[shnp]

I deleted my (outdated) phone number from facebook years ago and it's still part of the leak, with my name and gender in it. I did not replace the phone number with another phone number. Really says something about what delete means for fb.

[SamuelAdams]

Yep, my guess is they just pop in a flag that says "not current" or "former" or something. Think about what someone could do with this data though. They can unfreeze your credit report. Apply for a loan or credit card or mortgage. All they need is your name, DOB, SSN (or just last 4), and the last 3 addresses you resided at.

[frankacter]

How many years ago did you delete your phone number? This is not a recent dump of data, it is just recently been made more widely available. I believe the original leak was some time in 2019.

[shnp]

I moved out of the country mid 2018, and that was around the time I removed the number from every service I had it with. I tried to migrate to 2FA and authy since my phone number was likely going to change frequently. I also tried to switch over to twilio for services that required a number, but a lot of short codes reject it, which really sucks for someone who needs to change phone numbers a lot because of travels.

[kome]

that's illegal by European standards i think... i wonder if somebody has the money and the time to bring this to court. It would be necessary.

[disabled]

Apparently the Irish Data Protection Commission is going to bust Facebook.

Facebook leak: Irish regulator probes 'old' data dump: https://www.bbc.com/news/technology-56639081

I hope https://NOYB.eu is aware of this breach.

Of course Facebook, or even FAANG, for that matter, would keep all of the data that they hoarded from EU citizens, illegally. It goes along well with the Silicon Valley mentality (I am culturally American and I am from the west coast of the US, so I understand what is going on here. I also hold EU citizenship...)

The number one rule is "don't get caught". The "move fast and break things" mantra still holds well for Facebook. So, no surprise that they were sloppy with things, and got caught.

If you want to check if you were caught up in being Facebooked (data leaked), the download to the data dumps are here: https://archive.is/MZqak

I am furious at the moment because I found my (fraternal) twin brother's info in the data dump files. :-(

[dkersten]

> Apparently the Irish Data Protection Commission is going to bust Facebook.

I doubt it. They spent 7 years on a case against Facebook doing the absolute minimum necessary. NOYB are suing the Irish DPC in an attempt to get them to do their jobs. It’s a mess. Irish DPC apparently only investigated 83 GDPR cases and over 4000 “concluded without inquiry”. They only made 11 data protection decisions last year, compared to 600 by Spain whose data protection branch has a similar budget.

https://noyb.eu/en/dpc-cancels-parliamentary-hearing-eu-us-t...

https://noyb.eu/sites/default/files/2021-03/Letter%20Max%20S...

https://noyb.eu/en/facebooks-gdpr-bypass-reaches-austrian-su...

[disabled]

True. NOYB is basically the one doing all of the dirty work.

I donate to NOYB because they are actually the ones making sure this stuff is enforced.

There are great articles on the Financial Times about GDPR, tech regulation, emerging technologies, etc., that are on the spot. I remember one stating that all of the regulatory agencies for data protection in all of the respective EU countries were understaffed. It gave a great visual.

[Cthulhu_]

The EU does, they have often started anti-trust lawsuits so I don't see why they wouldn't start a GDPR / privacy violation lawsuit.

[2Gkashmiri]

i have had an idea. The last time i deleted my facebook account, it had been a 6-7 year old legacy thing and i ended up with manually deleting stuff, photos videos, contacts, calender entries. then waiting for months. I had an idea. This was back when "shadow profiles" had appeared on the news. i figured if i outright delete the account, maybe it would keep it in a "deleted because not coming back" DB. instead if i deleted stuff, maybe the idea would be "okay.. routine stuff.. delete"

apparently both my ideas were wrong but good thing i don't use any facebook property, don't use whatsapp or isntagram and am a hermit. I had telegram since 2015 but since signal whatsapp thing happened, i stopped using it. :-/

[paledot]

It's not illegal to soft delete your pictures, and it may be illegal not to in isolated cases where a court preservation order is in effect. It is, however, illegal (by the GDPR) to not hard delete your account on request.

[wbercx]

I deleted mine from Facebook years ago, and it periodically still tries to entice me to verify my number with it prefilled.

With that said my details do not appear to have leaked.

[prakashn27]

same with me. it has my number from deleted facebook account

[pytlicek]

The same here :/

[joe45643234]

> Really says something about what delete means for fb.

Since the storage of data is so cheap, any company will archive data, for future profit.

Why did you believe any data will be deleted in the first place? Were you counting that government will take action if it finds out? Are there any case like this in the past.

I find it surprising even programmers believe their data will be deleted by the company.

Most people even programmers believe a company will delete their data. Whats your background? Are you a coder?

[meiraleal]

> Why did you believe any data will be deleted in the first place?

Ethics? Morals? That is what we would expect from "delete my account".

[8draco8]

In EU there's GDPR and right to be forgotten. If I forbid company to store my data they're obligated by law to remove it from their servers.

[isbvhodnvemrwvn]

Not quite, only if the basis for processing is consent.

[d1sxeyes]

Also not quite. Chapter 3 Article 17 covers the right to be forgotten.

1(b) is 'withdrawal of consent', but note also 1(c), which refers to article 21, which allows subjects to object, and you should (as a controller) have 'compelling legitimate grounds' to continue processing (which is a higher standard than 'legitimate interests', which can be the basis for processing the data in the first place).