What Facebook knows about you

Facebook logs and saves a lot of data about you and what you do on their site. This shouldn’t be surprising given the more time people spend on Facebook, the greater the cash flow, but just how much data do they store? Austrian law student Max Schrems, because European law states that citizens can do this, requested all the data Facebook had about him. He got back a CD with 1,222 PDF files.

There was his log ins (above). There was message activity:

And geolocation for pics from his trip to Vienna:

But again, it’s not surprising. People use Facebook, a free service, to upload pictures, update statuses, and share links with their own free will. It’s more surprising that people are surprised by this — or that Facebook used a CD to transfer Schrems’ data.

[taz via infosthetics]


  • Thanks, Max! Isn’t it typical that only law students know their rights…

  • You are missing the point and trivialising Schrems’ work. See here for the list of complaints, which goes beyond people sharing links and posting status updates of their own free will.


    For example, deleted content is not deleted. Other data are being used by Facebook without the users’ consent. Requests for data stored by Facebook are not answered in full. Friends’ applications can access your data. And, most objectionable in my view, any website with a Like button will report your visit to Facebook, even if you are not logged in to Facebook.

    • I wonder how privacy cowboys would feel if a child was abducted from an area that had cameras trained on it, but in order to view it, the identifying features would need to be redacted….

  • Alan Smithee December 14, 2011 at 3:19 am

    What’s a CD?

  • what’s a PDF file?

  • what’s facebook?

  • Why is that surprising? I don’t hink there is any company that wouldn’t archive everything that is going on on their systems. Its a free service and that’s the risk Facebook users are taking.

  • In my almost 2 decades in IT at multiple companies, everyone stores their data somewhere forever ( it gets harder and harder to access as they try to keep their storage costs down). The reason is that they’re worried about future legal needs or request from law enforcement for information.

    The exception is cases when they are legally required to destroy old data, as in personal health information. If we want data destroyed, we will need laws or regulations to require it.

  • Ok, I admit I’m surprised that these charges were brought (of course, I don’t know European law). Most of the complaints are complaints about facebook’s business model. Of course they store, collect, process and sell the information! That’s their business! They obviously don’t do this for free!

    I guess maybe there needs to be more transparency ad education about the fact that we the members are the product, not the consumer. No free lunch.

  • How would one go about requesting this information?

  • To the Facebook “this is all completely normal, nothing to see here” defenders, why is it legitimate for Facebook to track and store user visits to sites that are not Facebook?

    • If you login to a site using the facebook login you are giving facebook right to see what you’re doing when logged in.

    • That is a good question, but remember that other companies have been tracking your web movements secretly for years! It’s important that countries have these discussions and set up laws and regulations, but since there ate many countries out there without such laws (or the ability to enforce), and the web is global, it’s critical that everyone be educated. No matter where you go, what you do, or what you think you’ve erased on the web, it will probably always be findable by somebody.

      This is even an issue in the non-digital world now with so many cameras everywhere. And now with face recognition software, it won’t be too hard for groups to track folks in their offline worlds a well. We should definitely push back, BUT it’s the nature of the world we live in now and the tide can probably not be turned.