In a recent feature article on Facebook and the "new privacy," I stressed how the company’s invasive data policy seizes lots of information from users, even after they quit the site:


Even if users terminate their membership, pictures of them posted by others remain online. But users can’t really quit, anyway. Like guests at the Hotel California, people who check out of Facebook have a hard time leaving. Profiles of former members are preserved in case people want to reactivate their accounts. And all users’ digital selves can outlive their creators. As the company’s "terms of use" explain, profiles of deceased members are kept "active under a special memorialized status for a period of time determined by us to allow other users to post and view comments."


The issue has generally received far less media scrutiny than user revolts over programs that spread people’s information, such as the "feed" controversy and protests against "social ads," though bloggers and social media observers have flagged this problem before. DavidNYC posted one of the more memorable pleas in December, "Delete My Bleeping Account, Facebook!"

Today the New York Times weighs in, with an excellent article by Maria Aspan:


Some users have discovered that it is nearly impossible to remove themselves entirely from Facebook, setting off a fresh round of concern over the popular social network’s use of personal data. While the Web site offers users the option to deactivate their accounts, Facebook servers keep copies of the information in those accounts indefinitely. Indeed, many users who have contacted Facebook to request that their accounts be deleted have not succeeded in erasing their records from the network. "It’s like the Hotel California," said Nipon Das, 34, a director at a biotechnology consulting firm in Manhattan, who tried unsuccessfully to delete his account this fall. "You can check out any time you like, but you can never leave." It took Mr. Das about two months and several e-mail exchanges with Facebook’s customer service representatives to erase most of his information from the site, which finally occurred after he sent an e-mail threatening legal action. But even after that, a reporter was able to find Mr. Das’s empty profile on Facebook and successfully sent him an e-mail message through the network.


That means the company is collecting potentially permanent digital dossiers for tens of millions of users, without their knowledge or consent. Set aside search engines, and Facebook is the third most popular website in the country. Over eight out of ten college students are registered on the site — it’s considered weird to be on campus without a Facebook profile nowadays. Yet despite its reach and remarkably aggressive data policies, few parents, universities or regulators have stepped up to consider what policies can protect the Facebook generation from Facebook.

Update: Facebook’s Brandee Barker sent in a response to this post:

"There are two different ways to remove your information from Facebook. The first is to deactivate an account. Once a user deactivates the account, his or her profile becomes inaccessible on the main Facebook service, and the data is kept by Facebook only to allow easy reactivation. The second option is to delete the profile altogether. When a user deletes his or her profile, personal information — such as name and all email addresses associated with the account — is deleted from Facebook servers. If a user decides to join Facebook again, he or she would need to create a new profile. We are working to better explain the simple deactivation process, and to ease the deletion process for those who want their personal information removed from our servers.