I recently had a similar experience with Robinhood. I found that if you use their "Logout all devices" feature, you have to re-verify your account with them. They allow you to deposit and place trades, but as soon as you attempt a withdrawal, they notify you that you have to re-verify your identity with them. After two weeks and three denied attempts to verify my identity, I got the SEC involved. Within minutes of the SEC notifying me that they contacted Robinhood on my behalf, my account was verified without further action from me.

I withdrew all funds, closed all positions, and deactivated the account out of principle. It shouldn't take SEC action to get access to your funds. And Robinhood shouldn't notify their users that identity verification is required only when a withdrawal is attempted.

Robinhood obviously isn't FAANG, but apparently this is the progress in tech more generally.

---

Note: It was difficult to tell as a consumer which government entity was the most appropriate place with which to file a complaint. I will say that I filed both a CFTC "TCR" report and a SEC Investor Complaint form. From the former, I received no additional feedback (roughly three weeks later). From the latter, I received confirmation of the report immediately, and then confirmation of the complaint having been forwarded to Robinhood four days later. Shortly after that second confirmation is when I received a response from Robinhood support that the withdrawal ban on my account had been lifted.

File your report here: https://www.sec.gov/oiea/Complaint.html

Be specific about the action you've taken so far. Include your Robinhood Support request ID(s). Don't be heated or incendiary; simply provide the facts. Knowing Robinhood Support, the facts are sufficient for the SEC to take your complaint seriously.

Good luck.

Turns out, company press releases have live email contacts on them, and if you write a sufficiently fulminant email explaining that you'd like to never again hear from their employer, they'll direct it to somebody who will get you off the email list.

Worth a try?

Pun intended?

> Fulminant is a medical descriptor for any event or process that occurs suddenly and escalates quickly, and is intense and severe to the point of lethality, i.e., it has an explosive character.

This is applicable to all financial service companies, in the US at least.

With that said, my qualms are not with the fact that I had to re-verify; simply the manner in which it happened.

The fact that they re-requested my identity tells you that this verification process was not in support of their KYC obligation, but likely a fraud-prevention mechanism. Which puts the manner in which it happened entirely within their control from a product perspective.

“Oh no, that might hurt our signup and trading figures?! “

Well, DUH, but anything to fudge the numbers right?!

Maybe if they make withdrawals even more difficult a percentage of users will abandon and then our assets under management numbers look better.

This is exactly what’s happening, stop forgiving the dark pattern behaviour under the guise of compliance.

[0] https://finance.yahoo.com/news/kind-transfer-134617847.html [1] https://investor.vanguard.com/account-transfer/other-transfe...

But like others are saying, there's ample evidence that Robinhood are despicable, so they sure as hell don't deserve and favourable interpretations of their trashier policies...

> Know Your Customer (KYC) are a set of standards used within the investment and financial services industry to verify customers, their risk profiles, and financial profile.

https://www.investopedia.com/terms/k/knowyourclient.asp

I personally think PE ratios are like score cards for what's best amongst businesses.

Do they allow all trades, or only trades involving the newly deposited funds and descendants of such trades?

That might be an interesting approach to trying to lessen the harm of a false positive from their fraud detection. Essentially put a complete activity block on everything currently in the account (money and stocks), but only block withdrawals on things added to the account after the fraud detection hit.

If it turn out to be a false positive then it is still pretty annoying, but at least you get to continue with some activity so you account isn't totally useless while you get reverified.

If it turns out that the account has actually fallen into the hands of a scammer, they can't harm what is already in there and if they put some of their own funds in to try to trade for some reason then that ends up as a gift to you when you get the account back.

However, I am confident that I funded trades from deposits that were made after the withdrawal ban was put in place. I made multiple deposits over ~8 months in which the withdrawal ban was in effect, and those deposits funded multiple trades. Which means Robinhood is happy to deposit and trade funds from an account in an "unverified" state, but not allow withdrawals. If my account was truly compromised, justifying an unverified state, then I wouldn't want them funding trades from an ACH transfer from a bank account that was added when it was in a verified state.

The policy, whatever it may be, clearly serves Robinhood's purposes and not the customer's.

In other words, some accounts steal the pictures of real people and then send follow requests to friends, and try to get them to tap on links that can give the bad actor access to the friends' accounts or buy cryptocurrencies. It's been spiking recently over the past couple of months (one case in a Canadian news article at: https://www.cbc.ca/news/canada/manitoba/instagram-photos-sto...), with other prominent cases documented in the past (2019: https://www.cnbc.com/2019/09/24/how-i-stopped-someone-impers... and 2021: https://www.cnbc.com/2021/12/14/instagram-accounts-created-w...). Bleeping Computer published a deeper article on the most recent ongoing spike (describing the crypto and Onlyfans scams): https://www.bleepingcomputer.com/news/security/instagrams-da...

This doesn't justify at all the permanent deactivation of your completely new account, but just for curiosity's sake, I speculate that this is the reason your new account was banned (overly high security sensitivity on Instagram's end, due to a recent spike in false accounts that impersonate real people, to encourage others to buy cryptocurrency and/or click malicious links).

Seasoning fake accounts in realistic ways mostly isn't worth the effort, because bad actors can just compromise real accounts and use those instead. (There are some specific use cases, mostly with nation-state actors, where seasoned and aged fake accounts might make sense, but those are unusual.)

Unfortunately, the non-spammers using VPNs are unlikely to be desirable users (high level of contribution, receptive to ads) so might be seen as acceptable collateral damage.

Reporting the accounts for impersonation seem to do nothing, instagram's responses to the support requests even say they don't have enough people to look at all of them, and so they didn't.

I read that the fastest way to take down the account is for the person getting impersonated to fill out a form (via Instagram's help page at https://help.instagram.com/370054663112398), which unfortunately requires a picture of the person's driver's license/government-issued ID.

They should move to something like IRMA (1). This would ensure they don't get data except for the government's certification that you're really who you claim to be.

(1) https://privacybydesign.foundation/irma-en/

I have no idea whether or not it is illegal to ask for this, but it is generally considered dangerous to send photos of your state ID.

It's pretty hard to fake an ID in physical form, but one good enough for a webcam photo shouldn't be too hard.

The new US passport is pretty crazy. The photo page appears to be one giant NFC chip. The picture is barely visible. I suspect that it is meant to be inserted into some kind of reader machine, that will display a high-resolution version to the Customs agent.

https://en.wikipedia.org/wiki/United_States_passport#Biometr...

Or if you have an older passport, you lay it on the scanner machine five or six times, then an assistant comes and tries it on four or five of the machines, then gives up and hands you and the passport to the guard.

Pushing their problems down to the user in this way feels shitty, at best.

You've identified exactly what is going on.

Platforms such as this are facing a brutal, relentless scam/spam onslaught and I think we can conclude that no, in fact, they do not have an elegant solution to it.

The closest things I have seen to real, elegant solutions to this problem are:

1) metafilter charging $5 per new registration - I think you can send them a five dollar bill

2) lobste.rs with their chained/linked account referral which puts the cost on the referrer and introduces some personal responsibility for new signups, etc.

The common solution is to demand a SIM identity - any SIM identity - "for your protection". That's the best solution they have come up with - any functioning truly mobile number (backed by a SIM card, not VOIP) is enough sand in the gears to slow down the onslaught ...

Same people that complain in this post about over-jealous verification, will complain in another post about misinformation and propaganda.

If they cannot adequately protect against these scenarios they really should not be trying to collect and monetize so much granular user data. Clearly the organization is incapable of operating what they have built.

The reality, IMO, is that it is just not financially worthwhile for them to give a shit. People will jump through hoops for stupid validation purposes because they want access. Why spend engineering time solving a problem that is more easily handled by inconveniencing your users.

A bit tangential but actually I suspect those are nearly disjoint sets. In my experience the people who complain about misinformation and propaganda are okay with identity verification and censorship while those that want privacy (such as myself) typically dislike censorship and don't want a central authority getting involved to judge whether something is misinformation.

It largely comes down to trust in authority and centralized versus decentralized system design.

How would me sending them a picture change that when it says right in the email that:

> Even if this account does not contain and pictures of yourself or it represents somebody or something else, we can only help you when we receive a picture of you which fulfills these criteria.

So I can send Instagram a real picture and post someone else's picture all over the account.

It doesn't. It's just a barrier that inconveniences low effort scammers. Most scammers don't want to associate their face with their scams, and/or they aren't skilled enough to photoshop some other photo. Instagram is overwhelmed with garbage and it's logical to 80/20 rule as much as they can.

I think my account was flagged because I follow a lot of people but I don't have a profile picture, never post anything, and I only use the web app (and sometimes from a "suspicious" OS named Linux) so basically I look like a follow-bot.

If Facebook can simply run image comparison between the the face used and other accounts while knowing that picture isn’t copied from elsewhere because it includes their onetime key it could prevent duplicate accounts.

In practice I doubt it’s more effective than a new CAPTCHA.

It's hilarious that I'm reading this comment right before an article from the EFF titled, "Facebook says Apple is Too Powerful. They're Right." How refreshing it would be if Facebook bothered to say, "Meta is too powerful."

Facebook used to do the same "yo wait, you need to send us a photo of yourself to verify the account". You could send... any selfies, even ones already uploaded to the account.

The people or algos doing the verification didn't give a fuck/weren't advanced enough and the accounts could be verified with a high success rate, you could even retry with different photos.

Maybe they improved that.

Your account appears, for whatever reason, bulk-created. For example maybe you were creating it from a network that somebody had used for a lot of IG account creation, or you created it with Firefox on Linux and 99% of their Firefox+Linux registrations are from spammers since it's easy to automate and run on a cloud server, etc.

It's actually pretty friendly from them to notify you immediately, rather than wait until you have gotten attached to the account.

> Are there really no less intrusive ways than the above to prove ones ownership of account??

Your ownership of the account is obviously not really under question. It's a freshly created account, it can't possibly have been hijacked yet. But is it your first account or the thousandth? Email addresses can be minted for free. Phone numbers for pennies. Since phone-verified, US-IP Instagram accounts seem to be selling for about $7 in bulk, those pennies are not much of an obstacle.

But it's pretty hard for you to get selfies from a lot of people in an automated way. (Sure, you could go to a parking lot and pay people to do the selfie for you. But that's a much higher bar.)

And then if suspicion remains, it allows IG to ask for either a second selfie or a picture of a government ID, and verify that your identity has actually stayed stable.

I'm so tired of people insisting on using IP addresses for things that aren't packet routing.

And? What is your proposal instead that is practical?

side note: I still can't edit wikipedia because my block of IP addresses has been banned for some reason. I just moved to a new house and can only edit if I go to a coffee shop!

I just want to delete the account at this point, but I can't, since trying to access the deletion link returns an error telling me to open the (unresponsive) app to regain access to my account.

I've contacted a lawyer who works in the field, since I'm pretty sure preventing me from deleting my account is a violation of their TOS. Who knows if that will go anywhere. I'm kind of at my wit's end here. If anyone has any better ideas, I'm all ears.

If you're in the EU, it's also a violation of "the right to be forgotten" and you can contact your ICO.

That's the part that makes me wonder what they're trying to accomplish. I had the same thing happen in 2019, so it's been going on for a long time. For me it happened with a handle that matches a decent .com domain I own when I was going around and registering accounts at every site I could think of (ie: brand protection).

As far as I'm concerned they got nothing that helps them determine whether or not I'm going to use the account for legitimate purposes. I also did not violate their terms of service because it was a brand new registration. I didn't even get an email. I had to figure out where to send the request to have my account reactivated.

I didn't like the idea of sending them a photo, but felt forced into it to make sure no one else could come along and squat on the handle that matches my brand. I don't have trademarks (yet) and, even if I did, claiming someone is violating a trademark is going to be a significant amount of effort vs sending them the photo they want.

So, I capitulated even though I have no idea what they're using my photo for. My best guess is that Mark has it framed and hanging in his private art studio.

I think there's a good chance that eventually big tech is going to run on massive facial recognition databases that were built against our will. I think Facebook, Google, Apple, and Microsoft should be chopped into about 10 different companies each and the government shouldn't give any consideration to the impact it has on their business. They have no respect for us. We shouldn't have any respect for them IMO.

too late - this is an active industry with lots of funding. Further I believe that "metaverse" is an attempt to link that auto-ID to place, with tracking and profiles of all sorts of meat-scale interactions. The calls to boycott "metaverse" in the USA could not come soon enough.

>eventually

Already does. It's just not a bread and butter component of every company's business yet.

We're already past the time where, in a few years, people will start pointing back and saying "well, if you don't like it, you should have done something then."

In fact, early Internet users typically had true names associated with universities, companies, and the government.

it's just the normie networks that want real names

https://en.wikipedia.org/wiki/Ring_of_Gyges

IMHO anonymous internet account names were fine with just universities and nerds and big smart tech companies. As soon as we forced everyone's cousins and uncles and grandpas on to the network we needed "real-names" because those new people... love 'em, but they're not baptized in punch cards.

When using your accounts, never use Firefox, since it's down to like 2% marketshare, and automatically suspicious, and never use privacy-oriented plugins like uBlock, which suspiciously alter how and how much your browser communicates with these sites. Also never buy anything online late at night (like after 1 AM). Apparently that's suspicious, since a lot of fraudsters are international.

It's incredible that these shitty ML hueristic systems are the best these "genius" FAANG developers, who get paid $150-300k a year, can come up with up. I love it when they or their loved ones get ensnared by these systems, like the Googler who threw a Twittertantrum when they locked his and his husband's Google Photos (or whatever they call it) account for "suspicious activity," and they lost thousands of photos. Pure lifefuel:

https://news.ycombinator.com/item?id=24791357

I think it gets personalized / fingerprinted fairly quickly TBH. For example, I have 2 identical (Linux + Firefox + uBlock Origin) VMs that I use over the same VPN connection. One of them gets almost no captcha challenges and the other gets them continuously. My subjective experience is that it's based on what you're searching for on Google or maybe due to hitting sites that Google might have flagged as malicious (guilt by association). It's tough to tell, but it sure feels like there's some type of cumulative score based on activity.

edit: whoops, I misread the parent. I swear I know the difference between various IP types!

And depending on what you mean by "lose liability protections" for ignoring valid takedowns, I'm pretty sure that applies to the specific item and they don't stop being a safe harbor in general.

I sent in the selfie and haven't heard back in over 6 months.

What if we had a centralized certificate authority that verified a person? Imagine you walk up to the DMV and get a private key (password). When you go to a website you generate a public key and send it to the website you visit. That website uses the public key it received to send a message to the certificate authority to verify you (true/false). Now Instagram knows you are real, but are you faking? I claim to be "First Last" to Instagram. Instagram encrypts "First Last" using the public key and sends it to the certificate authority. If the certificate authority is able to decode "First Last" using the private key then it returns (true/false).

Could we extend this to solve user privacy? What if users said "Track me all you want as long as you don't know who I am". Websites can still serve targeted ads but users get the privacy that you are incognito. Instagram now knows your name but they also want to be able to identify you across the internet. So Instagram could also ask the certificate authority for a "personId" that identifies the person across the internet. But now you say, wait now Instagram knows my name and all my activity through my "personId". This is where the Engineers come in. We would have to make any code or action that connects "personId" to a human _illegal_. You write the code, you go to jail. This burden would only fall on websites that ask for someone's human identifiers (name, address, common geolocations, etc.). But that code isn't needed anyway! There is no reason to store "personId" and "First Last" together because you can always get a "personId" when the user gives the public key to the website. So if someone ever writes that code / uses that data query it's punishable by law.

So now we have 1. Every website knows it's users are real 2. Every website can know a user is who they say they are 3. Every website can track unique visitors and their internet activity (while not knowing who they actually are) 4. Every user is completely "anonymous". Yes the information could get out, but only temporarily because any code (even a news article or blog) that contains this connection is illegal.

So, the government has control over your identity. If it wants to shut you down, it would just refuse to verify your certificate. And you'd instantly lose access to every website, bank account, phone number, etc. you had. The government would also automatically know every time you create any account anywhere - as they get a ping on their auth services. Does you trust in the government extend this far? Fo you have any politician you do not trust? Imagine he or she becomes in control of the system. Are you still OK with the government controlling the keys to your life?

Ok, let's assume it does. What happens when (note, I do not say if) somebody unauthorized gets access to the keys stored at the DMV? They'd be able to fake any identity the want to. And the only way to fix it is to force everybody (hundreds of millions of people) to re-certify. Imagine how well will that go.

> Track me all you want as long as you don't know who I am

There's massive body of research that indicates unless you take special measures, like injecting noise into the system, tracking can lead to identification in a very short time. Just think about it - tracking will immediately tell where you live, where you work, where you shop, which businesses you patronize, which music do you listen to, etc. etc. - how many people have exactly the same profile as you do? Likely not many. Now if at any point connected to your profile any piece of your identity leaks out - your anonymity is gone forever.

They will track your ip, device fingerprint, location and everything else. And they will try to figure out if it matches malicious activities like bot usage, scraping behaviour, etc and if yes, they will block your account.

In most cases, they don't even block your account but will play dumb. You will get page loading errors, insta app will say that your content couldn't be loaded, twitter will say that this browser isn't supported, etc.

> Your account has been disabled for violating our terms

I have experienced that same process on Facebook, with the same wording. However, I was never able to get anything after that.

In my case, I had deleted my facebook account a few years prior, and finally I was reluctantly making it again since I really needed access to a particular travel/region group.

What really blew my mind is that I had only gotten to do the very first step of account creation. I had not reached the point where I could have done or written (or posted or uploaded) anything objectionable. In essence, I "violated" their terms merely by signing up.

Basically, their sh*t is broken and deeply flawed, likely unintentionally but possibly _also_ intentionally.

The part I never saw discussed anywhere is how the f()ck was Instagram planning to "verify " my identity with a picture when I never uploaded anything?! What are they gonna compare the picture to?

I personally gave up on it and just bought an account online. I don't know how they did it but the companies selling accounts to failed influencers apparently figured out how to make them look legit. No clue how they do it because even linking my real cell number got me blocked in less than a week (I have had this number since before fakebook was founded btw)

Also, what the point of being so aggressive about verifying the accounts of people who don't post/comment/like anything and only view a handful of posts per day? I would understand it if viewing posts was possible without an account, but that's no longer the case. They force you to make an account just to view public posts.

Check out Bibliogram[0], an alternate front-end for Instagram. Most of their instances[1] are partially blocked, but you can still view the recent posts and zoom in on them.

[0]: https://sr.ht/~cadence/bibliogram/

[1]: https://git.sr.ht/~cadence/bibliogram-docs/tree/master/docs/...

I only can wish you good look against whatever "algorithm" they are using.

someone should try using "photograph of yourself, where you hold a piece of paper with the following, handwritten code on it: **" as a prompt on DALL-E/imagen

Some pretty convincing examples of this behavior can be seen at: https://twitter.com/JanelleCShane/status/1531624303770279937

Yet.

Otherwise, in certain social groups (especially young adults), Instagram is the main way to stay to stay in touch with friends, even just for the messaging app. So, not having an account means missing out on significant social connection for some (e.g. if it's the platform where the group chats are hosted).

It really depends on your friend group, though; for many people, their social groups just aren't on Instagram or social media very much or at all, so it's easier to quit because there's nothing to miss out on (so for these people, the verification would hardly be worth it).

It's a primary communication tool.

I also do a lot of photography and it's the place to show my work (at least if I remotely want and real reach).

Many people use Instagram for their business too, as it's the best way to reach their audience.

For the newer generation it's a mandatory tool for social validation. Not defending that it's good. But it is what it is.

Also a bunch of my younger ex-coworkers and I are only connected on Instagram, and even some of my business contacts. I literally just got an investment lead via Instagram.

I always found this a tad odd. Most people would only share flattering or happy pieces on social media so you cannot account for hardships or problems they are facing in real life which I assume would be one objective reason to keep up with family.

The other day, somebody here in Germany got visited by the police and had their phone confiscated because they "liked" a (admittedly nasty) tweet on Twitter. I firmly believe this has a chilling effect on society and we need an unsupervised space for free speech.

My years old Instagram blocked, although I had never posted anything, just looked at other people's posts some years ago.

There was an error message about me having violated their terms of service. Although it worked the last time I used it, and thereafter I did nothing for many years.

So I tried to create a new account. First I got "Internal Error, try again". And then, (I tried again), after having chosen a password and verified my email (a new address for a new account), there was an error like "Seems you're using an open proxy. If you think this is not the case ... blah blah".

I noticed that after enabling iCloud Private Relay on my phone, I get a _lot_ more CAPTCHAs very suspicious of my activity. This is both annoying and logical; a site's confidence in my existence / non-malevolence is much decreased when I don't appear from a consistent IP and the IPs that I appear from have a non-zero quantity of bad actors from which I must now be disambiguated.

This seems a classic example of a challenging problem of balancing privacy (wanting an option to be anonymous in my use of a service, including ones where I can post information or message others) with security (wanting to be sure that my counterparties are real humans unlikely to be malevolent or misrepresenting themselves). Service providers get slammed for errors on both sides.

That's not to give up on trying to solve it or suggest that the current status quo is optimal.

Going out on a limb here, I could imagine a solution where e.g. Private Relay users had egress from a special set of IPs that indicate to service providers that the originating user had indeed been identified/validated by Apple as authentic. Traffic inbound from these IPs could have a slightly relaxed threat posture. This is roughly in line with what Apple has been trying to do with Login With Apple; not just making it easier for users to sign in but helping reduce automated signups. An ideal component missing here would be a way to backchannel to Apple from a service provider "Hey, user $UID did a Bad Thing just FYI" to allow Apple to better risk-score Apple profiles/activity, obviously weighted by Apple for believability on the part of the service provider.

It's not that crazy if you think about it. Apple's user base is a juicy target demographic. Apple's "privacy focused" approach is reducing the insights of every other tech company. If they can get it to the point where the other big tech companies have nothing to distinguish legitimate users from bad actors they can make a huge identity and reputation play.

I doubt it would be private IPs or anything though. I think it's more likely that Apple assigns some type of trust/relationship score to each user based on Apple's view of them and then let's users opt in to some type of system where Apple vouches for them. Ex: I ask Apple for a short-lived token to attest to facebook.com or microsoft.com that I'm not a bad actor.

Apple's userbase would eat that up because they already think they're better than everyone else and now they'll be "rewarded" for that by getting a premium experience online.

That would also position Apple as the only company that could do super targeted advertising like Facebook does now.

From a couple of days ago: https://news.ycombinator.com/item?id=31751203

There would then also be presumably a way to interrogate a proxy for reporting back bad actions of a user by a service provider, with those attestations also signed by the service provider. (FLAGGED_AS_BOT, CHILD_PORN_TAKEDOWN, FINANCIAL_FRAUD, SPAMMING, OTHER_TOS_VIOLATION, etc) The service provider would pass in the UUID connection identifier which the proxy could then map back to the known user, weighted by the degree to which the proxy trusts the service provider's reports.

I decided twitter wasn't worth that kind of identity theft risk. Same thing this happening with instagram - I'm not sure why anyone would want to volunteer this information to these companies whose whole finance model is abusing your personal information.

I personally don't think any of these social media companies are worth sending pictures or ID to.

Your Facebook account is temporarily locked as a security precaution. Here's how you can get back in:

1. Try logging into your account and completing the recovery steps from a computer or mobile phone you’ve previously used to log into Facebook. You can start the recovery process here:

https://www.facebook.com/recover/initiate

2. If you're still having trouble regaining access to your account, please reply to this email and attach a certificate of incorporation or other proof of the legitimacy of your business, such as a:

- Utility bill

- Local business license (issued by your city, county, state, etc.)

- Tax filing

- Certificate of Formation (for a partnership)

- Articles of Incorporation (for a corporation)

Note: Your name must be on the document you submit.

If you haven't already, please also attach a copy of your personal ID. You can review what types of ID we accept and how to send your attachments over a secure connection here:

  https://www.facebook.com/help/183256078471165/?ref=cr

Thanks, The Facebook Team"

Thereafter I was getting weekly email reminders: "It looks like the information on xxx is inaccurate or out of date. Please verify the the information below for accuracy. If we don't hear from you by (two weeks), the information in question will be automatically updated."

That went on for over two years, and then the message changed to "Weekly Facebook Page update for xxx"

So it seems that Facebook will lock you out of your account if you delete their cookies from your browser and reset your password via email. They've decided that the email address they've already verified is insufficient proof of your identity, so they want you to send them a gold mine of PII to get back on. No thanks.

I think none of us fully understand the extreme levels of abuse a service like Insta (and several other services) have to deal with. It's abuse at scale and ever-changing, hence an endless cat and mouse game where non-transparent heuristics create false positives.

By the way, your method of verification (holding up a sign) is also common at porn sites. That's what my friend told me anyway.

I had to send the same pic of me holding license thing, it was intrusive. It took a few weeks to get through and eventually the replies just started coming back in Bangladeshi, and I could tell from the signatures where the support was taking place (as if the translate wasn't enough). I have an account now, but what a bullshit experience. Why not be more clear on requirements (i.e. age) and not even allow someone to put 1?

BTW, funny how half of HN hate FB, Google and Amazon, and the other half literally dream of working there.

Or build a better Instagram.

https://fediverse.party/en/pixelfed/

I specifically refuse to provide my phone number online because of privacy issues.

If I ever create an account for whatever reason I just rent a phone number ($0.20) once and hope I can secure the account with different means than only the number (Google Auth or so)

I never use a phone number twice :)

Glory to Arstotzka! Cause no trouble.

This is how Instagram finds out that I have only one finger on each hand. The middle ones.

At this point that's more noise than signal. Not ideal for you but I can see the problem. For whatever reason you met the bar for requiring more validation. If they had let you in then another N'000 fake accounts would have also passed the automated system. Someone else would be posting here, Reddit or Twitter explaining how Facebook had let in some bot and was posting fake and untruthful stories, on the internet no less.

I believe they know from onboarding processes what type of user is passive and the ones that will be CRAZY active. They do not want these passive users - no benefit. Try this:

1. A old android/iPhone

2. Dump about 50 contacts (you may google for VCF)

3. Open all sorts of yellow press - from dailymail to tmz etc. Make you browsing history rubbish. And give all permissions from location to notifications etc to every website.

4. Click on some non-prominent personality's IG/fb name in some website. When it prompts you to install IG from app store proceed further. Do on boarding with defaults (i.e) allowing all permissions.

5. Instead of following popular people only in IG, search and add random people.

6. Everynow and then just make some photos of some tree or rubbish and upload.

7. Keep this phone as a junk phone.

They why do they basically force you yo create an account just to view the content?

I am sure PR from IG would not want to write this directly in main page.

Just dont use them. If o go to a restaurant and they let me waiting standing up more than 20 minutes, I'll just go somewhere else. Why do people treat internet websites any different? (You dont lose anything for not having Meta)

What if that restaurant is the one where all your friends and family are waiting for you? Somehow over the last couple of years, your friends and family just gave up on all the other restaurants and only gather in this restaurant, even though everyone agrees that the food isn't very good, but out of convenience everyone settled for this one (and for the promotions that they had in earlier days). Actually many of the other restaurants closed because of these network effects and the owner of the famous restaurant got rich and arrogant, but now that everyone goes to this restaurant, it is hard to convince people to try something else.

If friends/family are already there, and as I said the restaurant is keeping me waiting at the door for more than 20 minutes? I'll freaking leave and SMS my friends to see them somewhere else.

Shit, if I HAD a job interview in said restaurant, the interviewer was waiting for me there and the restaurant blocked me from entering , I'll just call the interviewer to tell them the fact, and maybe even recommend the taco stand in the corner.

No freaking service is worth it. Not even Google, and I have all my emails since 2004 and docs in gdrive there. I'm a heavy FB user, but the moment they font want my data/usage to show me ads, I wont shed a tear.

That's what I do with people on FB. Only a tiny fraction of people is willing to try alternatives, no matter how much they learn about FB. The consequence is missed interactions, because I will not use FB in this life.

Not if that restaurant is THE place where all your friends hang out. Sure, probably you can convince your best friends to go to another place in order to meet you, but that inroduces friction if they actually prefer to go to the hip place.

There's this restaurant (Facebook) where all the cool people go to meet every night. Those meetings are so cool that, you know you just cannot miss them, otherwise you'll get out of touch.

You arrive to the reception, and the receptionist tells you that yep, the meeting you are looking for is going on, everybody is there. They even let you take a peek from outside and you see everyone is there.

But you just cannot participate now. You must provide the receptionist all your personal data, including a picture of you, your telephone number and a lot of other quite personal info... Oh, and you cannot lie because they will check everything with online databases.

You are annoyed, but you think it is worth it, at the end of the day John Carmack and other really amazing figures are sitting dinning there. So you give your information relucantly.

Then they let you in and, as you approach the dining area you realize that there's a VERY LOUD SOUND coming from a sound system. You pay attention to the sound and realize that it is basically a bunch of advertisements blasting one after another. The main problem is that the sound is so loud that you know it will interfere with your talk with other people in the table.

You sit down and start interacting with the party. You spend some time, talking loudly so that your stories can get through the advertisment noise. You share some pictures and anecdotes, and even find out that the person in front of you may want to buy the used bycicle you want to get rid of.

Suddenly as you are enjoying your steak and chatting about your home state with a random person, a waiter comes in along with a security guard and grab you by the arm. They won't tell you what happend, but they pull you out of the table and take you to the restaurant door. Once there (after the noise of the ads has diminished) you ask them what is going on, why did they take you out? They just say "sorry, you violated our terms and conditions, you have been banned" and close the restaurant door behind you.

So you are left outside lookig at the dinner. You either fight to get in again, or just go your home, fix some dinner and watch a movie. Is it worth it to knock on the door and try to argue your way to the restaurant? Where you know they will treat you really bad and the noise of advertisement is terrible?

This is where I argue that for me, it is not worth it at all. But for some reason we have been "desensitized" to lower our bar for online services. I don't think I would even stay in a restaurant that was blasting advertisements that interferred with my communication. Maybe I'm just grumpy and getting old.

As an individual, you lose the a network of people.

As a business, you lose exposure.

In your restaurant analogy, you are just going to a different one, but your friends are still inside.

I run or should I say I ran several Facebook pages with large audiences. I've verified my identity numerous times yet again and again I get a notice saying I can't post as I'm not authorized to post to large audiences (all pages I built from scratch). I DM support and they tell me to "check my browser" then spend 30 mins chatting to get to the problem and they can't offer any help. The funny thing is I can still post Ads for these pages but not post anything "organic". The platform has become annoying and very tiring to use.

Also, these kinds of stories fit well within the narrative of Meta === EvilCorp#1, but I always feel like there's a lot more going on than what is being told in these Ask HN/Tweets/etc. Like, how many accounts were attempted to be made in what time period coming from the same device/IP address/etc? Are the algos at Meta/FB/Insta so bad that legit users are honestly getting flagged like this?

This is speculative, but probably try to recover your Facebook account first (because it's already verified), and then choose the option to try and create an Instagram account based on your logged-in Facebook account.

I haven't tried this in practice as I haven't created a new account in a long time, so there's no guarantee this will work. If it doesn't, then unfortunately you would have to block off time to persistently follow the instructions as closely as you can (sending your photo and a note), likely over several days to create the account.

Ended up losing my IG account and learned valuable lesson that if I am not in control of my data I am not calling the shots either.

Wow, these people sure know how to write nice prompts for AI-driven image generation!

But this request seems like it's pretty vulnerable to a template photo of a person holding a piece of paper, where you'd edit the photo to overlay a photo of paper on which you've written the code.

I had never used Facebook during my earlier school years and wanted to jump on the (late) train to help socialliaze with other students at my uni.

I already hated Facebook at that time, but I seriously needed to make friends. I was planning never to upload anything of myself and only use it to check on social events and stuff like that.

I was reluctant to give them the usual personal information during registration, but those were generic info I already gave to lots of other websites so I complied.

After registration, I logged out and back in again, only to find out that there had been some kind of problem and that NOW I was required to upload a personal picture of myself so they can verify it really was me (despite me never having sent them any photo).

I knew they were trying to manipulate me with gambler's fallacy. I went this far giving them some info, surely it wouldn't hurt giving them a single personal picture?

This behavior felt so disgusting to me that I did not complete the account "recovery" process.

The funny thing is that if they had been honnest right from the start and required I uploaded a picture during the registering process, I may actually have used FB.

Reflecting back, I'm glad I did not use it. FB is a sinking ship that did more harm to society than good. And I did not need it to make friends at uni anyway.

But fewer Instagram accounts in this world is probably a good thing.

My feed only shows pictures of people that I don't know

https://news.ycombinator.com/item?id=31755825

On the last attempt I thought that I should feed the ML model with more data so I liked some pages and posted some random stuff to the profile. The account still works without any further activity besides using it to view content once very couple of moons.

I came to the conclusion that creating an account and not immediately using it is a ban. Just another reason to not use these platforms, they don't even want our business.

No idea what the reason for the ban was. I had never posted anything, had followed a few dozen people and would check out their posts occasionally.

Who knows? The IG account was linked to my FB account which I've been a more active user of for over a decade. This pretty much ended my desire to interact with FB since who knows if a mystery ban is on the way for that account too.

Zuck had a good run /shrug

"ADDICTED TO INSTAGRAM? says the ad.

Below is a poll with two options: YES and HOW’D YOU KNOW.

I tap my answer and the poll reveals its results.

Forty-nine percent clicked HOW’D YOU KNOW."

They know because they surveil your inner speech.

https://nplusonemag.com/issue-36/essays/my-instagram/

https://news.ycombinator.com/item?id=22962588

The worst part about it is not the deactivation itself but the fact that you can’t get support until you give them what they want otherwise they refuse to help.

How that’s an okay business practice is beyond me.

Since then when I click on a link to an Instagram post shared on FB they blocked me and demand I set up an account. But if I use a different web browser I can view those posts.

I rarely do that though. I just cannot give them the hit.

I told them to f-off, I still don't have an Instagram account.