My blogging history has not been lacking in posts where I consider deleting my Facebook profile. It’s been a common thread throughout that time that Facebook has its advantages (having become my sole practical means of contacting many old friends) and disadvantages (that it is a privacy-devouring monster). In the main, we have been willing to make a deal with the Devil in order to use the vast network of communication possibilities it opens up for us.
After holding a Facebook account for 10 years, and apparently struggling with whether that was a good thing for at least six of them, today I deactivated my account—a temporary measure to see how it goes, before a potential full deletion in the near future.
The last straw for Facebook was, as with the last straw for LinkedIn, a matter of privacy.
Facebook’s “People You May Know” feature is often handy for finding friends-of-frients that you know. Occasionally it recommends someone you kind of know despite not having any common friends, and makes you wonder how the algorithm put two and two together. A little concerning sometimes, but not the end of the world.
Today, Facebook’s recommendations went from “a little creepy” to “compromising friends’ private medical data”.
I shan’t name any names, for obvious reasons, but I have a friend who is currently suffering from a particular medical problem. As part of their treatment, that friend has regular appointments with a medical professional, and in supporting my friend, I’ve previously been in contact with that person as well. The friend isn’t on Facebook at all, citing privacy concerns. I have not mentioned anything about them nor their problem on Facebook. And yet today, Facebook’s blissfully context-free recommendation algorithm started suggesting that I add that medical professional as a friend.
As far as we can tell, what happened is this:
- I exchanged an email with the person, via my GMail address.
- I have GMail set to remember people I email by automatically adding them to my address book.
- I have an Android phone, which automatically syncs my Google contacts, so their email address became stored on my phone.
- I have had, in the past, the Facebook and Messenger apps on my phone. I had granted access to my contacts, so they could set contacts’ photos to their Facebook profile picture.
- The Facebook and/or Messenger apps hoovered up my contacts and sent them to their server.
- The person’s email address matched the one they used for their Facebook account, and so Facebook knew that we had some kind of connection.
Now, it’s not entirely Facebook’s fault. Some of the fault lies with Google, and a not inconsiderable portion of the fault lies with me for not checking apps’ permissions and privacy policies. However, it’s the Facebook part of the puzzle that made the whole thing creepy, and so, that’s the part that has to go.
So farewell, Facebook. You’ve made staying in touch with a lot of friends much easier over the last decade, and for that I’m grateful. And I’ve always known that the price for that was that you’d play fast and loose with my own privacy. But when you start to infringe on the privacy—and potentially the confidential medical information—of one of my most vulnerable friends, you crossed the line.
If you’re curious, the option you should have left turned off in the FB app was this one: http://www.axelfendersson.co.uk/junk/contactupload.jpg I’ve never tuned it on, as I’m not entirely happy with anything automatically uploading data to Facebook without my having to approve it specifically.
Yeah, I’m almost certain I checked that box at some point. Unfortunately there is no option for “Oops, I shouldn’t have done that, please delete the information you just uploaded”.
You should be able to delete any uploaded contacts here: https://www.facebook.com/mobile/messenger/contacts/
So you can! OK, maybe I shouldn’t have been quite so harsh on Facebook then :(
Relevant article from today: https://gizmodo.com/how-facebook-figures-out-everyone-youve-ever-met-1819822691