Mixed Feelings After My Conversation With Facebook.(updated)

Warning: According to Facebook you are not allowed to read this post, so beware.

Perhaps you know that a few days ago I bought information about 1 million FB users from a website for the meager amount of 5 US dollars.

Anyway, I received a strange message that FB wanted to talk to me – someone from a deprtment called “Policy” which in my opinion was an euphemism for “Police” and unfortuntely it turned out to be so.

Our conversation began exatly on the agreed minute and with the warning that it “is being recorded”. The part where they usually say that it is for the purpose of “improving the service” was spared.

They thanked me for what I have done but they also asked me that I did not share the information about our talk in my profile (?!?) and my blog.

“Now we would like you to send us this file, delete it, tell us if you have given a copy of it to someone, give us the website from which you bought it including all transactions with it and the payment system and remove a couple of things from your blog. Oh and by the way, you are not allowed to disclose any part of this conversation; it is a secret that we are even having this conversation”.

I agreed to send them the data and the website of course, for that was my purpose. I tried to ask what they would do next but they said it would be an internal legal investigation.

I asked if it was possible to tell what the problem was, after they finished the investigation, so that the users could protect themselves, but they they emphasized that it would be an internal investigation and they would not share any information with third parties. And they mentioned again that I must not tell about it to nobody, because…

The overall tone of the conversation was very imperative, it is Facebook after all.
Warning: According to Facebook you are not allowed to read this post, so beware.

More versions of that same story:



, ,




142 responses to “Mixed Feelings After My Conversation With Facebook.(updated)”

  1. Otto de Voogd Avatar

    Facebook needs to find the culprit application that leaked this information and punish them, not try to cover up this leak. The fact that they are investigating would be a positive but their apparent attempt to try to make this event disappear is a negative. Mixed feelings for sure.

    1. Bogo Avatar

      They will investigate!

    2. Timmyboy Avatar

      I’m guessing the app that leaked this info is called “facebook”

      1. Vince Avatar

        I think you are a very astute individual.

      2. Rajeesh Avatar

        LOL !!!

    3. tom Avatar

      No… once you put all of your personal info on facebook, a social network, along with pics of you puking in your friends bathtub with your pants down, you’ve already forfeited your rights to privacy. Get over it.

    4. Trigger1221 Avatar


    5. Anthony Avatar

      You’re kidding right? Facebook is practically a massive data mining corporation, they don’t care about your personal information or privacy AT ALL! Get serious, never post anything even remotely important on facebook. They won’t ever delete your info from their data bases and who knows who they give the info to. The government, obviously, but who else?

    6. sky Avatar

      I think it should go beyond finding the culprit app; revise protocols, terms, restrictions and information application developers have access to.

      But yeah, I agree with you. having mixed feelings about this too. :|

  2. Caspy7 Avatar

    You naughty boy.

  3. nagisa Avatar

    Now I’m too interested in that data.

  4. bearnik Avatar

    I agree … when sombody is in fail they should … must … take some measures … but come on – to delete your post because of your own fail is FAIL! big time

  5. HaHa Avatar

    Shhhh They said it was a secret so you can’t share… cause they said SO! lol

  6. howdoilaw Avatar

    You’ll be okay. That’s now how nondisclosure agreements work.

    You can’t just call someone up and tell them that they’re now legally bound by an NDA to keep the fact that you called them secret. They’re trying to scare you.

    By the way, now that you’ve read this comment, you are legally bound to keep it a secret.

    See how weird things would get if that’s how it worked?

  7. Godfodder Avatar

    You would think they would be a little wiser about the laws of recording phone calls, and that you don’t need their permission to print the conversation. Good for you for being smarter than them, even if they are setting the bar low.

    1. Anon Avatar

      They are being wise about the law: some states are “one party consent” where others are “two-party consent”. In a two party consent state, both (all) parties must agree to the recording otherwise it qualifies as the crime of wiretapping (this usually applies to in-person conversations where there is an “expectation of privacy”, often with exceptions for recording of public figures). The warning makes sure that the other party has the chance to consent to the recording (not hanging up).

  8. Jigar Shah Avatar

    And irony is FF is doing fb integration within..got reasonable explanation of as it works like “uninstalled addon” and its done within to make it “one click” process…Still not sure why its still like this….

  9. RNiK Avatar

    All your base belongs to Facebook. :D

  10. R Avatar

    How did you verify that the caller was actually from Facebook?

    1. Bogo Avatar

      Actually I can’t confirm that. The request came from @fb.com email address.

      1. Josh Avatar

        You do know that anyone who has a facebook account can have a @facebook.com email address, right?

        1. Bogo Avatar

          I am talking about @fb.com

          1. Rod Avatar

            make sure to check for email headers. It could be a spoof also

      2. AP² Avatar

        Did you actually verify the server it was sent from? Email isn’t exactly the most trustworthy medium unless you’re using some kind of signing layer.

  11. Tamil Kaz Avatar
    Tamil Kaz

    Will you make this information publicly available?

    1. Bogo Avatar

      What info do you mean?

  12. fool Avatar

    Well, you include facebook.net here. Everyone who visits this site and does not block this request reveals his/her visit here to facebook.

  13. Steve Avatar

    It’s not a leak. This information is in the public. Accounts that don’t set appropriate privacy settings are ripe for the picking. It’s a trivial task to have a bot scrape through these publicly accessible profiles and compile all the info into a handy spreadsheet.

    I have my doubts that the message was really from Facebook, it looks like it was written by 15 year old.

  14. pfikus Avatar

    well did you get your $5 back?!??

    1. Bogo Avatar

      Not yet :)

  15. Maddy Avatar

    How dare you do something such as share personal information without facebook’s express permission to do so! Have you no ethics?

  16. gavin Avatar

    facebook inc = fbi

  17. C Silver Avatar
    C Silver

    Had this been a Federal investigation, you might have cause for concern as a whistleblower. The real motivation behind contacting you might be to merely silence a leak about a normal data exchange procedure between FB and agencies investigating the transitory nature of potential enemies of state.

    1. Bogo Avatar

      No way, dude!

  18. katmandu Avatar

    What info on your blog did they want you to delete?

  19. Joe Ramone Avatar
    Joe Ramone

    So are you sure this is even facebook and not some scammer?

  20. Josh Avatar

    They have top men working on it. Top…men.

    1. Bogo Avatar

      I am batman :)

  21. Mo Avatar

    Facebook will be sending out their henchmen soon. Good luck.

  22. Troublemaker Avatar

    dat data…

  23. ccrewe Avatar

    I am over facebook. I have just deleted my account, and set up a fake account which i can use for sights which require me to have facebook.

    1. Gosha Avatar

      Wow, “sights”. Beautiful.

  24. Ashton Avatar

    I wanted to post a link to this article on my Facebook wall to let others know about this. I didn’t do it because I’m afraid Facebook will delete my account if I do.

    1. Bogo Avatar

      They will not. Don’t be afraid!

      1. peasey Avatar

        but they may sell your details as punishment…. lol

    2. Sir Alex Avatar
      Sir Alex

      Trust me. You will manage without a fb account.

  25. Adzik Avatar

    I would like and share, but I’m afraid of Internet Police.

  26. Nomadic Hayward Avatar
    Nomadic Hayward

    I would like to see validation that the phone call and email you got was actually from Facebook (for example, did you verify the email headers hadn’t been spoofed?). Because lets face it, their initial correspondence message stinks of scam!

  27. Crow Avatar

    Where they say, “it is a secret that we are even having this conversation,” reminds me of when I was a kid and I would hear a schoolyard secret. “Hey, Crow, Alex peed his pants today! But don’t tell anyone, it’s a secret that we’re even talking… Now go!”

    Fuck Facebook, this is hilarious and their threats are laughable.

  28. Tammer Salem Avatar
    Tammer Salem

    Lol! Very funny exchange with fb. I wonder what their reaction would be if you had told them you had all 1 billion users details that tou had purchased for £10 ? I really think they would have sent around a hitman with a blue shirt (and no like button).
    If you did have thatany details what mischief could you get up to? Pictures of your backside emailed to everyone subject: zuckerberg drunk photos

  29. Freethinksman Avatar

    I’ll give you $3.50 for the list. It’ll still have been a better investment than if you had bought $5 worth of Facebook stock at its IPO.

  30. chaos1 Avatar

    tweet, facebook like, g+, trololol, upvotes.

  31. Biff Avatar

    Screw Facebook

  32. Robin Avatar

    I don’t know why everyone freaked so much on this. You can find any username – full name and email address of most users in Facebook. Depending on the profile’s privacy..

  33. tim peterson Avatar
    tim peterson

    Why are you even dealing with these losers? Just delete your account already. I haven’t had an account in over 2 years and guess what, i’m pretty fucking content.

  34. Alfred J. Nonnymouse Avatar
    Alfred J. Nonnymouse

    “According to Facebook, you are not allowed to read this post.”

    …why hello there, Streisand Effect.

  35. Ryan Tan Avatar

    Sometimes it’s imperative to keep investigations under cover for it to be effective at all. And it’s usual to take any external parties as untrusted until proven, so that may be why they couldn’t get you too involved as well.

  36. yamo Avatar

    That’s rich.. I’m pretty sure you sent that entire list to someone else entirely who doesn’t even work at Facebook.

    You’re saying the person’s domain e-mail was ‘@fb.com’?

  37. NorgeMag Avatar

    Disturbing, not only that you were able to buy that amount of info for just 5 bucks (makes me question how good the info actually is, or how creepy the source), but more so that Facebook, instead of publicly taking action, is trying to hide yet another privacy snafu from the public.

    As one commenter so cleverly remarked, the app leaking the info is called Facebook! The only way to keep your information safe is not to put it on FB in the first place, and I deal with privacy issues and data security professionally…

  38. Strobe Avatar

    Facebook makes money because they have your information. If they’re not selling it or access to it they would make nothing. I’m not sure why this is surprising or why anyone thinks this will stop. Your information changing hands is the business model.

  39. Anon Avatar

    I’m interested in what legal theory they think prevents you from sharing this conversation.

  40. HelloChampion Avatar

    Ahahaha! So you sent them the data you paid five dollars for? You don’t even know if it was Facebook? @fb.com sounds very fishy to me.
    I think someone just played you somehow. Maybe a reader read your post and wanted the data, then pretended to be Facebook and you gave it to them for free?

    This sounds likely and very silly.

  41. ConcernedUser Avatar

    Could you please do the same to Linkedin? I feel like they’re even worse offenders. They scrape your entire Google contacts in the blink of an eye. I know several people (including myself) who’ve asked Linkedin to delete the contacts that were stolen from them – and Linkedin just deactivates or deletes their accounts (they don’t delete their personal data). Linkedin is a data-miner of everyone’s e-mail contacts; they create pop-ups and emails until you accidentally authorize them to take hard-earned contacts and then they make a profit and require you to pay monthly for an account to continue effective networking.

  42. FarceBoook Avatar

    The first rule of FarceBoook is, you will not talk about FarceBoook.

    /also, this comment has not been posted.
    //you will not read this comment.

  43. JUlien Avatar


  44. adsfaD Avatar

    Dude, Proofread before you post.

  45. dackdel Avatar

    host the data up somewhere and sell it for 5$. you will get a lot of 5$.

  46. DUMB ASS Avatar

    Who cares everyone already knows you can buy profiles for cheaper and easily.

  47. paleblued0t Avatar

    So I highly doubt anyone who owns an app with that many active users would leek this kind of information for 5 dollars.

    Although a script kiddie with too much time on their hands might.

  48. someone is here Avatar

    Do you still have your Facebook account?

  49. concealment Avatar

    I think they’re overstepping their bounds on this one by being enforcement-oriented against you. It’s clear you bought the data to blog about it. You also took pains to conceal it and hide the method of its distribution. It is unfortunate they took this heavy-handed tack, since that’s how corporations usually get this wrong.

    The focus, of course, should be on finding the hole used to retrieve this data.

  50. Shabbir Avatar

    Did they have any reason to receive the file meaning did you have any legal obligation to hand it in ? why not sell it to a newspaper as a story with proof.

  51. Nick H Avatar
    Nick H

    Do you know how old this data? The first thing that came to my mind when I read this article was everyones Facebook profile information that was leaked a few years ago…

  52. codeyuppie Avatar

    “Facebook Attorney X, this conversation is the private exchange between the parties and is not subject to monitoring by any third party.”
    yak yak yak
    “Interesting. I conditionally accept your offer to (answer your questions/obey your demands) on proof of claim that I have consented to subject my person to your jurisdiction in this matter. You may submit said proof for my inspection via private registered mail. Pleasant day.”

  53. Jack C. Avatar
    Jack C.

    facebook needs to die!
    same goes for apple!
    and videogameconsoles!

    1. AC Avatar

      Jack C I like your veiw point if not your militarism.

  54. Juliana Avatar

    I shared this. On facebook.

    1. asd Avatar

      Watch out, we have a badass over here!

  55. Chris Avatar

    Just posted a link about this on my profile. We’ll see how long it and my profile stay up and active, but I was thinking of removing my profile recently anyway so if it happens to come to that, no biggie.

  56. Damon Avatar

    After seeing your story on Reddit I read in the comments that you can disable the app platform to prevent all apps from accessing information about you.

    Apparently sometime after that comment was posted, opting out no longer works and the AJAX request returns a 404. It’s impossible to opt-out.

    Privacy Settings > Ads, Apps, and Websites > Turn off

    Posts to https://www.facebook.com/ajax/privacy/platform_optout/.

  57. Leo Avatar

    …and now it’s on the front page of Reddit. Gotta love the internet! LMFAO!!

  58. dc Avatar

    At least now the people you bought the file of are aware that Facebook is after them. If they built that database through legal means, and sold it to a lot suck^H^H^H^Hcustomers, good for them, they have no reason to be afraid. If they used voodoo, I guess they may have to hide for a while.

  59. Andy Avatar

    People who think the government is out of control should pay attention this. Thanks Bogo.

  60. Mark Zuckerberg Avatar

    I thought we told you to keep it zipped god dammit!


    1. Greg Avatar

      +1 for this guy.

  61. P. W Avatar
    P. W

    you sure the email actually came from facebook? It’s not hard to spoof a from address in an email. You’d best look at the email headers and determine the source IP address of the email, then do an ARIN lookup of that IP to see if it does indeed belong to facebook.

  62. SK Avatar

    Does not appear to be a scrape. The emails are not public and not a former data scrape from former leaks. This might be a real leak.

  63. Obvious Avatar

    You should have sold it to them for a $1,000,000 fee. Why on earth would you give it to them or put up with their strongarm attempts. Who the hell do they think they are? They’re just a stupid website…

  64. Tomaz Z. Avatar
    Tomaz Z.

    You should’ve pledged the fifth.

  65. foobar Avatar

    fuck the police – im reading it

  66. Bryce Avatar

    hmmm i wanna know if MY name was on that list!!! thats not fair

  67. ja Avatar

    syknet is activated


  68. James @ Free in Ten Years Avatar

    Luckily for me, I’ve already cancelled my Facebook account so I’m hopefully immune from the Facebook Police.

  69. Notasnitch Avatar

    You’ve just become a snitch for a criminal organization, and behave like an citizen of oppressive police state (replace with oppressive police corporation). You must be so proud of yourself.

    And how brave you for being open up about it. I will nominate you for the Nobel Peace Prize 2013!

  70. Mr Burble Avatar
    Mr Burble

    In this country you can’t sign away your civil rights.

  71. Melultu Kibsu Avatar
    Melultu Kibsu

    So weird that Facebook doesn’t know of or understand the Streisand effect.


  72. Corelianer Avatar

    Everyone that thinks his data on facebook are only visible for his friends are naive. Maybe FB should replace their “privacy policy” by this:

    “We try to protect your Facebook data, but it’s highly likely that we will fail some day.
    Do you agree that all data on Facebook possibly can be viewed and copied to companies and individuals on anywhere on the world?”

    [ ] YES I agree that unwanted can possibly view my data
    [ ] NO sorry dude you don’t have Facebook so you are not cool

  73. Pavel Avatar

    Next thing you know, they will send you somebody to tell you “if you don’t delete this, you will sleep with the fishes”.

  74. Jake Avatar

    You should’ve charged them quite a lot of money for that conversation and that data file. After all you’re doing their security work for them. Wait, did I just suggest that Facebook does security work? Who am I kidding, they simply do brute work!

  75. Doug Avatar

    Ya I shared this on my wall. If they care enough to go through and delete 3.1k users (or more) just for this, well have fun with that LOL.

  76. Jj Avatar

    Regardless of your intent you will most likely be charged. This is no joke. I wouldn’t get too comfy if I was you. Not on the bad side trying to scare you but on the good side trying to help you brother.

  77. Pływanie Avatar

    Nice… Great that you didn’t made the conversation a secret!

  78. Daruka Malone Avatar
    Daruka Malone

    Fuck Facebook and the KIKE roach Schmuckerberg.

    KIKES control the USA and want to control the world.

    Biggest mistake in history. shutting down Auschwitz

    1. thelabrat Avatar

      Lets hope the Mossad don’t reverse-engineer your IP.

      Bombs away!

  79. KK Avatar

    Get a freaking life dude. So FB is evil. Boo hoo.

  80. RG Avatar

    Even if you delete you account on FB it still has your information in there. It just set not to show your record. I am 100% they do no delete any user info.
    So the only thing I can think of is to change your info let it sit for sometime and only then delete profile.

    1. Aleksandra Avatar

      I’m sure they have saved history of all the changes. It would be too easy ;-)

  81. Sports Fan Avatar

    Wow. This make Facebook look really bad.

  82. Shit Avatar

    Fuckbook is bullshit

  83. SeoKungFu Avatar

    Well, we just read it and some of us even shared it further :)

  84. Jim Avatar

    Poor attempt at getting visits to your shitty website..

  85. Phoxx Avatar

    Fuck the scumbag roach Daruka Malone (see 3rd comment above).
    He thinks he controls the USA and wants to control the world.
    Biggest mistake in history, his mom choosing to have him.

  86. Eduardo Saverin Avatar

    Mark must die, your true!

  87. T Fernand Avatar
    T Fernand

    “The overall tone of the conversation was very imperative”

    Facebook’s attitude and behavior is quite despicable. I’m glad still that there are people like you who help us stay informed. Keep up the good work!

  88. Nawilżacz Avatar

    Facebook shoot himself in the foot. Good job Bogomil!

  89. Semi Essessi Avatar

    Good stuff, don’t be intimidated by the bs and do the right thing. I hope Facebook can’t silence you, and that the spirit, rather than the letter, of the law is applied with regard to any charges brought against you.

    Good luck.

  90. john doe Avatar
    john doe

    “security” by bullying in its best

  91. Ross Kemp Avatar
    Ross Kemp

    Hye, can you repost the torrent link again , downloaded a copy thanks, but wanted to send it to some mre peeps

  92. Azad Laxman Avatar
    Azad Laxman

    I dont think there’s anything wrong in here, cuz mark stole the data too during initial days of FB, how can they claim this to be wrong?

  93. VaBeachDad Avatar

    Ha! I love that whole response by FB! “We would like…:” – as if they’re asking you to do them a favor – “you to jump through all these hoops, give us all this information, and you are not allowed to tell anyone!” What are they going to do? Destroy your Farmville farm? Un-Like your profile?

    You did a good thing, the right thing by notifying them in the first place. It’s a shame you had to deal with some twit with delusions of authority. Methinks he should go back to writing stern memos about the proper positioning of paper clips in desk drawers.

    You should ask them to reimburse your $5, pay you a reasonable fee for all the time involved in complying with their dema…er, ‘requests’, and require them to put their blog-editing and secrecy demands in writing so you can make some First Amendment lawyer (and yourself, of course) wealthy.

    Doncha just hate it when you try to do good and some schmuck tries to play Man in Black on you? He needs to be reminded he works for FB, not FBI.

  94. Tobias Avatar

    Good step – keep it up …

  95. Mustapha Avatar

    Did you get back yours 5dollar?

  96. Lee Avatar

    Ah, those FB bastards, instead of being humble and polite, they opted for the brute force approach of the matter that, as a matter of fact, is about their incapacity to provide a safe environment for their pricy piece of crap called faceshart. What did they thought when they tried pedal to the metal approach? Did they truly believe that Bogu would shit his pants and…beg for forgiveness? Silly assholes, I sometimes wonder why and how it happened that faceshart has so many suckers then, I realize that we are living in a depersonalized world and we crave for friendship and attention while the sharks are munching on our despaired weakness.

  97. Toni Avatar

    Към автора. Изпуснал си една буква в думата “exactly”.

  98. MSPS Avatar

    The monster starts to bite his own tail…

  99. thelabrat Avatar

    @bogomep –

    Good job, keep it up.

  100. ABel Avatar

    Fuck the policy!! haha

  101. Bums Avatar

    Fuck Facebook.

  102. Álvaro Felipe Avatar

    That’s why I always use fake emails for everything round Facebook.

    Thanks for the info, Bogomil.

  103. martin jones Avatar
    martin jones

    >>”I asked if it was possible to tell what the problem was”

    it seems clear to me from your blog post, that the seller obtained the email address via Facebook applications that they have developed.

    When you add a Facebook application to your account, some applications ask you for permission to obtain your email address, though the way facebook has designed the permission request dialog box, its easy to miss the part where it says you are going to let the application have your email address.

    It seems obvious to me, that the person you bought the user details from, had apps that were collecting user details including their email addresses, and thought they could make extra money by selling those details on to third parties.

    In the past i have added a facebook application without reading the permissions request page, and after i added it i realised i had accidentally given permission to the app to access my email address. Not long after that, the email spam started arriving from the application.

    I think facebook should make it much harder if not impossible for apps to access user’s email addresses, and the permission request page should highlight very clearly when the app is requesting permission to access that users email address.

    I have recently found a browser extension called “FB Purity” that will actually do this, it also adds a “Block application” button to facebook application permission request pages, so if you dont like the look of the app, and dont want the app to get any of your user information, you can block the application then and there. It also highlights any permissions such as requesting email addresses, or the ability to post to the users wall. It works quite well, you can get it here, if you are interested: http://fbpurity.com

  104. […] los datos y que borrara el post en el que denunciaba la compra, Shopov ha publicado otro en el que explica la llamada por parte de la red social. Vamos, que el culebrón continúa, y los datos personales de los […]

  105. mohammad Avatar

    fuck facebook…the addictive social network….disables us…spy on us…and then what….wen should suck their cock too…mother fuckers

  106. Anonymous Avatar

    typo: ‘someone from a deprtment called “Policy”’

  107. susi linux Avatar
    susi linux

    Why didn’t you SELL the data to FB? I’d say it can be worth some thousends of dollars…

  108. Martin Avatar

    lol, nicely done :D

  109. […] Oh, this is not the end of the story. I ve’got a phone call from them. […]

  110. Adam Avatar

    Man, you just got yourself on US Defence Department’s list as a potencial terrorist. Do you even realize who those people are? It’s like messing up with mafia. Should anything happen, you will be one of the first they will deal with. Is your personal integrity and the opinion of anonymous Internet users really more important than your and your family’s life? Pick only those battles you can win. If I were you, I would delete those posts, contact them again and send them all the information they require together with apologizing for your rebellious and irrational attitude. And I suggest this as a bystander, with best intentions. Good luck.

  111. Jamel Lindsey Avatar

    This next chart just shows the gun ownership per capita rate for the “developed” countries, or the members of the Organization for Economic Cooperation and Development (OECD). That basically means the world’s rich countries. Some of them, such as Switzerland and Finland, are actually among the highest-ranking countries in the world by gun ownership rates. But the U.S. is still way, way ahead. Keep this chart in mind the next time someone compares U.S. gun ownership to Switzerland or to Israel.

  112. […] Bogo finit par acheter le document, le parcourt et retrouve plusieurs de ses friends Facebook dans la liste. Il publie l’info sur son blog…le lendemain, l’équipe “Plateforme Policy Facebook” (la police de FB ?) le contacte, le plus drôle par le biais de sa messagrie FB, pour fixer un rdv téléphonique. Lors de la conversation, enregistrée, on lui demande de transmettre le fichier, l’adresse du site sur lequel il l’a trouvé, les détails de la transaction financière et encore plus drôle d’effacer le fichier et de ne rien dire à personne ! (fallait y penser). Bogo s’est bien-entendu donné un malin plaisir à retranscrire l’échange. […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: