wordpress blog stats
Connect with us

Hi, what are you looking for?

Zuckerberg in Congress: Facebook’s ‘Shadow Profiles’ show that users don’t really have control

shadow profile

‘Your Facebook data belongs to you and you have complete control over it,’ that was the line that Mark Zuckerberg kept pushing over and over, both times he testified before US legislators this week. But everyone wasn’t buying it. Congressman Ben Luján, a Democrat from New Mexico pressed Zuckerberg on what information Facebook collects beyond what people knowingly hand over

To learn more about what information Facebook collects beyond what users knowingly hand over, Luján asked Zuckerberg about something called shadow profiles – a term for non-user data collection that Zuckerberg was apparently unfamiliar with.

Here’s an excerpt from the exchange:

Luján asks: “It’s been admitted that you do collect data points on non-Facebook users. So my question is, can someone who does not have a Facebook account opt out of Facebook’s involuntary data collection?”

Zuckerberg responds: “Congressman, anyone can opt out of any data collection for ads, whether they use our services or not. But in order to prevent people from scraping public information, we need to know when someone is trying to repeatedly access our services.”

Luján continued: “You’ve said everyone controls their data, but you’re collecting data on people who are not even Facebook users, who never signed a consent or privacy agreement and you’re collecting their data. And you’re directing people who don’t have a Facebook page to sign up for Facebook in order to get their data. It may surprise you that, on Facebook’s page, when you go to ‘I don’t have a Facebook account and would like to request all my personal data stored by Facebook,’ it takes you to a form that says go to your Facebook page, and then, on your account settings, you can download your data.”

Advertisement. Scroll to continue reading.

Facebook controls the data not users

The above exchange highlights the main flaw in Zuckerberg’s line of argument that all data that Facebook collects is consent driven. The reality is that, even if you’ve never signed up for Facebook, the company still has a general sense of who you are, gathered through uploaded contact lists, photos, or other sources. Zuckerberg feigning ignorance on this issue won’t make it go away, neither will his argument that this is being done to deal with bad actors or security purposes.

Facebooks’s collection of non-user data raises questions about what data is covered by Zuckerberg’s idea of user control and ownership of data.
Zuckerberg had said that Facebook deletes all your profile data if you delete your account, but didn’t know how long it takes for that data to be deleted which means it’s not done immediately. The question then is, are elements of your data used to build a shadow profile even after you have left Facebook? What if Facebook already had a shadow profile on you before you signed up, do you have control over that data when you choose to join?

How Facebook uses shadow profiles

Writing for Gizmodo, Kashmir Hill offers the most detailed example of how Facebook shadow profiles work in its ‘People You May Know’ feature. Even if you have never signed up for Facebook you are part of someone’s phone contact list who probably is. All this information is collected by Facebook and they don’t discard your contact even if they know you aren’t on board. When users sync their email account or phone messages with Facebook, data on other non-users is picked up. Instead of discarding their information, Facebook keeps non-user data attached to something Hill calls a shadow profile — a reliable bank of information held in reserve so that, if you ever do sign up for Facebook, the company will know exactly who to recommend as friends.

All this might seem harmless as it’s just being used to recommend friends who are on the service to you. But this data is being gathered without your consent and is almost certainly being put to other use, the above use case was only one of many that was discovered by a journalist’s investigation. When Zuckerberg says that you can delete your account or any piece of data you have shared with Facebook, that rings hollow when Facebook collects and stores data that you haven’t shared with it.

Advertisement. Scroll to continue reading.
Written By

Writes about consumer technology, social media, digital services and tech policy. Is a gadget freak, gamer and Star Wars nerd.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



While the market reality of popular crypto-assets like Bitcoin may undergo little change, the same can't be said for stablecoins.


Bringing transactions related to crypto-assets within the tax net could make matters less fuzzy.


Loopholes in FEMA and the decentralised nature of crypto-assets point to a need for effective regulations.


The need of the hour is for lawmakers to understand the systems that are amplifying harmful content.


For drone delivery to become a reality, a permissive regulatory regime is a prerequisite.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ