If it's a) then that's either a 'hidden' toggle which does not meet GDPR needs. If it's a 'hidden' and do not process further, it is questionable (unless a right to be forgotten is invoked).
Also if it's a) then everything is discoverable by someone with legal authority, even years after you believe you have deleted it.
Some minimal tombstone metadata like “This ID was a post/image” is kept around for things like error messages (“The post you are trying to view is not available. It may have been deleted or you may not have permission to view it.”). There might be exceptions for illegal things (like child pornography) where there’s some obligation to keep the data (or a hash or something) for law enforcement purposes, but I’m not aware of any.
You can try to argue that the author wants to keep things simple for a general audience. Though a cynic would point out that one of the authors is FB's deputy general counsel, the type of person who we would expect to be incredibly precise and purposeful about wording.
I looked around on the FB support pages for more clarification and this is the best I could find:
https://www.facebook.com/help/224562897555674/
> When you delete your account, people won't be able to see it on Facebook. It may take up to 90 days from the beginning of the deletion process to delete all of the things you've posted, like your photos, status updates or other data stored in backup systems. While we are deleting this information, it is inaccessible to other people using Facebook.
Since it is talking about deleting backup/caches, I think it's reasonable to interpret that they mean a complete wipeout. Though I assume there's no guarantee either -- i.e. if FB's deletion process "happens" to not wipe out the cache or do a real wipe, how can we really confirm?
For a non-Facebook example, here's how Google talks about deletion of search activity:
https://support.google.com/accounts/answer/465
It explains that Google will retain the "meta" of your activity, and also says that the meta will be removed if you delete your account:
"When you use Google products and services, we keep some data with your Google Account, like when and how you use certain features. We keep this data even if you delete activity or other items. For example, if you go to My Activity and delete a search you did on Google, we'll still know that you did a search, but not what you searched for. What you searched for will no longer be stored with your account...We keep this data as long as it's relevant to meet uses like those above. If you delete your account, we remove this data from it."
I'm still not absolutely certain it is deleted from disk.
Presumably Facebook has this data, for people who are logged in with the same browser at the same time as they visit any page having a Like button. No need to click the button.
The question is whether Facebook is keeping the existence of this data hidden from people who request a copy of the data Facebook has on them.
Rather than live in George Orwell's nightmare, I have resorted to spending my time blocking their tracking at the dns request level on my router for all my devices. The great thing is you can block a bunch of other trackers and spyware as well.
It just never ends with FB though. I can't tell what's worse though. Them continually telling their users they care about privacy and then going right back to taking and using people's data for nefarious reasons; or the users who continue to put up with it year after year, scandal after scandal and willing give up their privacy.
[0]...I suppose I'm assuming here that somebody who has an account on HN has a smartphone.
Think of it like the prospect of having unprotected sex with a partner. One potential partner has always been faithful, another has had a few slip ups, a few betrayals. Do you see potential relationships with each a little differently?
Of course, a valid followup question is, "Yeah, but has any data-hoovering company in SV been faithful?"
CopperheadOS:https://copperhead.co/android/
So you're prepared to believe FB will delete your personal data as promised, right? This time, if they promise to play nice, it will be great? What I would believe is a system where data is sent encrypted to the social network and content filtering is happening locally at the end user - in other words, something like the internet.
> ...we’re taking additional steps in the coming weeks to put people more in control of their privacy. Most of these updates have been in the works for some time, but the events of the past several days underscore their importance.
I guess it's confusing because these updates/steps are talked about in the present tense, e.g. "Some people want to delete things they’ve shared in the past, while others are just curious about the information Facebook has. So we’re introducing Access Your Information..."
Something like, "Expect to see these updates in the coming weeks" would have made things clearer.
"It’s Time to Make Our Privacy Tools Easier to Find" (just not quite yet!)
The only links in the article body are to a post from Zuckerberg and to "Ad preferences" - nothing about how to get to the new-and-improved privacy tools.
Whenever I read marketing sentences like this, I can remember sitting in meetings deciding how we were going to lie, but discussing the topic using words to make it seem even to ourselves that deceit wasn't our goal. I often wonder what my life would be like if I'd happened to end up on some sort of a blue collar path where I just did an honest day's work for an honest day's pay, my guess is that I'd be much happier, and most likely better off financially as well.
All in all, this is a great talk, I highly recommend you watch from start.
They hinted this January that they would release this soon:
> “We’re rolling out a new privacy center globally that will put the core privacy settings for Facebook in one place and make it much easier for people to manage their data,” Sandberg said at a Facebook event in Brussels on Tuesday.
https://www.reuters.com/article/us-facebook-sandberg-privacy...
So I guess the takeaway here is that privacy regulation works?
I also just love how they put it in their post:
> People have also told us that information about privacy, security, and ads should be much easier to find.
Really, Facebook? People have just told you that? Are you freaking kidding me? People have been telling you that for a god damn decade. But you chose to ignore it, because you didn't care - until this major scandal was created that forced you to do this. It wasn't because "people told you" and as a company that "always listens to its users" (ha! good one), you decided to actually do that. Come on.
Facebook's tone throughout this entire scandal has been nothing but condescending. And yes, they really do think we're all idiots (as proven by how they responded on every other past screw-up and how they typically come out and lie about it):
https://mondaynote.com/mark-zuckerberg-thinks-were-idiots-63...
Remember how they outright lied about the datr cookie being a "bug" for years, until they finally admitted in a Brussels court that the cookie has always been there on purpose, but as a "security feature" (another lie) ? I do:
https://www.propublica.org/article/its-complicated-facebooks...
Facebook's leadership is full of pathological liars, and they're always looking for another "angle" to get out of the latest scandal and come out ahead. Like how Zuckerberg put out full page ads with his "message" in multiple UK papers, so he doesn't have to go and testify before the committee. Despicable people. I used to think Uber was alone in its own class of evil companies, but Facebook is starting to fit the very same class of companies.
Make the dissidents tag themselves as such.
...
"If you delete "everyone" content that you posted on Facebook, we will remove it from your Facebook profile, but have no control over its use outside of Facebook."
Source: https://beta.techcrunch.com/2009/12/09/facebook-privacy/
