It’s Time to Delete Facebook - Firewalls Don't Stop Dragons

Facebook, I’m breaking up with you… It’s not me… it’s you.

In the last few weeks, Facebook has been rocked by one scandal after another. First the Cambridge Analytica thing, then the “Ugly Truth” memo, and then news that it’s been saving all your text messages and call info. But these are just the latest scandals [update: there are newer ones] – there have been several others over the years, but they came at a pace that allowed them to quickly fade into memory and not rile up its users enough to take much action. But not this time. It’s time to delete Facebook, folks – not just for your own sake, but for the good of all. (Okay… if you’re not quite ready to do that, read this anyway – there are measures you can still take that are worthwhile.)

I recently talked about all the things Facebook knows about you. (It can get really creepy. ) I also told you how to download all the raw data Facebook has on you (though it doesn’t necessarily tell you all the things it has deduced about you from that data). The lengths Facebook will go to to gather more info is truly mind-blowing. Facebook has so much data, it can’t possibly keep control of it. This will not be the last leak, breach or misuse of information.

What you have to face up to here is that at Facebook you are not the customer – you’re the product.

(Note: Tune in tomorrow to my podcast – the whole show is dedicated to this topic.)

It’s Not Just Facebook

Of course, there are many other companies out there that are just as bad or worse. Some estimates say there are 2500-4000 data brokers in the US alone – and you’ve never heard of most of them (which is the way they like it). Just look at the Equifax debacle. No one signs up to be a customer of Equifax, so you can’t take your business elsewhere when they fail you. Market dynamics don’t apply in those cases – only regulation can help. But at least for some companies, you can vote with your feet.

Why Privacy Violations Are Special

For some reason, we tend to worry a lot more about our stuff than our privacy. We give up our privacy willingly for all of these ‘free’ services – and granted, many of them are excellent services. (I actually love the idea of Facebook – it’s the implementation that’s fatally flawed.) But unlike material things, privacy can’t be regained once it’s lost. If someone steals your stuff, you can replace it; but if someone steals you – your history, your preferences, your relationships, your communications, your biometrics – you can’t get that back.

From this, you need to draw two conclusions. First, you should be much less cavalier with your personal information. This means reducing what you share and restricting with whom you share it. This means cranking up your privacy settings on all your accounts and services till it hurts.

Second, when you’ve entrusted your privacy to someone and they violate that trust, you need to take action. You need to make it clear that you very much care about your privacy and you will not stand by idly when it’s abused or misused. At the end of the day, these companies need you to survive and will only respond when their profits are threatened.

Download All Your Data

You should do this even if you’re not planning to delete your account. For one thing, it’s good to have a backup of all your data. But mainly, I think it’s important for you to know everything Facebook knows about you.

To download your full Facebook archive:

On any Facebook web page, open “Settings” (from the little triangle menu, upper right).
Click “Download a copy of your Facebook data” at the bottom of the General Settings page.
Click “Start My Archive”, and then wait for an email notification to download the file.

When you get the email, you’ll have a few days to download the data before the link expires. The file you download will be a zip file – which is a compressed archive of several other files and folders. Double-clicking this zip file should open it up. You’ll want to go into the folder and then double-click the index.html file inside to view your data.

Realize that this archive – while extensive – only represents the raw data. It doesn’t include all the information they’ve derived from this data (and all your Facebook friends).

Take Your Privacy Back

You have two main options to try to regain control over your Facebook data. The best option is to literally take your data back: delete your Facebook account. But if you can’t quite bring yourself to do that, your next best option is to severely and deliberately restrict the use of your data. Realize that Facebook will still have all your data, but you can at least try to limit who else has it.

Option #1: Delete Facebook

I realize this will be next to impossible for most of you. Just realize that deleting your Facebook account is not the end of the world. If Facebook gets their act together, you can always open a new account and reconnect with friends and family. Sure, your history will be gone… but I’m not sure that’s a bad thing.

Facebook doesn’t make it easy to delete your account. They first offer to deactivate your account, which honestly does nothing useful. You want to delete it. To cut to the chase, just go to this link:

https://www.facebook.com/help/delete_account

Once you do this, they’ll tell you that your account has been deactivated and will be permanently deleted within 14 days. You did it!! Good for you!! (If you log back in within that 14 days, you can cancel this process.)

NOTE: Be sure to also delete the Facebook app from your phone, tablet, smart TVs, and whatever else.

See below for some alternative services to replace the ones you just gave up.

Option #2: Crank Up Your Facebook Privacy Settings

In response to the latest crisis, Facebook has simplified the tools for controlling your privacy settings. There are tons of settings and they’ve recently changed (hopefully for the better). There have been a ton of articles written recently about how to configure your Facebook settings for maximum privacy. I’ll summarize them here, and then point you to some great articles that will help you with the details.

Limit who can see your posts.
Limit who can tag you in photos.
Delete all your imported contacts.
Cut off third-party sharing and apps.
Use privacy-protecting browsers and plugins.

This one article from Consumer Reports covers most of these bases and more. Naked Security also has a great article. I would frankly read them both.

Check Facebook’s new Privacy Shortcuts – you should be able to access this from the “?” menu on any page. Facebook is also supposedly rolling out a new tool this month that will allow users to review and even delete their historical data. Stay tuned for that.

Facebook (and Google) Alternatives

There are several tools and services to replace Facebook’s main features. Keep in mind that every one of these services may also collect your data… but I’ve tried to pick ones that are better about privacy. Also, there’s something to be said for just spreading this info around. Here are some alternatives to check out:

News: Feedly, Flipboard, Slashdot
Messaging: Signal (not WhatsApp or Instagram – they’re owned by Facebook)
Event planning: Doodle
Groups, mailing lists: groups.io, GroupMe
“Log in with Facebook”: Use a password manager like LastPass or 1Password

Bonus tip: If you want to ditch Google, too, here’s a great article on alternatives that respect your privacy.

Super bonus tip: If you really want to take back your privacy, I highly recommend checking out privacytools.io. They have great info and lots of wonderful tips and tools, stuff you won’t find elsewhere.

Need practical security tips?

Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.

Don't get caught with your drawbridge down!

Get started