Protect your privacy on Facebook

Our tips can help you control what others see and know about you

Published: May 2012

Find Ratings

Facebook’s privacy controls are extensive and can be challenging to use. Although using them won’t necessarily stop your friends from passing along to others sensitive information you've entrusted to them, they can help you avoid disclosing more information than you intend to strangers, friends, and family. Here’s a guide to some of the best ways to use Facebook’s privacy controls based on Facebook’s Timeline user interface. For more information, read Facebook & Your Privacy, a special report from our June 2012 issue.

Consider your most private information

Do you really need to identify your employer and relatives or include your religious beliefs and political views in your profile? Before entering such personal information, carefully consider the risks.

Regularly check your exposure

If you’ve never used Facebook’s privacy controls, you may be sharing more information than you intend. Check your security monthly, first by seeing how your Facebook page looks to others and, if needed, reviewing individual privacy settings.

Here’s how to check out what your page looks like to others:

At the top of your Facebook Home page, click on your user name to go to your Timeline page.

Click on the menu to the right of your name and photo, then select View As.

The resulting Timeline  shows you what the public can see when viewing your page. To see what your page looks like to a particular Facebook friend, enter that friend’s name in the box.

You may notice some personal profile information, such as your employer, school, or list of Facebook friends, that can be seen by the public (or a friend) but that you’d rather not share. Facebook’s privacy controls let you restrict access to most such information.

How to find Facebook’s privacy controls? From your Home or Timeline page, just open the menu at the top of the page and select Privacy Settings.

Protect basic information

To restrict access to parts of your profile information, such as your birth date, relationship status, family relationships, and employer, click on Update Info in the small box below the Timeline cover photo. That will take you to a page where you can restrict access to those, as well as to your friends list, photos, and Likes.

You can also click on the respective item (for example, Friends, Photos, or Likes) in the row directly beneath the Timeline cover photo. The ensuing links will take you to a page where you can tailor the respective privacy settings item by item.

If you want to restrict access to all of the same profile information, you can also go to the Privacy Settings page by clicking on editing your timeline info in the text near the top of the page.

Know what you cannot protect

Your Facebook name and profile photo remain accessible to everyone on the Web. You can keep others from capturing an image of your face by not having a profile photo or by using an image of something other than your face as your profile photo.

If you use a Timeline cover photo, it's accessible to anyone on the Web.

UnPublic your status updates

If you haven’t ever changed the audience for your status updates, those you’ve already made will have had their audience set to Public. To protect sensitive information you may have posted, you could go through them one by one and selectively restrict the audience for each. But if there are many of them, it’s probably easier, and safer, to change the audience for them all at once to just Friends, and then expand the audience for only those updates that merit wider disclosure.

To protect all past status updates:
From the Privacy Settings page, next to Limit the Audience for Past Posts, click on Manage Past Post Visibility.

When the popup appears, click on Limit Old Posts. Then, when asked, click on Confirm. (Once you confirm, you can’t reverse the process with just one click, but there is a way to change past privacy settings one post at a time.)

To protect future status updates:
If you don’t select an audience with whom to share a status update, it will be shared with the same audience as your last post was. To change the audience selector, open the pull-down menu and select an audience, such as Friends. You can always go back and change the audience for a post, but it’s better to set it correctly before the update goes live.

Some Facebook apps for mobile devices don’t have an inline audience selector. You can set the default audience for status updates you post from those apps in Privacy Settings by changing the setting for Control Your Default Privacy. The Custom setting offers a variety of options, including restricting your future posts to friends of friends, specific individuals, or custom lists, or hiding them.

Turn off automatic face recognition (Tag Suggest)

Facebook can recognize your face in photos your friends upload and make it easier for them to tag you. But if you’d rather not be recognized, go to Privacy Settings and click on Edit Settings for Timeline and Tagging.

In the pop-up box that appears, for Who sees tag suggestions when photos that look like you are uploaded?, click on Friends.

Another pop-up will appear. Change Friends to No One and click Okay.

Once you do that, Facebook will delete the photo-comparison data it normally stores to help with photo recognition.

Block snooping apps and sites

Unless you intercede, friends can share personal information about you with apps they use. Here are two ways to block such sharing.

Method 1: Turn off all apps:
If you do this, you'll block all apps your friends use from accessing information about you. But as Facebook's Data Use Policy warns, you’ll also no longer be able to use any games, apps, or other sites through Facebook. Here’s how to do it:

From the Privacy Settings page, click on Edit Settings for Ads, Apps and Websites. You’ll be taken to the Apps, Games and Websites Page for privacy settings. There, click on Turn off all apps. A confirmation pop-up will appear.

You can also block your friends from sharing individual items of information about you without having to turn off all apps.

Method 2: Restrict info you share with apps:
If you use this privacy control, you can decide which information you're willing to share with apps your friends use and which to block. One advantage of this approach:  You won’t be restricted from running apps yourself.

In Privacy Settings, click on Edit Settings for Ads, Apps and Websites. There, next to How people bring your info to apps they use, click on Edit Settings.

When the How people bring your info to apps they use pop-up appears, leave items of information you're willing to share—for example, "If I'm online"—checked. But be sure to uncheck any item you don't want shared. When you're done, click Save Changes.

Keep status updates from friends without 'unfriending' them

If you have Facebook friends with whom you’d rather not share some status updates, but you don't want to unfriend them, in Privacy Settings, go to Blocked People and Apps and select Manage Blocking.

On the Manage Blocking page, go to Add friends to your Restricted list and click on Edit List.

In the Edit Restricted pop-up, open the pull-down menu and select Friends.

Profile photos for all your friends will appear in the window. Click on each friend with whom you’d rather not share all your status updates; a check mark will appear on each you select. Then click Finish to save your choices.

After you’ve done that, the friends you selected will not see any of your status updates unless you make those posts Public. They will, however, remain your friends on Facebook. You can also keep certain people from viewing individual items in your profile, such as who your family members are, by using the inline audience selectors on the Edit Profile page.

Deactivate or delete your account

When you deactivate your account, Facebook retains your profile data, including friends, photos, and interests, but your account disappears from the Facebook service immediately. You can reactivate your account using your log-in e-mail address.

To deactivate:
From your Home page, open the menu at the top right and select Account Settings to go to the General Account Settings page. There, click on Security.

That will take you to the Security Settings page. There, click on Deactivate your account, then follow the instructions.

When you delete your account, your account disappears from Facebook forever. You can’t retrieve any of the information you had stored in it. Before deleting your account, disable any Facebook log-ins you have set up at other websites and make sure you aren’t logged into Facebook. During the waiting period (about one month), don’t use Facebook Share or Like buttons on any website.

To delete:
Go to Facebook's Delete My Account page. 

Click on Delete My Account and follow the instructions.

Editor's Note:

This story is an expanded version of a sidebar that originally appeared in the June 2012 issue of Consumer Reports magazine.

E-mail Newsletters

FREE e-mail Newsletters!
Choose from cars, safety, health, and more!
Already signed-up?
Manage your newsletters here too.

Electronics News


Cars Build & Buy Car Buying Service
Save thousands off MSRP with upfront dealer pricing information and a transparent car buying experience.

See your savings


Mobile Get Ratings on the go and compare
while you shop

Learn more