Policy details

Change log


Change log


Current version

Jun 26, 2024
Jun 30, 2022
Mar 26, 2021
Dec 17, 2020
Oct 30, 2019
Policy Rationale
We recognize that the safety of our users includes the security of their personal information, accounts, profiles and other Facebook entities they may manage, as well as our products and services more broadly. Attempts to gather sensitive personal information or engage in unauthorized access by deceptive or invasive methods are harmful to the authentic, open and safe atmosphere that we want to foster.
We do not allow:

Attempts to compromise or access accounts via unauthorized means, including:

  • Accessing accounts, profiles, or other Meta, Inc., entities other than one’s own through deceptive means or without explicit permission from the account, profile, or entity owner.
  • Obtaining, acquiring or requesting another user’s login information, personal information, or other sensitive user information for the purpose of unauthorized access, including through the following tactics:
    • Phishing, defined as the practice of creating communications or websites that are designed to look like more trusted or reputable communications or websites for the purpose of fraudulently acquiring sensitive user information.
    • Social Engineering, such as repeated or consistent attempts to harvest or acquire the answers to common account or password recovery questions.
    • Malware, Greyware, Spyware or other malicious code, as described below.

Attempts to share, develop, host, or distribute malicious or harmful code, including:

  • Encouraging or deceiving users to download or run files, apps, or programs that will compromise a user’s online or data security, including, but not limited to:
    • Malware, defined as code or software designed to harm or gain unauthorized access to systems. This includes programs designed to harm computer systems, as well as software designed to extract money from victims, like ransomware.
    • Spyware, defined as code or software that collects data on users and sends it to third parties without the informed consent of the user, or that uses the data for illicit purposes (e.g., sextortion, blackmail, illicit access to systems).
    • Greyware, defined as code or software which detracts from the use of hardware or software and may be difficult to remove from a computer system or network.
  • Creating, sharing or hosting malicious software including browser extensions and mobile applications, on or off the platform that put our users or products and services at risk.
  • Sharing or advertising software or products that enable people to circumvent security systems, including software that encourages hacking of software, passwords, or credentials
  • Providing online infrastructure, including web hosting services, domain name system servers and ad networks that enables abusive links such that a majority of those links on Facebook or Instagram violate the spam or cybersecurity sections of the Community Standards.
User experiences

See some examples of what enforcement looks like for people on Facebook, such as: what it looks like to report something you don’t think should be on Facebook, to be told you’ve violated our Community Standards and to see a warning screen over certain content.

Note: We’re always improving, so what you see here may be slightly outdated compared to what we currently use.

Universal entry point

We have an option to report, whether it's on a post, comment, story, message, profile or something else.

Get started

We help people report things that they don’t think should be on our platform.

Select a problem

We ask people to tell us more about what’s wrong. This helps us send the report to the right place.

Check your report

Make sure the details are correct before you click Submit. It’s important that the problem selected truly reflects what was posted.

Report submitted

After these steps, we submit the report. We also lay out what people should expect next.

More options

We remove things if they go against our Community Standards, but you can also Unfollow, Block or Unfriend to avoid seeing posts in future.

Post-report communication
Update via notifications

After we’ve reviewed the report, we’ll send the reporting user a notification.

More detail in the Support Inbox

We’ll share more details about our review decision in the Support Inbox. We’ll notify people that this information is there and send them a link to it.

Appeal option

If people think we got the decision wrong, they can request another review.

Post-appeal communication

We’ll send a final response after we’ve re-reviewed the content, again to the Support Inbox.

Takedown experience
Immediate notification

When someone posts something that doesn't follow our rules, we’ll tell them.

Additional context

We’ll also address common misperceptions and explain why we made the decision to enforce.

Policy Explanation

We’ll give people easy-to-understand explanations about the relevant rule.

Option for review

If people disagree with the decision, they can ask for another review and provide more information.

Final decision

We set expectations about what will happen after the review has been submitted.

Warning screens
Warning screens in context

We cover certain content in News Feed and other surfaces, so people can choose whether to see it.

More information

In this example, we give more context on why we’ve covered the photo with more context from independent fact-checkers


We have the same policies around the world, for everyone on Facebook.

Review teams

Our global team of over 15,000 reviewers work every day to keep people on Facebook safe.

Stakeholder engagement

Outside experts, academics, NGOs and policymakers help inform the Facebook Community Standards.

Get help with cybersecurity

Learn what you can do if you see something on Facebook that goes against our Community Standards.