What is Shadow Profile?

You don't need a Facebook account for Facebook to have a detailed profile on you. Shadow profiles are the data platforms collect about people who never signed up.

How Shadow Profiles Are Built

Contact Uploads

• When anyone uploads their phone contacts to Facebook, WhatsApp, Instagram, or Messenger, your information is captured
• Your name, phone number, and email are linked together
• If 50 people have you in their contacts, Facebook has 50 data points connecting you to those individuals

Tracking Pixels

• Facebook's tracking pixel is embedded on millions of websites
• Even without a Facebook account, your browsing activity across these sites is tracked via cookies and browser fingerprinting
• This creates a browsing profile linked to your device

Data Broker Purchases

• Facebook has purchased data from brokers like Acxiom, Epsilon, and Datalogix
• This data includes offline purchases, income estimates, property records, and more
• It's matched to shadow profiles using email addresses and phone numbers

Third-Party Apps

• Apps that use "Login with Facebook" share user data that includes information about non-users in those users' networks

What Facebook Knows About Non-Users

Even without an account, Facebook may know:

• Your name, phone number(s), and email address(es)
• Your social connections (who has you in their contacts)
• Websites you visit (via tracking pixel)
• Your approximate interests and demographics
• Your relationship to Facebook users
• Your location (inferred from IP addresses and contacts' locations)

Facebook's Response

When Mark Zuckerberg was asked about shadow profiles during his 2018 congressional testimony, he said: "I'm not specifically familiar with that." Internal documents and lawsuits have since confirmed the practice.

Why You Can't Opt Out

• You can't delete a shadow profile because you don't have an account to make a deletion request through
• GDPR's right to access and delete technically applies, but enforcement is nearly impossible without knowing what data exists
• Even if you could delete it, the data would be re-collected from others' contact uploads

What You Can Do

1. Ask friends and family not to upload their contacts to social media (unlikely to work at scale)
2. Use browser privacy tools — block Facebook tracking pixels with uBlock Origin, Firefox's Enhanced Tracking Protection, or Brave
3. Use a VPN to prevent IP-based tracking
4. Minimize your digital footprint — the less data that exists about you, the thinner the shadow profile
5. Support data removal — services at /remove help reduce the broker data that feeds shadow profiles