Skip to content
by
  • Products
  • Free Tools
  • Search
  • Free Sophos Home
XG Firewall
Next-Gen Firewall
Intercept X
Next-Gen Endpoint
  • Sophos Cloud Optix
  • Sophos Central
  • Sophos Mobile
  • Intercept X for Server
  • Secure Wi-Fi
  • Phish Threat
  • SafeGuard Encryption
  • Secure Email
  • SG UTM
  • Secure Web Gateway
For Home Users

Sophos Home protects every Mac and PC in your home

Learn More
Free Security Tools
Free Trials
Product Demos
Have you listened to our podcast? Listen now

Facebook doubles cooling off period to cash in on your FOMO

05 Oct 2018 12 Facebook, Social networks

Post navigation

Previous: Google’s Intra app secures older Androids with encrypted DNS
Next: Wi-Fi versions to get names people can actually understand
by Lisa Vaas

Well, well, well, many of us are now thinking. Sure, Facebook was fun while it lasted.

But really, post-Cambridge Analytica/mega-breach/data slurping/fake news/Russian propaganda/et al., for some people it’s time to move on. Time to delete the account once and for all.

Well, if you’ve really decided, after all that, to finally thumbs-down the Face, get ready to wait a good, long time. In a move first noticed by The Verge, Facebook’s now doubled the time it takes to delete an account. It used to be 14 days, but now it will take 30 days before an account is killed.

This is actually for our own good, Facebook says. A spokesperson said that Facebook’s seen people who think they want to delete their accounts forever develop cold feet:

We recently increased the grace period when you choose to delete your Facebook account from 14 days to 30 days. We’ve seen people try to log in to accounts they’ve opted to delete after the 14-day period. The increase gives people more time to make a fully informed choice.

As The Verge notes, maybe this is a good thing. Maybe some of us aren’t really ready to ditch the relationship completely. Maybe we just need a time-out. A nice, long, 30-day break from the place that moves fast and breaks things, and the people who use it to be less than cordial.

24/7 threat hunting, detection, and response delivered by an expert team as a fully-managed service.
Learn More

But as for the rest of us, those who have carefully weighed the harm to our privacy or happiness that results from Facebook or other forms of social media, this feels a bit clingy.

Not to say that you’re acting like a Fatal Attraction bunny boiler exactly, Facebook, but we know that you know you’re losing your grip on users’ attention. As far as young people go, you lost them long ago. As of June 2018, the number of teens who say they use Facebook dropped to 51%, from 71% in 2015.

There are assuredly some users who decide they want their data back after they trigger the delete account sequence, but Facebook hasn’t said what percentage of account deleters that is (and presumably it’ll never be zero, no matter how long the cooling off period is).

So if you’re truly done with Facebook, once and for all, it’s going to take a month before the breakup leads to your data finally disappearing – if you want to start running down the clock, here’s how.


  • Follow @NakedSecurity on Twitter for the latest computer security news.

  • Follow @NakedSecurity on Instagram for exclusive pics, gifs, vids and LOLs!

Free tools

Sophos Firewall Home Edition

Boost your home network security.

Sophos Scan & Clean

Free second-opinion scanner for PCs.

Sophos Cloud Optix

Monitor 25 cloud assets for free.

Post navigation

Previous: Google’s Intra app secures older Androids with encrypted DNS
Next: Wi-Fi versions to get names people can actually understand

12 comments on “Facebook doubles cooling off period to cash in on your FOMO”

  1. Scott Johnson says:
    October 5, 2018 at 12:24 pm

    About a week ago I deleted Facebook. Thought about going back a few times (for about 5 seconds).
    I was going to type more but I’ve wasted enough time on Facebook. LOL

    Reply
    • Bentham says:
      October 5, 2018 at 2:06 pm

      You are saying “it’s over”, but Fakebook says “It’s complicated”
      What don’t they understand?

      They could just offer to let you download everything about you and delete
      Then if you change your mind you could load it back up!
      On second thoughts with FB security that might offer just too big a vector for mischief!

      Reply
  2. tc@noemail.com says:
    October 5, 2018 at 2:23 pm

    Why does this site have Facebook’s (and others’) widgets on it??? Time to practice what (I’m glad) you’re preaching: please eliminate those links.

    Reply
    • Paul Ducklin says:
      October 6, 2018 at 12:39 pm

      But we’re not preaching that you shouldn’t use social media or that you should never click on like/share/upvote widgets!

      After all, social media sites, used sensibly, are a fast, fun and effective way of sharing and learning about issues in cybersecurity.

      We have about a quarter of a million followers on Facebook, for example, and very many of them enjoy our content and thank us for the help and advice we share with them there.

      Simply put, we aren’t saying you should turn your back entirely on social media, any more than we are saying you should stop driving a car or never again use anything made of plastic.

      We do, however, report on cybersecurity news that’s relevant to social media, and advise you how to use social media platforms so as to enjoy the benefits without getting sunk by the risks.

      Reply
  3. maggotification says:
    October 5, 2018 at 2:26 pm

    What percentage of users are simply checking that their account has actually been deleted?

    Reply
  4. Idonthavefb says:
    October 5, 2018 at 3:00 pm

    I suppose that many who tried to login back again after 2 weeks… Were people that wanted to check if their account was really deleted… Than to get in facebook again

    Reply
  5. Fred Higgins says:
    October 5, 2018 at 3:37 pm

    If FB would provide the stats for attempted log ins after a delete request vs actual requests to recover a deleted account it would show that the primary reason someone would try to log in after 14 days would be to see if the account has actually been deleted.

    Reply
    • Astrofyziky says:
      October 6, 2018 at 5:14 am

      Fact. This was my exact same thought.

      Reply
  6. Matt Parkes says:
    October 5, 2018 at 3:46 pm

    For me it’s a simple decision ,based on common sense, we all know Facebook is a company whose business is marketing and advertising, not social media, this is the way in which it captures its revenue stream.

    If Facebook’s business model offends your sensibilities or morals then by all means leave, however fully armed with the knowledge that our personal data is going to generate money for them then we simply need to be sensible and put thought into what information we submit, if giving your phone number to FaceBook so that friends can contact you or to enable multi factor authentication is a big risk then don’t do it, make sure anything you post whether it be messages, pictures, video’s or anything you like, comment on or interact with is not going to cause you harm should it be shared with other organisations or if it were to be leaked or stolen by hackers.

    If every user were to be switched on then using FaceBook would not be such an issue. The world can be a bad place so you have to take precautions especially where children are involved and online platforms must assist us in weeding out trolls, criminals and bad actors in general but at the moment it is up to us to stay vigilant.

    Yes I like the fact that this platform can keep me in touch with friends and family with whom we are unable to meet up with face to face regularly and share memories and such but working in the Cyber security field also teaches me to be careful and that having such a platform for free means that there is a trade off and that is what ever I do or whatever i submit is collated and sold off to others. I say again, as long this interaction is not going to harm me personally or professionally then i can live with the rest.

    Reply
  7. Andrew says:
    October 5, 2018 at 5:01 pm

    Deleted my FB earlier this year (though I still have an Instagram account). It’s slightly harder to keep track of some events related to hobbies and local communities, but I don’t miss it. The CA scandal was probably what pushed my decision, but it was the nastiness of FB users that had me considering deletion for quite some time leading up to that.

    Reply
  8. Anonymous says:
    October 6, 2018 at 12:20 am

    Hmm.

    “We’ve seen people try to log in to accounts they’ve opted to delete after the 14-day period.”

    And how does FB know that? Only because they’ve kept the login details past the 24 day period.

    Reply
    • Paul Ducklin says:
      October 6, 2018 at 12:07 pm

      I may be wrong here but IIRC Facebook (and other sites too) quite deliberately keep a record of deleted accounts so that they can stop discontinued account names being re-used immediately.

      (Mobile phone companies do something similar with “dead” prepaid phone numbers – after N months of non-use they cancel your SIM but they keep the now-freed-up number on a list that stops it being re-issued for N×M months, which reduces the chance of abuse.)

      If you could re-register someone’s old Facebook account immediately because Facebook didn’t watch out for post-deletion login attempts, you could wait for people to announce that they’d just dumped Facebook and instantly create imposter accounts that would still have a lot of residual credibility.

      In other words, Facebook no longer knows anything about you, or even for sure that it’s you trying to login to the deleted account – but it’s a reasonable assumption IMO that at least some of these post-deletion login attempts are indicative of someone who’s trying to change their mind, only too late.

      Sure, some will be routine hacking attempts; some will be people verifying their deleted account no longer works; and some will be login typos. But keeping a list of deleted account names in not, of itself, a creepy thing and can help to prevent post-deletion account misuse.

      Reply

What do you think? Cancel reply

Recommended reads

Nov29
by Paul Ducklin
7

TikTok “Invisible Challenge” porn malware puts us all at risk

Dec29
by Paul Ducklin
14

The horror! The horror! NOTEPAD gets tabbed editing (very briefly)

Jan24
by Paul Ducklin
0

Apple patches are out – old iPhones get an old zero-day fix at last!

  • About Naked Security
  • About Sophos
  • Send us a tip
  • Cookies
  • Privacy
  • Legal
  • Intercept X
  • Intercept X for Server
  • Intercept X for Mobile
  • XG Firewall
  • Sophos Email
  • Sophos Wireless
  • Managed Threat Response
  • Cloud Optix
  • Phish Threat
© 1997 - 2023 Sophos Ltd. All rights reserved. Powered by WordPress VIP