“What’s on your mind?”
Since 2009, this is the question that has greeted us on Facebook, prompting a status update. For a long time, the idea (if we even considered it) that Facebook might use the answer to that question — along with all of the other things we posted or liked or shared — to build a comprehensive data profile on each one of us was neither surprising nor scary. After all, curating an identity that would comprise our beliefs and values, our personal networks and influence, and our habits was, in a sense, exactly what we were doing on our Facebook page, and elsewhere online, every day.
If some still maintained this perception of a cooperative agreement between user and platform — whether it’s Facebook or Google or Instagram or whatever — the last two weeks might have shifted it.
In light of the recent focus on Cambridge Analytica’s so-called “psychographic” modeling, which is allegedly based on data from 50 million Facebook users, and which the company claimed it used to help Donald Trump become president in 2016, a lot of people have started to wonder whether they were duped. Whether they had entered into a very lopsided deal with the tech companies. Whether all that information they’d handed over was ultimately worth the payoff: a small space on the platform.
You can witness this shift take place almost in real time on Twitter, as users finally download all the information the platforms have been storing on them all this time and express alarm at the results. “Oh wow my deleted Facebook Zip file contains info on every single cellphone call and text I made for about a year — cool totally not creepy,” Mat Johnson tweeted. Dylan McKay discovered the same. “Downloaded my facebook data as a ZIP file,” he tweeted. “Somehow it has my entire call history with my partner’s mum”.
Tech consultant and web developer Dylan Curran downloaded his Google data archive and, under the guise of a public service announcement — “I’m gonna show you just how much of your information the likes of Facebook and Google store about you without you even realising it” — created a Twitter thread detailing how Google tracks your movements, retains the photos you’ve sent, your contacts, and every email (including spam) you’ve ever sent or received via Gmail. He then did the same using his Facebook data trove.
Results, of course, may vary. Downloading the files of information the platforms keep about you — the data they use to create the profiles behind our profiles for marketers and advertisers and political parties to target with messaging — might not yield the same shocking details. If you live in Canada or the European Union, where privacy laws are stricter than they are in the U.S., or if you use an iPhone rather than an Android device, those data caches will probably be smaller. But even in those cases, there’s still a lot.
I first downloaded my Facebook data last summer in preparation for a piece I never wrote. Recently, I also requested my Google data. I didn’t find, in either case, very much that shocked me in the way others have. Even still, it’s clear these companies have a lot of information about me — mostly correspondence via Gmail, Facebook status updates and private messages, but other things as well.
Though at some point in the past I limited Google’s location tracking, it was still obvious which cities I spend most of my time in, and roughly where. Facebook had saved details of each time I’d signed in to the site over the last few years, as well as each IP address I’ve used. And while Google may have had some trouble tracking me exactly, Facebook’s history of events I’d agreed to attend offered a more precise accounting of where I’d spent time in the last decade, as well as who I’d been with.
Combined, all of that might be unsettling enough — a rundown of activity presented irrefutably by the computer without nuance. But the general tracking of my movements (or intended movements — after all, who goes to every party they agree to attend on Facebook?) proved to be less strange than the correspondence. In the end, what got to me wasn’t the log book; it was the journal. Every word I’d typed out and read for a decade slowly downloaded to my hard drive. Gigabytes of work and correspondence, of memories and forgotten exchanges, of secrets.
If there is ever a reason to obtain your data archive from a major tech platform, it is to come to grips with the sheer size of it — the volume of it and the weight of it. Because when you see it for yourself — downloading for an hour or more, as my email archive did — an important thing happens: you question whether you should really have it in your possession; whether the security you have in place for your computer is really sufficient to protect what is effectively everything you’ve ever written to anyone in the last decade.
At the centre of the backlash against Facebook (and, to a lesser extent, Google) in the last few weeks has been a question of responsibility. We have until now generally believed that a major tech company would treat our data as safely and with as much care as we would ourselves, but we never stopped to consider what that actually meant. For, how do we handle information about ourselves in other, offline, aspects of our lives when the onus is on us to keep it safe? We shred physical documents. We keep things in safe deposit boxes. We don’t talk to strangers.
In short, we lock it down.
That’s what you realize when you download all your Facebook and Google data: that it really should be put somewhere safe. And immediately you then realize that for all this time, it hasn’t been. You suddenly understand how you’ve neglected it in assuming that because it was behind a password, nobody was looking at it or that it wasn’t being used by someone other than you. You then realize that, in effect, for all this time, all that information about you wasn’t — and still isn’t — actually yours. Because if it were, you would have protected it.
Now, it’s too late.