Become a fan of Slashdot on Facebook


Forgot your password?
Facebook Privacy Social Networks Your Rights Online

24-Year-Old Asks Facebook For His Data, Gets 1,200 PDFs 291

chicksdaddy writes "Be careful of what you ask for. That's a lesson Max Schrems of Vienna, Austria learned the hard way when he sent a formal request to Facebook for a copy of every piece of personal information that the social network had collected on him, as required under European law. After a wait, the 24-year-old law student got what he was seeking: a CD with all his data stored on it — 1,222 files in all. The collection of PDFs was roughly the length of Leo Tolstoy's War and Peace, but told a more mundane story: a record of Schrems' years-long relationship with the world's largest social network, including reams of data he had deleted. Now Schrems is pushing Facebook to disclose even more of what it knows."
This discussion has been archived. No new comments can be posted.

24-Year-Old Asks Facebook For His Data, Gets 1,200 PDFs

Comments Filter:
  • by A. B3ttik ( 1344591 ) on Tuesday December 13, 2011 @08:32PM (#38364220)
    I find this attitude so ignorant. How does a company instantly delete backups on redundant servers? How do they delete redundant hard copies kept in closets separated by meatspace? Furthermore, if you upload something to Facebook, and someone ELSE downloads it and saves it to a CD, and you delete it off facebook, should THEY be forced to magically know you deleted it, and delete their copy as well? Does Google have to delete their caches of your facebook page? Or maybe you are saying that Facebook, Google, etc should never make backups?

    The truth is that once you upload something to a site like Facebook, it becomes publicly viewable and accessible and ANYONE can download it. The unfortunate truth is that you can never really UNDO that action, and no matter what arbitrary laws or draconian regulations you force companies to abide by, you can never truly take it back, even if you hit the delete key.

    The paradigm shift needs to be in how people view sites like Facebook, Photobucket, etc: Don't upload anything you want to keep private. If you want to keep it private, upload it to a company that guarantees your privacy... NOT Facebook.
  • Re:Uh, what? (Score:4, Informative)

    by oodaloop ( 1229816 ) on Tuesday December 13, 2011 @08:44PM (#38364320)
    Yeah, after the first few sentences I was expecting he received several boxes of printed out code. Oh, he got one CD? That sounds...anticlimactic.
  • by Mashiki ( 184564 ) < minus caffeine> on Tuesday December 13, 2011 @09:07PM (#38364524) Homepage

    Indeed. In europe and canada an individual has final say on their personal information. And if it's deleted the company must delete any backup or cached data relating to that person too.

  • by Anonymous Coward on Tuesday December 13, 2011 @10:53PM (#38365320)
    It should be illegal for a person to have internet access without first acknowledging that anything they put online will probably follow them for the rest of their lives.

    I'm more happy than ever that I never bought into any of those data harvesting sites. I don't even use Google without going through a proxy with end to end encryption.
  • by nitehawk214 ( 222219 ) on Wednesday December 14, 2011 @12:00AM (#38365832)

    Moderating a Funny post Informative, that should be illegal.

  • by Ly4 ( 2353328 ) on Wednesday December 14, 2011 @12:07AM (#38365874)

    I was trying to avoid some typing with the DOD reference, but that obviously didn't work, so let's try a couple of examples. The basic point is that easy-to-access and easy-to-delete are not same thing; data is just too easy to copy.

    Example 1: I send you an email with a pdf attachment. You read it, and then we decide to delete all copies of the pdf. Where do we need to look?

    • Directory where pdf was created.
    • Any cache directories used by PDF tools.
    • Within my mail tool.
    • At my ISP.
    • At any ISP along the way.
    • At your ISP.
    • In your mail tool.
    • In a browser cache, if was viewed via webmail.
    • Recycle bin/trash can of any system.
    • Any backup made on any system while the pdf was there.
    • There are probably more ...

    Example 2 (a bit more like the system we're talking about):

    • User uploads document to server1.
    • User comes in the next day, and retrieves document via server2. The url told the system how to find it on server1, but a copy is loaded on server2 to support multiple retrievals.
    • User comes back a week later, deletes document via server1.

    How do we know which servers to notify for deletion? Do we maintain a list somewhere? Do we tell all of our servers to delete it? What about backups? What do we do if the server is not available when we send the notification?

    It is not easy ...

  • by angel'o'sphere ( 80593 ) on Wednesday December 14, 2011 @05:00AM (#38367390) Journal

    Not when their data usage policy spells out when it ISNT deleted, and gives no guarentees.

    The data usage policy is illegal under EU and most other european law ... so?

  • by a whoabot ( 706122 ) on Wednesday December 14, 2011 @05:45AM (#38367620)

    I think I agree with you. I never understood why people complain about what sites do when all of what they do is in the terms.

    From what I can tell, pretty much everything there is to know about how your data is used by Facebook is on: [] [] [] []

    All that comes in at about 15000 words. Sure, this will probably take you more than a few minutes to read and understand, unless you are Lt. Cmdr. Data. But if it is so important to you, than why not spend the time?

    I have an feeling that people are either too lazy for their own good, or just like to see injustice where there is none because they like the feeling of righteous indignation

    Sorry, I don't usually rant; please, anyone, do not take this post as impugning you personally; and I am probably missing many good counter-points.

  • by 1800maxim ( 702377 ) on Wednesday December 14, 2011 @11:27AM (#38370132)
    Because a user shouldn't have to read 15,000 word legal documents to understand what could be written in layman's terms in a point form spanning just a few pages.

    In addition to full legal documentation, there should be a brief summary in point form for the average user to get a basic understanding of what's what. If he then wishes, he can gain more information from the legalese docs, or otherwise agree.

"I prefer the blunted cudgels of the followers of the Serpent God." -- Sean Doran the Younger