Like many, I am considering leaving Facebook due to its most recent round of privacy failures — Instant Personalization & Connections — which represent only the latest in a continuing de-evolution of privacy protection on the popular social networking platform.

But what will happen if I remove data from my profile, or delete my account altogether?

Facebook’s Privacy Policy notes the following in section 7. How You Can Change or Remove Information:

Limitations on removal. Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users. However, your name will no longer be associated with that information on Facebook. (For example, if you post something to another user’s profile and then you delete your account, that post may remain, but be attributed to an “Anonymous Facebook User.”)  Additionally, we may retain certain information to prevent identity theft and other misconduct even if deletion has been requested. If you have given third party applications or websites access to your information, they may retain your information to the extent permitted under their terms of service or privacy policies.  But they will no longer be able to access the information through our Platform after you disconnect from them.

From this, it appears that Facebook will indeed remove your data from their servers and disconnect it from your account/identity, but they warn that anything you’ve shared is “out there”, but they have no control over what your friends, applications, or external websites might be doing with your data. This makes sense.

However, the statement that “certain information” will be retained to prevent identify theft or “other misconduct” is extremely vague. What information? Who has access to it? How is it identifiable to my account? How long is it retained?

I will see what else I can discover about how information might remain on Facebook servers even after removed by users, and will post any updates here. If anyone has additional insights, please leave a comment.

UPDATE: I asked Tim Sparapani, Facebook’s director of public policy, about this section in FB’s privacy policy, and received the following response:

I raised your issue with our security team, since I didn’t know the answer off hand, and this is the official answer:

This only relates to situations where we have flagged an account for violations of rules before the request for deletion is made.  So in 99.99 percent of the time when deletion is requested we just delete the account. But if we are investigating an account for fraud or have a pending chargeback or something like that, we are not going to go forward with deletion until issues are resolved, and we may retain certain identifying characteristics that our automated detection tools can key against to catch an attempt to create a new account.

Thus, it appears that if your Facebook account is under special scrutiny, some of your information will be retained after a deletion request. But for the majority of users, deleting your account does, in fact, mean that Facebook will completely delete your profile information from its servers.

(Remember, though, that any information you’ve shared remains “out there”.)

NOTE: What I describe above — deleting your account — is different from deactivating it. When you deactivate your account, it is merely rendered invisible (and links to you are turned off, but your name remains), and Facebook keeps all you data in case you later choose to reactivate.

Pin It on Pinterest

Share This