Me And My Facebook Data #2

by Hang Do Thi Duc — Apr 12, 2017 / 13:00

What’s more important: the privacy of users or their security? That’s a hard question and it probably depends on many parameters. Security reasons are often presented to defend some kind of violation of our privacy. The government would say that mass surveillance by the government is necessary to find terrorists, for example, or, more project specific: Facebook would argue that they need to track the user’s location and their web activity to effectively protect the account information against hackers or access by others more generally.

This blog is not intended to answer the above question. Rather, the general purpose is to explore the data that is given to us by Facebook. So, let’s look at the security tab of my data!

In total there are 8 sections on this page:

  • Active Sessions
  • Account Activity
  • Recognized Machines
  • Logins and Logouts
  • Login Protection Data
  • IP Addresses
  • Datr Authentication Cookie Info
  • Administrative Records

There are no explanations of what each section means. I also wasn’t able to find further information in Facebook’s Help Center, only this general list of where to find different kinds of user data and what is included in the download.

Some observations I have made: Active Sessions only list dates with IP addresses since January 1, 2017. The title of those sessions are all »Unknown«*. Account Activity (i.e. »Login«, »Checkpoint Flow Started«, »Checkpoint cleared«) seems to be connected to Active Sessions as those records also only date back to January 1 of this year. Recognized Machines practically shows all the different ways I have logged to Facebook (e.g. from »Safari on my iPhone« or on »Spotify«). Logins and Logouts just lists the time stamps since the beginning of this year. Login Protection Data includes Cookie IDs with the time they were created, but also (again, without any explanation) shows IP addresses and »Estimated location inferred from IP« dated back to August 2016. IP Addresses lists, as expected, all IP addresses. Datr Authentication Cookie Info, I would say, is probably the least useful for us, but has caused big discussions about privacy in the past. Essentially, those Datr cookies store user browsing habits and are sent to Facebook from sites that have a Facebook Like button. Read more about this on BBC, TechCrunch, Guardian. Most of my cookies were only »seen« 1-2 times, with a maximum of 12 times once – what this means for me is that it’s good that I regularly delete my cache and cookies. The last section is Administrative Records, which also provides similar data points like Account Activity, but dates back to 2012 and include labels like »Password Change«, »Remove Profile Photo«, and »Security question and response changed«.
Now, just seeing a list of IP addresses is not very helpful in understanding the value of this data. So here is one way to visualize the security data Facebook has stored:

Active Sessions

Again, this only shows data for January to March 2017. You can see that I have been traveling.

Recognized Machines

This probably is the most comprehensive list of my online activity, not only where I was and when, but also what device/OS and service I was using since 2012. Some records even surprised me as I did not remember them, e.g. Al Jazeera America.

IP Addresses

These records don’t have any time stamps, but are interesting nevertheless. With an IP address one can determine the device location (area) – sometimes just the country, but often it is as detailed as the city. What I observed as well, is there are IP Addresses/locations that I definitely have not been, but I use a VPN quite frequently, so this is not such big surprise.

What I have not looked at so far is the actual time of the day of all my activities and if they at all cluster for example late at night. I’ll publish further progress on my GitHub.

 

*I would be curious to see if other people see something completely different! If you would be up for sharing your data and help me test (my code), you can contact me at hang[at]22-8miles.com, there is always the option to just delete sensitive information or just simply not include some files before sharing it with me.

Hang Do Thi Duc, New York/USA — Web Resident »Blowing the Whistle, Questioning Evidence« 2017

Hang Do Thi Duc is a designer-artist-technologist, whose work has been driven by her deep interest for the influence of media with its instrumentation of technology and data on society, and the implications this could have on our life and our identity. She holds a BA in Journalism and Media and has received a MFA in Design and Technology at Parsons School of Design, New York City as a German Fulbright and DAAD (German Academic Exchange) scholar.

View full profile

Loading GIF

Web Resident Hang Do Thi Duc

Me And My Facebook Data

Your Facebook data is available for download! This blog documents explorations of and experiments with this data. I will analyze and examine the information Facebook provides with alternative visualizations, so we can better understand the real value of our data profiles. Posts are by Hang Do Thi Duc, designer, artist, technologist.

Related Entries

Categories