- Facebook, Facebook Messenger, and LinkedIn are the least privacy-friendly social media platforms, according to a new ranking.
- Researchers found that Reddit is the least privacy-invasive social media platform of those studied, followed by Snapchat and Pinterest.
- Facebook, Instagram, YouTube, Facebook Messenger, and Discord keep users’ data for 180 days after they have deleted their accounts.
- Quitting social media sites should be simple—yet it takes six clicks for people to delete their Facebook and YouTube accounts.
- Analysis by privacy platform Incogni lays out the stark differences in how leading platforms handle user data as well as their histories of data breaches in the Social Media Privacy Ranking for 2024.
NEW YORK – A comprehensive new social media privacy ranking highlights stark differences in how platforms handle user data, with researchers from data privacy platform Incogni finding Facebook to have the weakest privacy practices.
The study found Facebook, Instagram, YouTube, Facebook Messenger, and Discord to have problematic data retention practices, as they keep personal data for 180 days after accounts are deleted by users.
Incogni’s Social Media Privacy Ranking compares 15 popular social media platforms across five categories of criteria (see below).
The analysis found that Reddit is the least privacy-invasive platform, followed by Snapchat and Pinterest. Facebook, Facebook Messenger, and LinkedIn were identified as having the weakest privacy practices.
Chart: Social Media Privacy Ranking for 2024
Metrics for ranking:
- Data collection and retention: The data collected and stored by the social media platforms, with implications for data breaches, invasive advertising, and other threats to people’s digital lives.
- User control and consent: The available privacy settings, default privacy settings, and opt-out or visibility options.
- Transgressions: The number of government fines and data breaches experienced by each platform.
- Transparency: How much user data reaches governments and how accessible certain features are for users.
- User friendliness: How easy it is to understand the privacy policy and how many steps it takes for a user to delete their account.
The data collection and retention category notably contributed to the poor scores of Meta’s products (except for WhatsApp). Facebook, Instagram, YouTube, Facebook Messenger, and Discord all keep users’ data for 180 days after they delete their accounts, while Telegram keeps data for one day, and performed the best in this category.
Four platforms had the best possible score of 0 in the Transgressions category: Telegram, Reddit, Quora, and Discord, meaning there was no record of a data breach or fines applied to them. On the other hand, X (formerly Twitter) saw over a quarter of its total score come from this category, LinkedIn over 27%, and Facebook over 30%.
Quora and LinkedIn had the worst transparency ratings, while Discord, Snapchat, and YouTube performed relatively well in this category. Facebook Messenger and WhatsApp performed the worst in the category of user control and consent, while Pinterest, Reddit, and Twitch did the best.
Facebook, Facebook Messenger, and YouTube turned out to be the least user-friendly in terms of privacy policy clarity and the number of steps a user needs to complete to delete their account.
How difficult is it to delete an account?
The study found that Facebook, Instagram, YouTube, Facebook Messenger, and Discord all keep users’ data for 180 days after they delete their accounts. This means social platforms could be holding onto personal photos, videos, messages, financial information, and health details many months after users believe they have cut ties with the service.
The research raises questions about what social media platforms do with that data, and whether it is still being sold to third parties long after someone has opted out of a platform.
Holding onto data for 180 days means users could also be unexpectedly caught up in data breaches or other unwanted disclosures long after they believe they have been removed from a platform.
WhatsApp, Reddit, and Twitch keep users’ data for 90 days, Snapchat holds it for 60 days, while TikTok and X (formerly Twitter) delete data after 30 days. Encrypted messaging service Telegram keeps data for the shortest amount of time—just one day.
Deleting a social media account should be a relatively easy thing to do for a user once they decide that they no longer wish to use a platform. Yet users of some platforms, including Facebook, YouTube, Instagram, and Facebook Messenger, need to make six clicks to delete their account.
Table: Number of clicks users need to make to delete an account
| No. of steps to delete an account | Social media platforms |
| 6 | Facebook, YouTube, Instagram, Facebook Messenger |
| 4 | Snapchat, Pinterest, LinkedIn, |
| 3 | WhatsApp, X, Reddit, Quora, Twitch |
| 2 | TikTok, Telegram, Discord |
Data breaches
While social media has become indispensable for many people, the platforms pose significant privacy and data security risks.
Since 2012, LinkedIn experienced four data breaches, followed by X and Facebook with two each. Livestreaming service Twitch experienced one data breach over the same period.
Incogni also assessed government fines, which reflect the platforms’ failures to meet legal requirements. Facebook has received 8 fines since 2011, while WhatsApp has been fined five times. X and TikTok have received four fines each.
YouTube, Instagram, Facebook Messenger, Snapchat, Pinterest, and Twitch have all been fined at least once.
Darius Belejevas, data privacy expert and head of Incogni, comments: “Social media platforms facilitate rich and meaningful interactions but they also pose significant privacy and data security risks.
“Users may be shocked to discover that some social media platforms hold onto their data for six months after they have deleted their account.
“It raises big questions about what happens to that data, whether it’s being sold to third parties and if people could be unknowingly caught up in data breaches long after they thought they’d severed connections with a platform. “Our ranking provides an important glimpse into how highly social media platforms value their users’ privacy and whether they are doing enough to keep data secure.”
