Richard Stallman's personal site.
For current political commentary, see
RMS' Bio |
The GNU Project
If you feel your organization needs a "presence" in Facebook
-- Richard Stallman
Facebook is a surveillance engine, accumulating lots of personal data
which is also available to the state. For your privacy and freedom's
sake, it is important not to have an active Facebook account; refusing
blocks Facebook's main channel for collecting information about you
and, through you, about your friends and relatives. (Whatsapp, a
subsidiary of Facebook, is also important to avoid.) Explaining to
them why you firmly insist on routing your communications with them
through some other system will strengthen your will power to resist
systems that use you to harm you and others.
Nowadays Facebook has gained so much power that it puts freedom and
democracy in danger. Its rules for what can be published amount to
censorship of society as a whole, leading to political disputes. But
those disputes are a distraction from the bigger point that no company
should have so much power.
Facebook has the power to manipulate elections through subtle policy
changes. Whether or not it has intentionally done so, this state of
affairs is dangerous.
Many organizations maintain a Facebook page to attract public support.
Having the page does not directly harm the organization. However, if
it's not careful, the page will add to Facebook's power.
Organizations typically manage Facebook pages to aim for the maximum
possible visibility. Facebook's cunning engineers have designed the
system so that the way to get maximum visibility is to boost
Facebook's power as much as possible.
The simple way to completely avoid this is to refuse to have a
Facebook page. However, a compromise may be possible, one which
attracts public support while not boosting Facebook's power much.
This article proposes such a compromise.
Make the organization's own web site the go-to place
for all information about the organization. Whatever
people want to know, the web site should be the best
place to look for it.
Say in the Facebook page that the organization's own
web site is the best place to look for information
about the organization. Explicitly ask people to make
links always to the web site, never to the Facebook
Adopt this motto: "Facebook is a bad place for a
person to be. When people find us on Facebook, we
lead them away from Facebook and then talk with them
What to post on Facebook; what not to post
Select what you post on the Facebook page so that the
organization's own web site is clearly the best place
to find information about the organization.
Do post important new articles and announcements from
the organization on Facebook, but only around half of
them. Then say, in the Facebook page, "See our web
site — we have a lot more there."
When you announce an event in Facebook, don't put the
full story there. Do state the place, date, time, and
a brief description, enough for people to attend if
they wish — but give a link to the page in the
organization's web site about the event, and reserve
part of the interesting information about the event
Post the same list of event summaries in the web site,
so that people who want a summary don't think Facebook
is the best place to look for it.
Don't update all the fields of transitory information
in the Facebook page. Instead, when you change your
the organization's web site significantly, update the
Facebook "status" with a few words to say so.
On the organization's website, provide a way for
people to ask for notifications of changes and new
announcements, so that they don't depend on Facebook
Don't post on Facebook any information about the
participants in your events — especially not their
names. Respect their privacy! The only exception is
names of speakers or teachers, as part of the advance
description of events.
In particular, don't post photos on Facebook that show
any people. Remember that Facebook identifies people
in photos from their faces, and even from the backs of
their heads. Don't show anyone's head, viewed from
any angle, to Facebook.
Avoid Facebook messages
State in the Facebook page that those who wish to talk
with the organization should use other systems,
not through Facebook messages. State which
systems you prefer, and give the account names or
numbers to use.
Other communication systems may have other flaws. At the FSF we use
mainly email and phone calls; we use SIP for audio/video communication
over the internet, but never Skype because Skype requires proprietary
client software. However, the crucial point here is that any
communication method other than Facebook and WhatsApp (owned by
Facebook) will move people out of Facebook.
If someone sends you a Facebook message despite your request,
respond by saying, "Please let's switch to system X, Y or Z to have
this conversation. We do not want to give Facebook any more
information about our organization or its participants, including
Avoid helping or boosting Facebook
Don't mention the Facebook page in your web site or
other postings. The Facebook page is for those that
look for it on Facebook.
Don't display a "Like" button on your web site.
Facebook uses "Like" buttons in non-Facebook pages to
track all visitors to those pages. The button tracks
even visitors that don't have Facebook accounts.
It is advisable on general principles to use a browser
such as IceCat
that blocks tracking systems in web pages, including
the Facebook Like buttons and most advertisements.
Another reason not to have a "Like" button in your own
web site is that they encourage visitors to be more
involved in Facebook.
How you can communicate safely with Facebook
Facebook uses many methods to get data about people. Some of them are
rather tricky. If people in the organization have Facebook accounts
and want to use those to manage the organization's page, the
organization has no reason to object. But the organization must
never urge a person to submit to Facebook's surveillance in order
to manage the organization's page. That would be a gross wrong to the
person in question.
Here is a guide for how people can manage the page using pseudonymous
Facebook accounts. A few of them stretch Facebook's commands, but it
is not wrong to do that — Facebook does not deserve obedience.
Make an account under an alias for maintaining the
organization's page. Give made-up plausible data
which is not humorous and doesn't relate to
you. Then never use the account for anything
except to handle the organization's page. Facebook
will never have a reason to doubt the data on the
If several people manage the organization's page, give
each one a separate alias account. Don't give any of
the same data in two accounts.
Make a couple more such accounts as backup.
The only more-or-less safe way to connect to Facebook
is through a browser. Never connect using
Facebook's mobile app, because that requires giving
Facebook access to other information on the mobile
device, including personal contact information, text
messages, calender events, and other confidential
information. This can expose personal information —
yours and others'. It can even expose sensitive
information, harming you or others you know. This is
no surprise, because the app is proprietary software
(an injustice in itself; see here), and proprietary
software commonly snoops on users (see proprietary
It is safest to connect to Facebook only from a
computer that belongs to the organization and is in
the organization's office.
To make the site work without the need to run
If you ever connect to Facebook from your own computer
(rather than the organization's computer in its
office), do it this way: install the Tor Browser
Bundle (available for Windows and OS X as well as
GNU/Linux) and use it to visit https://m.facebookcorewwwi.onion/
rather than Facebook directly. This stops Facebook
from determining your location or your IP address.
Note: the site
facebookcorewwwi.onion.to is a fake.
Don't be fooled.
Never "check in" at a location no matter how much
Facebook nags you.
Make a separate local account on the computer for each
Facebook account, connect to it from that local
account, and don't ever use that local account for
If you don't make a special local user account to talk
to Facebook from, delete cookies immediately
after each connection with Facebook. Not just once a
done from the same account. Many browsers will allow
you to specify a setting to treat all cookies as
one-session cookies. That will delete them
automatically, provided you shut down the browser
after each connection with Facebook, which is
Do not give Facebook access to any real account on any
other site. If Facebook demands info about your other
accounts, make real accounts that you don't really
use, and tell Facebook about those. It is OK to give
Facebook the email addresses that the organization
publishes for contact from the public, but not the
passwords of those email accounts.
Facebook harms people in many
ways, and there is no way to completely avoid the harm.
We hope this compromise approach to Facebook will provide
benefit to the organization, while saving it from becoming
Facebook's tool. Meanwhile, there are many other social
networks one can use. Many well-known centralized social
networks are less intrusive than Facebook; what's more, GNU Social
respect users' rights through a decentralized architecture,
based on free
software — why not try them?
Copyright (c) 2016 Richard Stallman
Verbatim copying and redistribution of this entire page are
permitted provided this notice is preserved.