Melissa Rooney Writing

View Original

Why I'm Moving from Facebook to Blog

January 10, 2021  

From this day forward, rather than posting my thoughts, concerns, and daily theme song on Facebook, I will now post them on my blog. My reasons are outlined below. It’s time I take back ownership of my thoughts, my history, and my “newsfeed”. My blog is public, so if you’d like to know what I’m doing, reading, or thinking on any given day, you can always check it out and leave your comments here: http://www.melissarooneywriting.com/blog/. I’ll be sure to reply, so that we can continue the varied and worthwhile discussions we’ve had via Facebook. As always, I appreciate the support you’ve shown for my writing and personal wellbeing, and I truly hope we can continue our online relationship through my blog. Now for the explanation…

Three mornings ago, after trying and failing to fall back asleep, I grabbed my phone off the bedside table so I could listen to my morning theme song and post it on Facebook. But, unlike every other day, Facebook didn’t automatically connect me to my newsfeed; instead, it asked me to re-enter my password, which it rejected. I haven’t changed my Facebook password since I opened my account years ago, so I clicked on ‘reset password’, which thankfully enabled me to change my password and log in. However, before taking me to my newsfeed, another screen popped up asking me to enter a 6-digit code sent to my phone. I never gave Facebook my phone number (didn’t see why they should have it); so, of course, I never got a text with this code. I clicked on the link reading “Need another way to authenticate?”, which then required me to send a photo of my driver’s license to confirm my identity. I hesitated; but, after an Internet search revealed no obvious scams or otherwise nefarious behavior related to this request, I finally submitted the photo. After all, it didn’t contain my social security number or credit card information. A new screen then informed me that Facebook may keep my license photo to help identify counterfeit licenses unless I went to a certain page and chose to have Facebook delete the photo after 30 days (which required having access to my Facebook account). It also informed that Facebook would send further instructions by email to enable me to access my account but that this could take 48 hours.

I changed the passwords on all my Internet accounts and checked my email. There was no response from Facebook, though I discovered a message sent at 5:17AM that morning notifying me that my password had been changed by an ip address located in Tavares, Florida. I scoured the Internet trying to find a way to notify Facebook that my account had been hacked, but every suggestion required me to log into Facebook and access my account. I tried to log in a number of times, and Facebook let me successfully enter my new password; but I still could not access my account without receiving a 6-digit code on my phone or a “third party code generator”, neither of which was possible without access to my account. In spite of my Facebook withdrawals (the insurgency at the US capitol was the night before) and despite my inability to access my account, I am still receiving email notifications from Facebook when friends respond to my posts, mention me, or when new posts appear in my Facebook groups.

With varying success, I tried to ignore my anxiety for the next two days, becoming increasingly worried by the complete lack of correspondence from Facebook - not even an automatic email notifying receipt of my information (which included a copy of my driver's license!).

On the third morning (today), I still had not heard from Facebook, but I received an email notice from Paypal regarding a $8.45 charge from Facebook. I freaked out again, because I knew that I had not incurred this charge, and I filed a dispute with Paypal. (Filing a dispute with Facebook, of course, required having access to my account!) Then I tried to log into Facebook for the umpteenth time, only to be confronted with the need for a 6-digit code sent by SMS/text. So figuring that submitting the same information twice won't hurt, I clicked on the “secure my account” link and provided a photo of my driver’s license again, this time entering my business (non-Facebook) email address for follow-up communication, in case the hacker has access to the email address associated with my Facebook account. Then I logged back into all my Internet accounts and changed the passwords again, each to a unique 10-digit code that I will never remember without looking at my handwritten cheat sheet. This took hours, during which I somehow still lamented not being able to post my daily theme songs and check my Facebook newsfeed. 

By evening, I received an email from Paypal rejecting my dispute, because “The payment in question was sent as part of a billing agreement [I had] previously set up with the merchant” (in order to pay for sponsored Facebook posts related to my books). Thankfully, Paypal also informed me that they’ve “now canceled this agreement to prevent any other unwanted transactions.”

I scoured the Internet again to find a way to notify Facebook of my hacked account (and unauthorized charge) without having to access my Facebook account, and I finally found a link (via a third-party site) that enabled me to report a login issue. I filled out the form, attaching screen shots of the disputed charge and the password change I hadn’t initiated, as well as the photo of my driver’s license to verify my identity. This offered little relief as, far from showing genuine concern, the page promises only that, “While we don't reply to every report, we'll let you know if we need more details.”

This whole experience has left me feeling abused and vulnerable. My husband has warned me repeatedly that Facebook is ridiculously and perhaps purposefully weak in its security - the company doesn't give a hoot about protecting or abusing its users' data; but I figured that, if I didn’t enter my social security number or credit-card information directly, all I had to fear was somebody sending obviously spammy messages to my Facebook friends, all of whom should know they are taking the same chances that I am. In the meantime, in trying to keep Facebook from having my phone number, I ended up giving them my driver’s license! (Turns out, when I search Facebook for accounts associated with my phone number, my account turns up anyway, along with another account I can’t access.)  

As I wait for Facebook’s response (or not) to my login issue report, I am trying to see this whole thing as a blessing in disguise. I've been using Facebook way too much throughout the day; maybe I need a wakeup call. But, more than that, it is now crystal clear to me how vulnerable Facebook users are to being hacked and how much of a danger this poses. Unlike me, many people actually do enter their credit card information, not just to pay for Facebook/Twitter advertising but to actually buy stuff on Facebook. And given the events over the last several years, it’s obvious that we cannot trust Facebook with any of our data. 

What’s worse, in its (so-called) attempts to minimize misinformation and propaganda from foreign or unidentified sources, Facebook is confirming its users’ identities not only by requiring photos of driver’s licenses or other ids (see https://www.linkedin.com/pulse/facebook-coerces-victims-fraud-upload-birth-voter-id-card-scheinker), but also social security cards, bank statements, and even medical information (see https://kmph.com/news/local/facebook-is-asking-people-to-submit-their-ids-to-prove-their-accounts-are-real). Given the company’s record for using members’ data for financial gain without permission, you’d be a fool to trust that Facebook will completely delete this sensitive information once it is used for their stated purposes.

I don’t want to lose my whole FB account, you know? So many pics, memories, thoughts and conversations, not to mention Facebook’s networking and marketing reach. But Facebook isn’t getting anything more than a photo of my license (which I already regret giving them). It's become clear that, though I may still need to maintain my author and books’ presence on Facebook, weaning myself from the platform can only be a good thing. After all, I don't have a choice; I still haven't heard from Facebook.

Therefore, from this day forward, rather than posting my daily theme song, thoughts and concerns on Facebook, I will now post them on my own blog. It’s time I take back ownership of my thoughts, my history, and my “newsfeed”. My blog is public, so if you’d like to know what I’m doing or thinking on any given day, you can always check it out and leave your comments here: http://www.melissarooneywriting.com/blog/. I’ll be sure to reply, so that we can continue the varied and worthwhile discussions we’ve had via Facebook. As always, I appreciate the support you’ve shown for my writing and personal wellbeing, and I truly hope we can continue our online relationship via my blog.

Sincerely,

Melissa (Rooney)

..........................................................................

If you have a Facebook or Twitter account, can you please crosspost my article at the link below? (Just copy the url in your address bar (above) and paste it into your FB or Twitter post.) At least in the short term, I have no other way of informing my FB/Twitter contacts that I’ve been hacked to this degree. It can apparently be very hard to get back onto Facebook once they start requesting government documents to verify your identity. What’s scary is that the hacker is freely stalking the platform in the meantime.

Thanks for your help! Maybe it will prevent others from finding themselves in my situation.

.............................................................................

More articles related to Facebook’s requirements of sensitive personal information for identity purposes:

https://www.linkedin.com/pulse/facebook-coerces-victims-fraud-upload-birth-voter-id-card-scheinker

https://theconversation.com/facebook-wants-to-combat-fake-news-with-id-checks-with-grave-implications-for-our-privacy-116569

https://nationalpost.com/life/are-facebooks-identity-demands-illegal-social-network-criticized-for-requiring-personal-documents

https://www.wired.com/2015/06/facebook-real-name-policy-problems/

https://www.idtheftcenter.org/facebooks-real-name-policy-asks-for-personal-identification/

...........................................................................................