Facebook icon dripping poison from small glass bottle

Jason Reed/The Daily Dot

How to ‘poison’ your data before you delete Facebook

A developer created a script that updates your Facebook posts with gobbledygook.


Christina Bonnington


Posted on Mar 29, 2018   Updated on May 21, 2021, 8:08 pm CDT

Over the past few weeks, we’ve learned a lot about Facebook, Cambridge Analytica, and how Facebook uses your data. The revelations have pushed many users—including some brands and celebrities—to leave the social network altogether. Rather than simply deleting your profile or profile information, however, some are advising a slightly different tactic to protect your online identity: tainting that data.

Developer and former systems administrator Kevin Matthew published a script that goes back through your Facebook posts and edits them with randomly generated characters.

Based on his knowledge as a systems administrator, Matthew explains that “even by conservative assumptions, your data never really disappears permanently” when you deactivate or delete your Facebook account. With that in mind, the next best thing, he argues, is to go back through your history on the social network and “poison” (or otherwise obfuscate) all that data.

Matthew wrote a CasperJS script that does just that, automatically editing past posts with either random or pseudo-random letters. For this technique to be most effective, you wouldn’t do it just once. Mathew proposes editing all of your Facebook data with this script roughly five times over a three-month period so your original data is sufficiently scrubbed from Facebook’s multiple, redundant backup systems.

Mathew details his full reasoning, the technique, and how the script (which is really just a proof of concept) works in a blog post. It’s possible that the script could be a violation of Facebook’s terms of service, since it could be considered to impair or disable the proper functionality of Facebook. If you decide to give it a shot, keep that in mind.

In an interview with Vice‘s Motherboard, Mathew says that his main goal in creating the script isn’t necessarily for it to make a huge impact among Facebook users, but rather to draw attention to the lack of “right to be forgotten” laws in North America. Since the passing of such laws in Europe, Google has fielded more than 2.4 million requests to remove URLs from its search engine to protect peoples’ privacy.

In the U.S., we have no such laws. If Facebook or other social aggregators sell or collect your data, you typically have no legal recourse for getting it removed.

H/T Motherboard

A note from Daily Dot Bazaar: If you’re looking for a VPN service that doesn’t track you, IPVanish is currently running a promo for two years of service for $3.33 a month.

Share this article
*First Published: Mar 29, 2018, 7:25 pm CDT