this post was submitted on 17 Mar 2025
44 points (95.8% liked)

Privacy

35633 readers
849 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

First things first, I've updated my LI account with a new e-mail and 2FA and now my account is "Temporarily restricted". LinkedIn require me to send them either my ID card (no way) or my legal information certified by a lawyer in my country (no way). The ID seems to be "verified" (they are nothing to compare against) by Persona, a third-party that is located in US.

I kindly asked by mail to delete my account (as outlined in Article 17 of the GDPR) using a webcall or a short video with me talkie-talking about how I would like to recover my account. "Kindly asked" whether they prefer me to bring the matter to the court (Article 77 of the GDPR). Gonna see what they reply.

Anybody who went through this? Any success? Any arguments that seemed to work on the support?

top 10 comments
sorted by: hot top controversial new old
[–] secretlyaddictedtolinux@lemmy.world 2 points 1 hour ago* (last edited 1 hour ago)

If you give your ID to a 3rd party company in the US, it's impossible to know if they will delete you ID or whether you'll be added secretly to a facial recognition system.

The US is allowed to issue secret orders to companies demanding they do things in the interest of "security." They can also issue gag orders forcing companies to not talk about the secret orders. Therefore, any US company may be secretly forced to violate it's supposed terms. A company that collects biometric information seems like it would be especially likely to be targeted.

Facebook, Instagram, and other social media such as Linked In are likely the largest source of law enforcement information being fed to facial recognition systems. Given the dystopian "ideals" of some politicians, I consider it a risk and wouldn't do it. Your country may not be sharing that information with the US already.

Additionally, some of these companies have become the main way people get employed, rent things, or buy things. Because these companies serve a public function but are officially private, they can de-platform people for any reason, with no meaningful appeal, creating havoc and misery for an affected person. If you have been flagged to be banned, by giving them your ID, you will let them ban you based on a government document forever. Their system may have flagged you for verification, but it could have also flagged you to be banned forever based on TOS violations.

If you abandon your account, you can always create a new account, then later claim a hacker got you or your forgot your email password. If you provide an ID, you may be linking a government record to biometric information to something they can ban.

A company may also be claiming that they get rid of an ID but still keep a hash of some combination of biometric information.

In theory, anyone in Facebook in California should be able to submit a CCPA request to delete all information, including ban information, and then go on Facebook again, even after a lifetime ban. Anyone in the EU should be able to do this too through GDPR. But this doesn't happen, because Facebook lies and is also just a rebranding of Lifelog.

[–] sifr@retrolemmy.com 5 points 6 hours ago

LinkedIn was doing this to me, too. But then I randomly was able to log on again. I wasn't able to for months and thought it was ridiculous that they were asking for my ID.

You can try logging in on an IP address you previously logged in on. Then, delete your account ofc.

Would you prefer that anyone be able to request that any non-verified account be deleted?

I'd bet their security system saw you log in from a new IP, maybe even over VPN(?), then change the email and add 2fa, which are exactly the steps a malicious actor takes when securing an account acquired using credential stuffing. They presumably expect that your account has been compromised and are treating you as untrusted until you provide some form of validation that you are who you say you are.

I suspect that if you were to seek legal action against them they would claim that you refused to take basic actions to positively prove your identity and throw out some statistics, ie (making this up) 98% of users are able to verify using their system without any issues.

If you do seek to bring them to court under article 77, would you not then be putting into the public record a permanent association between your real identity and the account you seek to delete? Is that better than simply sending them a picture of your ID? With this in mind, is it worth the cost of legal representation to resolve the issue? I'm not sure where you're from and you don't need to answer me but I would encourage you to consider those questions when determining your path forward.

[–] blinkfink182@lemm.ee 13 points 8 hours ago

Following. I'm working to get all my old accounts moved away from my gmail account so I'm guessing I'd run into this too.

[–] _haha_oh_wow_@sh.itjust.works 8 points 7 hours ago (2 children)

Send them a fake/photoshopped ID. I did that with Facebook when they pulled that shit to try and stop me from deleting my account by locking it.

[–] biofaust@lemmy.world 6 points 6 hours ago (1 children)

This is actually required to comply with the GDPR.

[–] _haha_oh_wow_@sh.itjust.works 3 points 6 hours ago (1 children)

My experience was in the US and pre-GDPR, but how would they even verify that it's not your real ID?

[–] biofaust@lemmy.world 1 points 2 hours ago (1 children)

Proper identification requires a logged in device to take a picture of you and possibly a short video in which the document is moved in front of the camera (to confirm the holograms).

[–] _haha_oh_wow_@sh.itjust.works 1 points 1 hour ago

Seems like you can still use trickery there but ¯\_(ツ)_/¯

[–] muhyb@programming.dev 4 points 6 hours ago

It used to be possible to give them entirely fake IDs. When I want to delete my Facebook account, there was kind of a trend around the globe to give them McLovin ID. And so did I. It worked.