You Don't Have Facebook, But Facebook Has You: The Shadow Profile Problem
Meta builds detailed profiles on people who have never created an account using contact uploads, tracking pixels, and third-party data
One of the most unsettling aspects of Meta's data practices is the creation of what researchers call "shadow profiles" — detailed dossiers on individuals who have never created a Facebook or Instagram account. Through a combination of contact list uploads, website tracking pixels, advertising partner data, and social graph analysis, Meta accumulates substantial information about non-users without their knowledge or consent, creating profiles that exist entirely outside any relationship the individual has with the company.
The primary mechanism for shadow profile creation is the contact upload feature. When a Facebook or Instagram user syncs their phone contacts with the platform — a step the apps aggressively encourage — every name, phone number, and email address in that contact list is transmitted to Meta's servers.
Key Takeaways
- Meta builds profiles on non-users through contact uploads, tracking pixels, and social graph analysis without their knowledge or consent
- Zuckerberg confirmed data collection on non-users during 2018 Congressional testimony citing security purposes
- Belgium fined Meta €250,000 per day for tracking non-users through cookies and the ruling was upheld by the European Court of Justice
