Shadow Profiles: What are they and why do they exist?

Facebook has been in the new a lot this last month due to the Cambridge Analytica scandal. Users have begun deleting their profiles while others have their decision to not join reinforced. Unfortunately, it’s too late.

Even if you’ve you never been on the platform, signed up for an account, or accepted Facebook’s Terms & Conditions, they know who you are and have been collecting data on you. Okay, maybe not everyone but a lot of people.

When a user signs up for Facebook and creates a profile, Facebook wants to connect you to people you may actually know (hence the “People you may know” feature) but how does Facebook know you know them? Sometimes it’s based of geographical information but then you’d expect to see a lot of people you don’t know, yet, you really actually see people you know of or have interacted with. Well, Facebook has been watching you before you signed up and once you did, they pulled information from your Shadow Profile and used it to provide a more personalized experience for your actual profile.

So what is a Shadow Profile?

Shadow Profiles are created from information gather from active Facebook users.

When you sign up for Facebook, one of the first things you’re asked to do is link your contacts so Facebook can find your friends (I mean, that is the whole point right? Connecting with friends) so you say yes, give them access and they find people you may know.

But, what they’re also doing, is taking that contact information and creating or adding to Shadow Profiles to begin collecting data on people not signed up. Facebook does tell you they’re doing it. At the bottom they say, “Info about your contacts…will be sent to Facebook to help you and others find friends faster.” When you expand it to learn more,

“When you choose to find friends on Facebook, we’ll use and securely store information about your contacts, including things like names and any nicknames; contact photo; phone numbers and other contact or related information you may have added like relation or profession; as well as data on your phone about those contacts. This helps Facebook make recommendation for you and other, and helps us provide a better service.”

What’s missing is, “and we’ll use that information to build a secret profile on your friends and family“.

I don’t know about you, but I don’t like to delete contacts, I still have contacts for people from middle and high school (What? I’m a data person…). So I just handed over all that info to Facebook (sorry everyone.)

Facebook’s Reasoning Behind the Shadow Profiles

During his hearing with Congress, Mark Zuckerberg addressed the issue of Shadow Profiles. Rep. Ben Lujan (D-NM) asked Zuckerberg,

“It’s been admitted that you do collect data points on non-Facebook users. So my question is, can someone who does not have a Facebook account opt out of Facebook’s involuntary data collection?”

A totally legitimate question right? And we’re all thinking it! Mark’s response,

“Congressman, anyone can opt out of any data collection for ads, whether they use our services or not, but in order to prevent people from scraping public information, we need to know when someone is trying to repeatedly access our services.”

So Facebook is trying to protect us? Well, that’s what they’re claiming and I’m sure it’s true, to an extent.

In my opinion, data is gold in our world and people are literally giving Facebook every bit of data they and nearly anyone who can afford it, access to it. The more data Facebook digs up, the better they can target ads and encourage people to use their services.

Moving Forward

So where do we go from here?

Well, I know this may not be a popular idea, but some form of regulation is needed. This industry is new and developing and we are literally watching it evolve. Many things are coming to light that we had no idea about and it is far too late to go back and fix it but we can fix it moving forward.

The EU passed their General Data Protection Regulation which will go into affect in May. This requires companies to inform people exactly what data will be collected, how, and for what purpose. Failure to disclose this information will result in a fine or further punishment.

Implementing regulations that demand transparency will hopefully help rebuild the trust between the user and website. With all the the data breaches and misuse of data, we are scared to go online. Who know’s what’s being collected and what it’s used for? Having transparency will help eleviate some of these concerns.

Further Reading


So what do you think? Is transparency the solution or do we need to accept that our right to data privacy is long gone?


Featured image from Marco Bianchetti on Unsplash

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s