this post was submitted on 24 Aug 2023
490 points (98.6% liked)

Privacy

32560 readers
326 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Last week I received an email from Meta Plattforms Inc about their new ToS and Privacy Policy addressed to my first Name.

But I don't have any accounts on any services from Meta Platforms (I deleted them a few years ago). Therefore I contacted the DPO and requested a copy of my personal data and asked them to delete it according to GDPR.

They told me that there is no account associated to my email, I should provide my account details to the account in question, which I don't have. They are unable to help me with the data I provided and I should contact the irish or my local data protection authority and bring my claims before court.

So they obviously have at least my first name and my email address and refuse to comply with GDPR.

Has anyone had any simmilar experiences or any recommendations on my further actions?

I don't have the time and money to sue Meta, but I will contact my local data protection authority.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 17 points 1 year ago (1 children)

Are you sure it wasn't a phishing email? With stolen creds?

[–] steersman2484 23 points 1 year ago (1 children)

This was the sender email: [email protected]

And all links point to meta.com, so no phishing

[–] [email protected] 13 points 1 year ago (2 children)

Check the email headers. You can spoof a sender address

[–] steersman2484 9 points 1 year ago (1 children)

I know, already done. Looks fine

[–] [email protected] 9 points 1 year ago (1 children)

All good, just wanted to make sure since it wasn't clear

[–] steersman2484 9 points 1 year ago

Thank you anyways for the hint

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago) (2 children)

Spoofing a sender while falsifying compliance with SP~~DI~~F and DKIM are another matter entirely.

OP, do you know if your email host performs these checks? (The popular webmail services do)

[–] [email protected] 9 points 1 year ago (1 children)

S/PDIF (Sony/Philips Digital InterFace) is an audio interface, perhaps you meant to refer to SPF (the Sender Policy Framework)?

[–] [email protected] 6 points 1 year ago (1 children)

Ahh yes, you are correct, I got mixed up!

[–] steersman2484 3 points 1 year ago (1 children)
[–] [email protected] 2 points 1 year ago

Then you are probably fine unless you're a high value target. Gmail checks these, and any such bypass would not be burned on a common target.