Helping people with computers... one answer at a time.

Facebook invitations often include suggestions of other people you might know. I'll look at where they might come from, and whether there's a concern.

I have occasionally received 'invitations' from people most of whom I know only vaguely, to join them on Facebook. I've no wish to join Facebook, so just ignore these. Yesterday, however, I received yet another invitation, from someone who runs art classes I once enquired about. Underneath, Facebook lists three other people who have invited me in the past. And, below that, there is a list of nine other people 'whom you may know' - none of whom have ever invited me, and three of whom I have had only very basic contact with - eg a single enquiry made to an archivist.

This really worries me - how do Facebook know that I have ever had any contact with these people? Can Facebook access their emails, see where they are all going to, and cross-reference them with people who have received an invitation from elsewhere? Or can they, having once been given my email address, somehow gain access to my sent messages, see where they are being sent to, and cross-reference them against their existing Facebook membership??

This really worries me - it just seems such an invasion of my privacy, and concerns me that they may be able to access all sorts of personal information and conversations.

Can you explain how this can be happening, and suggest any way to block it, please??

I'm not privy to all the details of how Facebook actually works. That being said, I can hazard a guess as to how Facebook (or any social network with similar capabilities) might be making these recommendations.

No, Facebook's not looking at anyone's email, outside of whatever messages might be getting sent on Facebook itself.

They're making what I'd best characterize as "an educated guess".

First let me say that I'm not at all concerned, and I don't think you need to be either.

Here's what I think happens:

"It's simply using the social relationships that its members have provided to make a few guesses."
  • Your friend "Tom" sends you a friend request, which of course you ignore. However, Facebook remembers this.

  • Another friend "Dick" also sends you a friend request, which again, you ignore. Once again, Facebook remembers.

  • "Tom" and "Dick" have a friend in common - I'll call him "Harry". Both Tom and Dick invited Harry to be friends, and Harry accepted.

So, here's what Facebook now knows:

  • Tom claims to know you.

  • Dick claims to know you.

  • Tom and Dick both know Harry.

The "educated guess" is simply this: since Tom and Dick both claim to know you and Harry, perhaps you know Harry. Hence Harry becomes an "other person you might know".

And you might. Or you might not.

I find that about 50% of Facebook's initial recommendations are people I don't know, and about half of the remainder are people I might know, but that I don't want to connect with anyway.

Now, as I said, I don't know that this is exactly how Facebook - or any social network - actually works. In fact, I'd be willing to bet that the details are significantly more complex. If nothing else they have millions and millions of relationships in their databases that they can use to make these inferences.

But I'm willing to bet that it's just that: nothing more than Facebook analyzing all the data that its members have provided in the form of friend requests, which groups they've joined, what fan pages they're fans of and more that allow Facebook to infer who might know who - even for people that are not yet members.

I get that it might seem a little creepy, but it's not as intrusive as you fear. It's simply using the social relationships that its members have provided to make a few guesses.

To answer your last question, I'm not aware of a way to block it.

Article C4168 - February 20, 2010 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

February 20, 2010 2:43 PM

Yes, that's probably the case but wouldn't that Spam if FB sends you unsolicited email like that?

Facebook is sending you email because someone else already on Facebook asked that you be sent a friend request, and the "other people you may know" are part of that. Facebook doesn't, to my knowledge, send unsolicited email.

February 20, 2010 3:12 PM

There's also something else. Facebook's software is buggy. Every so often on FB I get a friend recommendation (the kind where they recommend friends of friends)from someone whom I don't know and isn't really a FB friend. All I can assume from this is that Facebook has buggy software, abd this is a cause of concern as you never know when they migh accidentally leak some sensitive information. Bottom line, Be very careful what you post.

I, personally, don't consider it "buggy", but rather the nature of Facebook making "educated guesses". Even educated guesses can be, and often are, wrong.

David Powell
February 23, 2010 9:25 AM

I've always assumed a simpler answer. Facebook asks if its members want to upload their email address book(s, so it can suggest new friends. If Tom, Dick or Harry have (or had) your email address, and uploaded their address book, then Facebook KNOWS that they know you, and can infer that you know them, so suggests them as friends for you.

February 23, 2010 9:43 AM

There will be words in common in the subject lines of these kinds of emails. EG: "facebook". Use the filter system on your email package to send them straight to your Trash folder.

February 23, 2010 9:45 AM

I pieced this scenario together myself:

FB, with your permission, can search your email contacts. You may not have given them permission to search your contacts, but someone else with your email address may have.

So, if someone you have ever sent a message to saved your email address in their contacts, and it's the email address that you use on FB, and that someone gave FB permission to search through their contacts, then they will be presented as someone you may know because FB (apparently) saves that info.

I'd say their database schema is impressive in many ways, with the breadth and wealth of data mined and to be mined being first and foremost.

February 23, 2010 10:12 AM

I agree with the scenario suggested by David Powell and Michelle above. I once had a Facebook suggestion that I friend someone whom I do know, but who I don't think knows any of my Facebook friends. I have never given Facebook permission to search through my e-mail address-book for other Facebookers I know.

I am relieved to read that people think that these random suggestions from Facebook come from other people one has been in contact with giving Facebook permission to search their contacts, and not from Facebook looking through my e-mails without permission; at the time I couldn't think of another way in which this might have happened, and was offended!

February 23, 2010 10:13 AM

I tried FB for about 6 months and then got tired of all the useless information being sent back and forth. Some people seem to have a lot of time to talk about what they eating, doing, reading, watching etc....boring [edited]. I love my friends but I'd rather have a meaningful conversation via email or phone.

Anthony McGuire
February 23, 2010 10:45 AM

A good question. I often ask myself the same question. The only answer I can come up with is that someone is looking up all names and thinks he or she recognises a name and place and invites tha person to be a 'friend' on Facebook What they don't consider is that two or more people living in the same can have the same name. Facebook somehow remembers these names and comes with the same suggestion. It very often frustrates me so much that I wish I could unsubscribe to Facebook like we can with 'Buzz'

Alison S. Britton
February 23, 2010 11:37 AM

I cannot agree that FB is innocent in this, based on what happened to me.
I did not give FB permission to search my contacts. I changed my passwords so that FB and e-mail ones were different. Also, I do not use the 'auto-add' feature for contacts in my e-mail.
First, I found it odd that I was getting friend suggestions for former clients that were in my contact list but with no contact for up to 10 years.
The real clincher was when I got a friend 'suggestion' for someone who was a new contact, but with whom I was having a serious eBay dispute!
You might say, as one respondent did, that it may be the other party's contact permissions governing this.
However, I posted a status message on FB saying how annoyed I was -- and that I had always suspected that FB was a trawling op for NSA/Echelon (look it up if you don't know).
Voilą! All the weird contact stuff stopped completely with no further action from me.
This, to me, was the proof of it.

Lynda Scott
February 23, 2010 12:10 PM

I recently took a course (Facebook Essentials)on (no relation-it's a popular educational site for online courses) which was very thorough about how Facebook works. It may be helpful to this reader. They don't have the type of info Leo offers (no competition there, Leo! You're in a class by yourself-a great resource! I love your newsletter); they teach mostly software programs. I had a free month coupon, but it only costs $25 a month for access to all their courses. Anyway, it really helped me learn how Facebook works - and the teacher is open to receiving contact following the course. Best of luck!

While I've not used it myself, I've also heard fairly good things about

February 23, 2010 1:07 PM


I had a friends very personal photos accidentally show up in my Facebook once.

Just like spam and viruses have their issues and we need to protect ourselves, social networking sites have their issues.

These sites are in business to make a profit, your personal information is what makes it profitable.

Joining these sites is a trade off of personal information against what we value we get from joining.

Here are my basic assumptions that I use to protect my privacy:

1- Anything you pass through or post on those sites, now belong to the site.

2-You may loose copyright privileges to your photos. You may loose copyright privileges to your written material.

3- Also assume that there is a clause in the User Agreement that lets them mine your contacts from other sites or wherever.

4- The terms of the agreement are always subject to change without notice. If a concept sounds unethical today, they still may get away with it tomorrow after you join. Protect Your Privacy.

I now see websites trying to get you to upload your photo for various reasons, one is to make a cartoon of yourself. This is blatant data mining with new face recognition software and should be illegal for them to troll for minors.

Here's part of Leos Terms of Service for posting here:
By posting a comment you grant Puget Sound Software LLC, Ask Leo! and Leo A. Notenboom the unrestricted right to publish or reuse that comment in other forms, including but not limited to other publications and web sites.

February 23, 2010 1:11 PM

I am now getting e-mails that purport to be from Face book. (I'm not a member) These messages tell me my password has been ghanged for security reasons. They have a place to click on to see my new password. Clicking will install a virus PAKES.EQR. I am not inferring that Face book is sending this message.

February 23, 2010 3:25 PM

i started to join face book and gave preliminary information--name, age, email address but balked when they asked me for my email password. was this site legit? i don't know. they also had 2 suggested friends that i knew and whose names and addresses are in my email address book. so i suspect they are somehow mining address books.

Des Buckley
February 23, 2010 6:36 PM

1. Facebook is done by gigantic robotic machines processing bazillions of ones & zeros, using various formulae - or so-called 'algorithms'; i.e. it's not done by humans reading emails, or nefariously accessing databanks, or whatever. The end result is uncomfortable, nevertheless.
2. Leo's Tom+Dick+Harry example is at it's core - PLUS the cross-referencing of email addresses, correlating photo tags, personal information made available to applications (including 3rd-party ones), clicking on ads, making enquiries on those ads, how regularly this is done, I.P. numbers - which give the country & approximate location of the user, & similar activity by users on their friends pages, groups etc, etc. Another user, with whom you have no contact, may be in the address book of yet another user who you once made an enquiry from - about, say, art classes! Ever notice the way users are encouraged to sync their Hotmail address books with Facebook? So, you have a friend, or even someone you hardly know, who has a 16 year old son & daughter who just happen to also have you in their address books - which they've synced with their Facebook accounts! And there's much, much more. A continuous & endless correlation of links, which are the basis of the internet itself. Put malware & hacking into the mix, and even those programs on your PC that connect to the web, unnecessarily and without your knowledge, and, well, enough said.
3. The complexity is mind-boggling, and the above is only part of it. The web as we know it would not be the same without it. And of course it does have very dark side. It's all benefit vs. risk, and vice-versa. No matter what is put on the web is there, and it's there forever. Electro-magnetic ones & zeros containing that love letter I emailed 15 years ago. Aaaaagh!!!!

February 24, 2010 12:35 PM

I had just signed up for Facebook, and I did not allow it to check my email contacts, or anything else. Nor did I give it any personal information other than my name and age. Not my schools, nothing else. The next day, I looked at Classmates at a listing of an old classmate I hadn't thought of for 40 years. I looked up her page on Facebook, but didn't contact her or anything. Two days later, she sent me a friend request. This is someone I was never even really friends with, and hadn't seen or talked to since 6th grade. Facebook had to have given her my name as a suggestion.

As outlined in the article: perhaps via a mutual friend on Facebook or other simple relationship that's visible there.

February 24, 2010 1:36 PM

Someone posted questions about me to be answered by my "friends." These questions were scary, mean & off color.

How do I find out who posted these?

February 24, 2010 7:46 PM

When one goes to Facebook, the option for them to check your email address book comes up. If you allow Facebook to do that, then every single entry in your address book is listed as 1. a member or 2. a potential member. This includes email addresses such as

I allowed Facebook to look up people in my address book ~ but I have no idea who half these people are ~ but that is one way the list is generated.

Alex Netherton
February 25, 2010 1:18 PM

Folks, if you are so worried about privacy, don't peek your head out the door, and do away with your real world mail box! If you go outside, your neighbor will see you. If you get mail, junk mail will come to your mail box, some of it (GASP!) with your name on it. None of this is an invasion of your privacy, and it is the same with Facebook. You surf the web, use email, and you will be known by people. The only way to get your privacy infringed is to get software on your computer that steals it. Facebook can't do that.

March 23, 2010 10:00 AM

@ Sharon: Facebook has a 3rd party application callied "Friend Facts" that contains rude questions. It is automatically generated, not actual postings. I've seen the same dozen or so questions asked about more than 30 people.

This application can be blocked by going to the account drop-down menu, and hitting the application settings button. A list of apps you use will come up. Find "Friend facts" and press the small x on the right and confirm to permanently block. This will work on any app you don't want.

March 25, 2010 6:54 PM

One thought of mine about facebook friend suggestions is that as soon as one joins or becomes a fan of a group, other fans are suggested to you as friends. If the "fan club" is small, one can compare notes and see it matches the people there. I presume Facebook reasons _birds of a feather, flock together_ :)

julie Russell
March 28, 2010 9:51 PM

How do you find out who gave the friend suggestion on facebook? Someone suggest someone they know i would not add.

I don't beleive you can.

June 17, 2010 4:46 AM

I recently joined facebook and the first suggestion as a friend was a woman who I had a brief relationship 10 years ago. I have had no contact with her since then and I had no idea where she was. Her surname has changed so I assume she has got married.

Given that we have had no contact of any kind for all this time, she doesn't appear in my address book I found it bizarre that this name should suddenly appear. It's definitely the same woman.

I have resisted the temptation to make contact let alone to add her as a friend but how on earth have they made the link. I have checked her profile and she has 3 friends none of whom I've ever heard of.

June 28, 2010 4:00 PM

How Friend Finder works

We will not store your password after we import your friends' information.

We may use the email addresses you upload through this importer to help you connect with friends, including using this information to generate suggestions for you and your contacts on Facebook. If you don't want us to store this information, visit this page.

Mark Jacobs
November 24, 2010 1:25 PM

This is another educated guess. Facebook has a search for Facebook friends via your email address book. You logon to your web mail or connect it to your email client address book and it searches for Facebook members with that email and gives you the option of inviting them. If their email addresses aren't associated with a Facebook account, FB the offers to send an email to them an email invite. So it's possible some of your contacts from years ago may send you an FB invite with that option. FB then may or may not store this info for further invitations.

October 8, 2011 2:31 PM

This is the scary part: When you have an excisting facebook account from your pc where you normally login to your facebook account, make a new emailadres. Make a new facebook account with this new email addres. After some time you get a friendsuggestion from the new facebook account (and vice versa). No emails/no contact sent to standard and this new emailadress.

February 1, 2012 8:37 PM

I also have freind "suggestions" from Facebook as peoplei may know. I believe these may be coming from my phone address book, linking it to the phone numbers supplied on the person Facebook page. I have some of these from people who have no connection to me whatsoever except that through business they are in my contacts. If its not this, is it possible they have searched me or mentioned me? I have certainly never mentioned or searched them.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.