to me and I was unable to access my own account (that had been disabled for years).

So I gave up. Actually appreciate them for putting that barrier in place. I am happy to not be on Facebook.

I've had this problem with multiple other services including Facebook, Skype, Dropbox and Snapchat and sometimes the service just assumes "yeah that's that guy's email, we don't need to verify it". Makes me angry too :)

> I had just activated the "shadow" profile they had on me from everyone else...

This is one of the reasons I created (and don't delete) my FB account. I'm not really adding information to the system, can have a view of what it thinks it knows about me, and can (foolishly) attempt to subvert and game it somehow using disinformation.

I only have an account for advertising with no personal info. The associated email address isn't used for anything else.

I often get friend suggestions for people I know but had, more or less, forgotten about.

Recent example was my sister's sister-in-law who I haven't seen or spoken to for at least 10 years.

The Android Facebook messenger is pure cancer. It will hijack the default SMS application and scrape all available information to the mothership. I mostly stopped responding to Facebook messages and refuse to acknowledge it as a legitimate way to contact me.

But if you absolutely need to use the messenger, I recommend using a Hermit lite application, that hocks into the web version of the messenger and leaks no more info than any other web Facebook session.

You can use Hermit to replace many proprietary bloated apps, and even create pseudo "apps" for sites that don't feature one, like this site, with a nice icon on your desktop.

> The Android Facebook messenger is pure cancer.

Not only that, but these apps are often installed by default on android phones and can't be removed by the user without rooting the phone. there is no guarantee Facebook is not scraping data even though the user doesn't have a Facebook account.

You can generally disable these default apps.

Which most non-technical people probably don't even think about.

I think the issue is not the Android Facebook messenger. It's Android. Because you have a platform that not only permits apps to do this, but an app store that approves apps which does this.

I am hoping to get my own data from Facebook and check it against when I switched to Windows as a mobile OS. As it stands, only two built-in apps, People and Messaging, have access to my call history.

Android also has absolutely useless permission categories. Supposedly lots of apps legitimately ask for "read phone status and identity" just so they can e.g. pause a game when a call comes in. The same permission lets them scrape all kinds of info like phone # and IMEI. Which is the app doing?

Android just looks like a privacy nightmare.

The Play Store team should not be permitting apps in the store without extreme skepticism of the permissions they request, particularly in certain categories.

The Facebook app should be pulled from the Play Store until its permissions are reduced, but I doubt Google will do it.

The user can always refuse access to SMS, contacts and other sensitive features on Android. I have Messenger on my Pixel, it's working fine without having access to all of that.

This is actually untrue for about half of all Android users. Being able to granularly adjust permissions is fairly new, and of course, if you aren't buying the latest phone every year, it'll be a long time until you get this.

The app store approves these apps, while at the same time denying other apps, like Adblock, that work directly against tracking. I have to void my warranty on a phone purchased at full price, with no plan, before I am allowed to install it from F-Droid.

Cue in the «soviet Russia / product sells you» jokes.

>I have to void my warranty on a phone purchased at full price, with no plan, before I am allowed to install it from F-Droid.

You don't need to root the phone to get apps from F-Droid.

Thank you for telling me about hermit. I've spent about 10 minutes with it and I'm already considering replacing about 5 apps with hermit versions. It has the type of functionality that IMO should really be standard in Android.

EDIT:one thing I noticed which kills a lot of the appeal for me is cookies appear to be maintained between lite apps

Not just the Android app. Facebook and Snapchat are notorious for having bloated apps: http://quellish.tumblr.com/post/126712999812/how-on-earth-th...

> You can use Hermit to replace many proprietary bloated apps, and even create pseudo "apps" for sites that don't feature one, like this site, with a nice icon on your desktop.

Do you really need another "app" for that? Why not just use a browser and save links to your home screen for the sites you want to access directly? As a bonus, you can install plugins like uBlock Origin and Decentraleyes and prevent the browser from leaking data to Google Analytics and 500 other data harvesting centers every time you load your "apps".

Maybe so you can silo cookies and the like?

I use Messenger Lite for a few years now. It's certainly not perfect, but it's… less cancer-y i guess. At least it's less bloated and doesn't hijack SMS.

Can the Hermit-wrapped web messenger send notifications?

I'm surprised more people don't know of mbasic.facebook.com

Is there any difference between that and m.facebook.com? I do use the latter on my phone to avoid installing a Facebook/Messenger app. But its usability is... limited.

mbasic runs without JavaScript. It's hard to use, but that may be a good thing.

Here's how: Facebook requested those permissions on Android and scrapped them. Users (includes technical people like OP) just blindly click "Yes" on every pop up.

Even if you're super careful with your permission, Facebook can still construct a good profile of you via the people you're communicating with.

Android has not, until extremely recently, required apps to request permission for things at runtime. Android 5.1, which is what was in use here, I believe, did not. Installing Android apps for most of Android's lifetime required granting it all the permissions it asked for.

> Android has not, until extremely recently, required apps to request permission for things at runtime.

Or allowed permissions to be selectively denied. I think that was introduced in Android 6.

Yeah, I believe these two things are more or less part of the same major API change to how permissions are handled. Note that until like... this year, you could simply target older Android versions to prevent users denying your app's permissions.

It looks like Google's going to try to start forcing apps to comply with targeting requirements to get apps on the Play Store now. But this really is a "too little, too late" situation, IMHO. Billions of users, as Android team likes to brag about, are already compromised.

Two month to go. End of May GDPR will start the end of this.

In the EU only though. Facebook have enough resources to keep separate versions and manage people who are geographically mobile.

Not just EU, any EU citizen or dual nationality with EU passport holder. So plenty of people from other countries too.

> In the EU only though.

That's enough for me.

You're going to make this unwilling Brexiteer cry. Damn it.

Maybe you can use the "THAT people on the continent have better protections than us"-argument to pressure your government Post-Brexit to introduce something similar. I wouldn't bet on it, but .. it's worth a try?

Don't worry it's staying in full force in the UK as well. It's currently a massive issue for us. https://www.local.gov.uk/our-support/general-data-protection...

I wholeheartedly agree. Deleting inappropriate (facebook) data collection is what GDPR is made for.

The question is, why does Facebook wants to know each bit of our lives and fetch details which might be harmless for us. For instance, Facebook might want to know how do I talk or walk or turn around and build a persona of mine? Ads, well that's obvious but ONLY Ads? I don't think so.

I don't know why people are down-voting you, you make an excellent point - what benefit could having phone and text meta-data possibly have for generating targeted advertising?

Resale. Suits at my company did not like our innovation idea until we let them know how the fiscal windfall we stand to make just by selling data.

Do you think that the social graph is itself valuable information? Data like this allows Facebook to assign weights to the edges of this graph.

I agree, targeted ads are valuable but when you’re getting this granular the computation, network and storage costs start to exceed the marketing benefits. It’s unlikely to increase conversion by much, and almost all companies and brands that could take advantage of this at scale are going to really struggle to actually implement a campaign that does this (because it’s hard to figure out and test what to target).

They are more likely collecting this data to use it to convince CMOs to continue plowing money into Facebook ads, even though they’ll never actually use it. The power that comes with being able to control the population through government relationships is a long term strategy to avoid any government sanctions, nationalisation, taxation etc.

Not surprised. Facebook/Messenger Android App can read phone call log.

Somewhere in their Messenger Android app indicates they might be planning to provide a dialer and support voice calling. It makes the excuse of reading call log more justifiable /s

Can the iOS WhatsApp app read call logs? I block it from my contacts et cetera but am not sure about call logs.

No they can’t. No 3rd party apps can read call logs and messages. 1st party (Apple’s) can.

But i think if you have friends & family that use android devices,..you are still in the loop.

iOS doesn’t offer that capability. The closest thing is CallKit which allows a voip app like WhatsApp to write calls into the system call log.

No problem, it's just meta-data \s

You'd get along great with the Australian government. /grr

I haven't ever had a facebook. What I find more chilling is why would my phone be giving over all that meta data? I'm just wondering then what other apps are just collecting that data and what security setting can be enabled to say that data shouldn't be shared! wtf.

Android + Facebook is a bad combination at the moment. I don't believe this can happen on iOS which doesn't even have an option to allow an (external) app to view things like text messages or call history.

My "main" account has been disable for years. I have a secondary facebook profile that i used to use like once a month to keep in contact with maybe 4-5 friends (as in facebook friends) and many others via a group that we have in common.

Since I moved in my current city about 5-6 years ago, there was no connection to my previous city. Yet Facebook managed to understand who one of my cousins was and suggested I added it as friend. SCARY.

and this kids is why you a) don't use Facebook apps and b) don't use your real name on FB (or really anywhere if not absolutely necessary)

FB has already inferred your identity from the graph structure and by referrences to you in conversations by family and friends

This! People think it's just a "Facebook problem". It's not. Many services work in a similar way, FB just one of the high-profile ones. After the initial enthusiasm, at least tech-savvy folks think well before installing a new app and giving your real name (or even an e-mail address that you actually regularly use) to any company on the internet.

And why I delete my Reddit account and re-image my computer every few months. And why I use a VPN.

You don't have to outrun the bear, just the guy next to you.

You don't delete your HN account every few months it seems ;)

It's a better community and I say things in less controversial ways because of it.

Facebook can't be the only app that has collected this data, can it? What about every other app that requests permission to see that data?

> What about every other app that requests permission to see that data?

Of course they'll collect and save it somewhere as well.


Previous submission that was massively flagged for some reason

Edit: might have been the misleading title

Can anyone confirm if they also do this for Instagram and Whatsapp ? Is it a whole group policy or is it FB specific ?

The future sucks

I still use Moves App[1], since Facebook acquired it in 2014, last update in 2016. Is there alternative?

Moreover: >>> We may share information, including personally identifying information, with our Affiliates (companies that are part of our corporate groups of companies, including but not limited to Facebook) to help provide, understand, and improve our Services.

[1] https://moves-app.com - background location logger and step counter

Check out Gyroscope

Moves is so clean and simple. Gyroscope is too much glorification. There is much cleaner https://exist.io

God I miss the landline phone days

Could this be data sharing between Facebook and Whatsapp? FB was asked to stop that practice around the end of 2017

My particular case was not related to WhatsApp (OP of the tweet here) as I had never installed or used WhatsApp until yesterday.

Can you reply to [0]? Copying here:

>> You know, you're going on about the data that fb has... and yet you've just shared other peoples names all over the internet. (Unless you've changed them, as the font seems different in the photo?)

[0] https://twitter.com/i400s/status/977102139263782912

People's names are public. I don't see any issue with OP sharing them. There's no context at all.

You just illustrated the main issue here. People's names are public, true. Those people using to have a relationship with the op, both the fact that there was a relationship at some point and that there is no relationship atm, is NOT public info. That's not OPs information to give away.

This is the problem I have with the #deletefacebook thing, deleting facebook and even facebook disappearing all together is not going to make the world more secure, as most people seem to believe. There are many more companies that have data about you, for example did you ever wondered how many websites you use are using jquery from code.jquery.org cdn?

The info shared by OP might not affect any of the parties involved. So does most of the crap facebook "leaked". But what if that info is affecting somebody?

You might be pointing out that laws could be enacted to prevent this from happening. It's a fact that laws cannot keep up with technology.

The solution is to educate yourself about how online works, about what data means and then educate the persons around you about this.

I think they mean your partners mom or your partner had WhatsApp.

Checking now, it looks like both of them have WhatsApp accounts.

So it somehow linked that to your account, and they slipped up on showing it to you. I'm sure if they exported they'd find that they also have more calls.

>and they slipped up on showing it to you.

Why do you think this?

I for one am happy as hell that they are including this, and I don't think we should be implying it was a mistake or that it's wrong. If you want them to export all their data about you, they should export all their data about you, and it looks like they are.

> they should export all their data about you, and it looks like they are.

I don't think they are exporting all their data about us.

Because the calls were not between that person, they were between two other people, that's kind of personal information that should only have been exported to the parties involved? Privacy and all that good stuff.

>Because the calls were not between that person, they were between two other people

I think one of us is misunderstanding the tweet here.

I read it as these calls are between OP and OP's Partner's mother. Meaning OP is a first-party in all of the calls. OP may not have been the source of the data, but OP was involved in the data, so the data was revealed to OP when he exported all of it.

You are correct I missread that tidbit.

Are you on Android?

There does not seem to be an option to link a WhatsApp account to a Facebook account (other than associating phone numbers). So it does not seem to be the case

They do that automatically through your phone number and device identifier which they have access to.

I guess it might be the reason why my facebook showed ads that always related with what i search in google/non facebook apps.

thats probably the facebook pixel or the facebook sdk doing this, not the facebook app

I rarely use FB and have never had their app on my phone. But I use whatsapp.

Anyone knows how much info whatsapp is vacuuming up?

Has anyone done this for node yet? I don't want to download ruby onto this computer. Thanks!

Anyone care to explain how we can get this data?

I tried going to facebook > settings > download data, but that's only data that I manually uploaded to facebook.com (posts, messages, photos, etc).

I hope Facebook won't suddenly remove this data from their export, if they haven't already, because of the attention it's getting.

It probably comes as soon as you install their app on an iPhone or Android device.

I get it, but my question is how do I download this data from facebook? I would like to see what they have on me.

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact