You think you’re not on Facebook? Think again. Facebook no doubt has a shadow profile made just for you.
You may recall that recently Facebook found a bug exposing personal details of 6 million user accounts. What you may not have realised is that this led users to know more about how Facebook stores our data, and shows us clearly that Facebook does indeed have shadow profiles on most of us.
Scary stuff? Well, yes. It’s now clear that NSA and other government spying agencies use tools like PRISM to get data from sites like Facebook, and there is nothing we can do about it. Add to our worries the fact that Facebook may be sharing details about us with spying agencies that we never even shared with Facebook in the first place… Big Brother knows more about you than you may think.
How Can Facebook Have A Shadow Profile For Me?
How does Facebook have this information about you? Well, it’s all thanks to their automatic harvesting of information from email accounts and phones. Yes, all you need is one friend to search for friends using their email account or one friend to install an app on their phone. Bingo! There’s your Facebook shadow profile with your phone number and email addresses kept together to identify you later.
If you have a Facebook account using your email or phone number, they will be linked together with information Facebook already has about you. Your public and semi-private information is stored alongside all of these details you never knew Facebook knew about you.
This is what’s known as your “Shadow Profile” and it explains why you probably have one whether you use Facebook or not. Oh yes, Facebook says they don’t collect information about non-users. Do we believe that? Not really. And besides, with the amount of people who do have Facebook accounts, it’s already enough to worry about.
I Still Don’t Get It
Have you ever seen an old work colleague show up as one of the “People you might know”, only to wonder how on earth Facebook knew this? This colleague certainly doesn’t know your current email address or phone number, so it’s not just a simple match made by them using the “Find Friends” feature. And they don’t know any of your friends, so how did Facebook make this connection? This is your shadow profile at work.
To make this match, a third party must have also used the “Find Friends” tool, but this third party also had details of your old work email address or the phone number you used at the time you worked there. Facebook stored all those old details away in your shadow profile, just waiting to make more connections for you. When your old colleague showed up, the old address they had for you matched one in your shadow profile.
“Find Friends uploads contacts from your device and stores them on Facebook’s servers where they may be used to help others search for people or to generate friend suggestions for you and others.” — Facebook
Facebook just suggests the friend and lets you both prove the connection is right. What’s really scary is that now that you two are connected, Facebook can start suggesting “friends” that neither of you know. You may have just both emailed the same person, who happened to have a Gmail account. I’ve stopped being surprised when Facebook suggests I might be friends with someone who collects feedback for a web service or store.
How Is This Legal?
If you are a Facebook user, you probably gave Facebook permission to do this after you read the terms of service (or like most users, didn’t). As for non-users, it seems it is not legal to collect this information in Europe, but may be legal elsewhere. Who would be surprised to find that any Europeans accidentally had their information harvested? Not me.
“We receive information about you from your friends and others, such as when they upload your contact information, post a photo of you, tag you in a photo or status update, or at a location, or add you to a group. When people use Facebook, they may store and share information about you and others that they have, such as when they upload and manage their invites and contacts.” — Facebook
My Friends Are Doing This? How Can I Stop Them?
Given that this information is being collected from both your Facebook friends and anyone you know in real life, the only way to stop Facebook getting this information is if none of your friends know the information, store it electronically, or use Facebook. Given that your email address is also harvested by the Gmail account of any Gmail user you email (and likely most other web email accounts too), no doubt someone will have shared your email address with Facebook at some point.
How Can I Keep My Details Private?
If you were to try to keep a phone number or email address private from Facebook, you would need to:
- Limit the number of people you gave it to strictly the people you could trust.
- Never phone or email anyone who isn’t one of those people you can trust.
- Make sure your friends know not to enter it into a smartphone that uses the Facebook application.
- Ensure your friends never entered it into email contact details that were harvested by Facebook.
- Make your friends promise not to share the number or email address with any other friends.
- Ensure your friends never allow your number or email address to be stolen.
- Then trust that your friends have managed to do all of these things, and don’t ever accidentally have a lapse in judgement and install the Facebook app.
That’s a lot of things to trust in that you can’t directly control. Which means we can only wish you the best of luck trying to keep the details private. You’d be better off just starting a new throw-away email address and getting a new phone number every few months using a disposable number service.
What Can I Do?
Well, if it really worries you, you could create a read-only Facebook account with a new email address, or avoid using Facebook at all and hope that they are telling the truth about not collecting non-user data. However, as an ex-Facebook-user, Facebook may have some loophole to hold on to that information. It seems the only way to maintain your privacy completely is to avoid the Internet and not use a phone at all. No doubt that would put you on someone’s radar too.
In the meantime, it’s still worth maintaining your privacy settings on Facebook in order to attain some control over your Facebook privacy generally. Here is a guide to maintaining privacy with the Facebook Timeline and a guide on your privacy with the new Facebook Graph Search.
How do you feel about Facebook Shadow Profiles? Will this cause you to delete your Facebook account?