How to Review Your Amassing Facebook Data

Sep 12, 2018 · 9 min read

Cyber Privacy | Entropic

In our previous article we reviewed the current options available for boosting your Facebook sign-in security.

In this article, we’ll show you how to download and interpret the information that Facebook accumulates about you, with a focus on identifying the elements of personal information that might be more sensitive or critical to you.

The use of a centralized storage approach — holistic elements of your personal information that are stored and replicated across the globe, continues to be the single most significant vulnerability of Facebook.

This approach to information storage makes Facebook data centers very high value targets which are subject to a constant barrage of attempted infiltrations from nation states, cybercriminals, or seemingly legitimate entities, such as Cambridge Analytica that find ways to circumvent legal and technical loopholes, to glean and leverage your personal information.

If you have opted not to #DeleteFacebook, then at the very least you should regularly review the information that is accumulating about you in Facebook data centers across the globe. You can do this using the Download Your Information feature that Facebook provides in Settings.

This is important for several reasons, including:

  1. Over time, it helps you to better understand what pieces of information about you are accumulating in Facebook’s data centers.
  2. Helping you to identify, remove, and even prevent the collection of specific items of information that you don’t need or want to be collected, analyzed and shared.
  3. Helping you to understand what third party apps and web sites might be accessing your personal information.
  4. Helping you to verify whether specific information is still being collected about you, after you have instructed Facebook to stop collecting it. This is especially applicable in cases when Facebook might change the layout of their user interface, relocating options that you were previously familiar with.

In the event of a data breach or unintended data loss, the less information that you have left accumulated in Facebook, the better off you will be.

Facebook Information Categories

Please note that the classifications discussed below are generalized and are based on a review of data accumulated on several different Facebook accounts that have existed for a period of 3–5 years. We consider how sensitive this accumulated data might be in the event of a data breach or unintended data loss, where the lost information could be correlated against other information sources, such as stolen DNA data. Each of us has our individual perception of privacy, which varies based on factors such our culture, upbringing, experiences, lifestyle, and personal beliefs.

Accessing and Reviewing Your Facebook Information

Now we’ll go into details about how to download and review your Facebook information.

  1. The file you are about to download will likely contain way more information than you expected.
  2. We’re about to download an containing all of your personal information from Facebook to be stored on your notebook or PC. Due to this, please take the following security precautions:
  3. Secure Your Network — Make sure you are connected to a trusted network. Preferably a non-public WiFi network, such as your secured home network.
  4. Secure Your Notebook/PC — Make sure that your notebook/PC is virus/malware free. Run a full virus scan and clean beforehand, or preferably rebuild your system entirely if you suspect that any malicious software is running.
  5. If you cannot be sure of the above, please do not proceed!
  6. When you are done with reviewing your Facebook information, it’s really important to clean up this information, so it is not left lying around for someone, or something else to pick up. This includes deleting the downloaded zip file, the folder you extracted it to, and finally emptying the trash to prevent it from being recovered.
  7. Though Instagram and WhatsApp are also part of Facebook, the process to view and manage the information amassed by these services is entirely different and is not covered by the Facebook “Download Your Information” feature. Viewing and deleting your accumulated information on these services can be done using their respective web sites/apps.

  1. Firstly, you’ll need a desktop PC or Notebook. This can also be done on a mobile device if you want using slightly different steps. The examples below are based on using a Mac.
  2. Go to Facebook, and sign in.
  3. Select “Settings”, then select “Your Facebook Information” from the options on the right.
  4. Select “Download Your Information”, then under “New File”, select “All of My Data”.
  5. Select “HTML” format, and select the “Create File” button.
  6. After a few minutes you will receive a notification that Facebook has prepared your information, and that it’s ready to download.
  7. Once you receive the notification, select the “Download” button to download your Facebook information to your notebook/PC.

  1. Once the download has completed, open or extract the downloaded zip file, which will be named something like “”.
  2. You will see a folder containing a subfolder for the different types of information being accumulated by Facebook. You can open the main index (index.html) in the root folder to view the available categories of data, or just load the html file from each folder directly. We’ll do the latter.
  3. Much of the information listed here is self explanatory, or you will be able to recognize it from regularly using Facebook. Lets review some sections prioritized by importance. Please note that this list is not exhaustive.

  • This most important folder is a log of conversations between you and every person you have ever talked with on Facebook.
  • In this folder there will be a separate folder for every person, along with the photos that were included in that conversation. A summary view of all of these conversations is in your_messages.html.

  • Your personal information, including name, date of birth, work, education, places you have lived, etc…
  • Historical details related to updating your profile information.

  • The information included here might include your address book, for instance from your phone, which you might have opted to share with Facebook.

  • Posts, videos, text and status updates you have shared on Facebook.

  • Comments you have posted on any Facebook posts.
  • Comments other people have shared on your timeline.

  • Pages you’ve liked or reacted to.
  • Likes you have made from external sites that you signed into using Facebook.
  • Posts and comments you’ve liked, or reacted to.

  • Basic details about Calls and Messages that have historically been made via Facebook Messenger, and possibly other dialer/messaging apps that allow you to sign-in with Facebook.
  • This can include details such as the name and number of the caller/person called, whether the call was outgoing/incoming, date/time, and call duration.

  • A historical record of photos and videos uploaded to Facebook. Summary is in your_photos.html.

  • The history of all of your searches on Facebook.

  • A series of GPS co-ordinates representing your precise physical location history, as tracked by the Facebook App over time.

  • A list of physical locations that you have defined as Facebook Places, that people can check in to on Facebook.

  • This is a simple display of every IP address that has been used historically to signed into Facebook.
  • If you see an IP address that you don’t recognize, you can use an IP address lookup service to determine the approximate origin of the IP, such as the city/state/country from which the sign-in occurred.
  • Information used by Facebook to monitor and secure your sign-in to Facebook, including the IP addresses you use to sign-in, the approximate GPS location deduced from that IP address, and Cookie related information.
  • Note the “Estimated Location inferred from IP” section which shows the approximate GPS co-ordinates based on the IP address.
  • You can copy/paste these GPS co-ordinates into any maps app to reveal how accurately Facebook is are able to pinpoint your location, even when your location sharing is disabled.
  • Alternatively, you can use an IP address lookup service to determine the approximate origin of the IP.
  • Periods of time you’ve been actively signed into Facebook, along with information about the device that you used at the time.
  • In cases where you have signed into Facebook with the mobile App, additional information, such as your cellular provider, and the exact model of your smartphone are included in the collected information
  • A record of account activity on Facebook, including Sign-ins, Sign-outs, Automatic Sign-ins, Forced Sign-outs, Third Party App API Sign-ins and Sign-outs.
  • This is a good way to understand what other people or apps might be accessing your Facebook account, and when.

  • Details about people you are currently connected to, have sent friend requests to, have connected with, have rejected, or removed.

  • Details about Facebook Groups you have joined/unjoined.
  • Details about your Activity on these groups.

  • A list of people, organizations, or businesses that you choose to see content or posts from.
  • A list of Facebook pages that you follow/unfollow.

  • A list of third party apps and websites that you have signed into using your Facebook username and password.
  • This is a good way to understand what other people or apps might be accessing your Facebook account, and when.

  • The history of all of your searches on Facebook.

  • Facebook pages that you own or are the administrator of.

  • Information about events that you have received and how you responded to them.

  • A list of Facebook links, videos, places, and more that you have saved for possible sharing at a later time.

  • Information about your topics of interest, gleaned from how you interact with Facebook.
  • A list of advertisers that are in possession of your contact information.
  • Information about Ads you have interacted with.
  • Information you directly submitted to advertisers using a form they provided on Facebook.

  • Items you’ve purchased on Facebook Marketplace.
  • A record of messages you have sent to businesses on Facebook Marketplace.

  • A basic historical log of logins/logouts on Facebook.
  • A record of administrative changes to your Facebook account, such as password updates, and updates to contact details.

  • Other activity associated with your Facebook account, such as Pokes given and received.

  • A record of payments you have made using Facebook.

After reviewing your downloaded information, you might ask “How do I prevent collection of all or part of this information?”. Under the Your Facebook Information in “Settings”, select the “Manage Your Information” option.

This section is less user friendly, leading you down the path of seemingly arbitrary help links that may, or may not actually help you to prevent collection, or delete specific items of information. In short, you’ll need patience to navigate this area — Facebook has not made this as user friendly as it could be. This also means it’s worthy of future discussion in detail, in terms of how to get things done.

Removing Your Entire Account

The option to Delete Your Account and Information is a lot more user friendly than the “Manage Your Information” option, and allows you to permanently delete your personal information from Facebook data centers, and close your account.

Unfortunately, permanently doesn’t imply immediate. You’ll have to wait 14 days for this to happen, and will have to somehow resist the urge to re-activate your account during this time :) Following this period, Facebook requires an additional 76 days (90 days in total) to permanently delete all of your personal information from their data centers.


As a final reminder, once you have finished reviewing your Facebook information, don’t forget to delete the Facebook zip data file that you downloaded and empty your trash, as previously discussed.

In a future article, we’ll discuss new technologies related to deterring the distribution of personal information, including photographs and images. Blockchain technologies are already being developed that will help identify the original authors or owners of specific works of digital art, as discussed in this article by Bennett Garner, originally posted on

If you have any feedback, questions, or suggestions, please let us know.

Photo by Christopher Alvarenga on Unsplash

Originally published at


Entropic delivers innovative ways to protect your #privacy…


Entropic delivers innovative ways to protect your #privacy, while enabling you to continue using the products and services you prefer


Written by


Entropic delivers innovative ways to protect your #privacy, while enabling you to continue using the products and services you prefer.


Entropic delivers innovative ways to protect your #privacy, while enabling you to continue using the products and services you prefer

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store