Released by  

In the short time that Social Roulette was active, 393 people pulled the trigger. Given the 1 in 6 odds, approximately 65 people should have had their accounts deleted.

In fact, all 393 people survived.

One side of Social Roulette is about discomfort with social networks, or ambivalence about digital identity. This manifested in the tweets and posts from people bashing Facebook or daring each other to play. But now we can reveal the other side: there was never any real danger, because on Facebook your identity is not really yours to play games with.


The Backstory

A few weeks ago, on April 20th, I saw Friend Fracker, a piece from Harper Reed and Rafael Lozano-Hemmer developed during Rhizome’s 7 on 7 conference. Friend Fracker randomly deleted a set of 1 to 10 friends. The element of chance was really refreshing, it made me wonder: is it really our data, our identity, our relationships, unless we can play games with them?

In 2009 the Web 2.0 Suicide Machine and Seuppukoo gave you the chance to delete all your social network activity and your account. That same year Whopper Sacrifice asked users to delete 5 friends to get a free Whopper. Whopper Sacrifice also posted to your timeline that you made the trade, parading your anti-social behavior in front of your remaining friends.

Deleting an account is one thing, but playing games with it is another. I wanted to combine the element of chance from Friend Fracker with the viral anti-social quality of Whopper Sacrifice, and up the stakes. That’s when Social Roulette was born.

I started researching the process of Facebook profile deletion, but was dismayed to discover how difficult the process was. While you can “deactivate” your account, it doesn’t mean anything even vaguely similar to “deletion” as we usually mean it. If you really dig into the Facebook support site, there’s an obscure form that will let you permanently delete your account after a mandatory waiting period.

This made me feel like my information was hardly mine to delete by hand, much less in an automated way. Sure enough, anyone suggesting otherwise, including The Suicide Machine, Seppukoo, Whopper Sacrifice, and Friend Fracker were all shut down shortly after launch.


The Trick

Still, there was something irresistible about the idea of playing russian roulette with your Facebook profile. I kept sharing the idea with friends, until finally on May 9th I mentioned it during a F.A.T. Lab panel at CLICK Festival. After the panel, Jonas Lund had an essential insight: the site didn’t actually have to “work”. From that moment, it was clear that the most important theme wasn’t frustration with social networks, but our inability to own our data.

Over the next four hours we developed Social Roulette, with Jonas Jongejan joining and creating an animation for the spinning chamber. The experience was carefully crafted.

The visual aesthetic of the site is driven by the startuppy Web 2.0 look of Bootstrap, stolen directly from Kapeli Dash.

The palette was stolen from Facebook (#3b5998, #8b9dc3, #f7f7f7, #dfe3ee) and the Facebook logo was used in the original Social Roulette logo. Facebook has strict branding usage guidelines and has been known to take legal action against sites using the word Facebook. We were hoping the logo and palette would be enough to invite attention without the legal action associated with using the word “Facebook”.

In keeping with the spirit of the game itself, the quote, testimonials, and screenshot were all fabricated. One avatar chosen for the screenshot was recognizable enough to get a few people questioning the user’s involvement. Similarly, we faked the like button (which we quickly removed when the real like count surpassed the fake one).

We asked for as many permissions as possible to create the impression of genuine danger.




We started the @roulettenet Twitter as a backup, hinting at the hoax by tweeting a quote from Dirty Harry just before it’s revealed there are no bullets in the chamber.

Facebook’s Response

We launched the next day at 11 AM EDT, and had our Facebook API key revoked in less than four hours by an automated system that flagged our app for “creating a negative user experience”.




A few hours later Facebook wrote us an email outlining three reasons we were shut down:

  1. We auto-posted on behalf of users (even with the warning of the possible post, Facebook doesn’t support this behavior).
  2. We misused the Facebook branding.
  3. We used a fake developer account named John Smith (because none of us were willing to risk our own accounts for real).

We talked over possible directions to head next, everything from making it into a real service that bypasses the Facebook API to just giving up. We decided that we would try to abide by Facebook’s standards, seeing as we weren’t doing anything wrong, and see if the app would be allowed anyway.

It wasn’t.

After relaunching a few days later, solving all three issues above, we had our new key revoked in less than three hours. This time, we used my account as the app developer, so I was greeted with an ominous warning that my “account might not be real” when I tried logging in. Facebook never followed up with a description of the conditions we had violated. It turns out even the suggestion of being able to play games with your profile is off-limits.

The Aftermath

Almost no one picked up on the fact that the entire premise of the site was impossible. The exception being a few people on Hacker News. But otherwise the news media was happy to report what we told them. They asked “Does it really delete your account?” and we responded by saying “If the Facebook logo lands on that 1 in 6 spot, you will no longer have access to your account.”

Here is the content of our random number function roulette.php:


  function roulette() {
    return 1;

(The bullet always lands just to the right of the barrel.)

When they asked “How does it work exactly?” we said “While we’ve posted almost all our code to GitHub, we’ve decided to keep the exact implementation details of the deleteFacebookAccount() private.”

Here is the content of deleteFacebook.php:


  function deleteFacebookAccount($user) {
    return "deleted";

In spite of the hoax, it created some real trepidation, stress, and reflection for a few hundred people. One of my favorite responses came from a friend who played (and survived, of course). He wrote “My heart was thumping. But Now I feel I can delete my Facebook account any time.”

Social Roulette was a performance disguised as a game. Not only do we talk about deleting our digital identities, but we believe they’re ours to delete, or to play games with. In fact, even suggesting that we own our digital data will get you shut down.


  1. David says:

    This is glorious, nicely done.

    A few months ago I wrote a bookmarklet to bulk delete posts from Facebook. It’s all client-side, so it can’t get revoked, and I never ran into any rate limiting while cleaning out my personal profile. See the link attached to this post.

  2. minuseight says:

    Really good project. Like it a lot. Facebook privacy policy is awful and no body cares..

  3. […] Idee eines sozialen Freitods so faszinierend und amüsant, dass wir ganz übersehen haben, dass wir hinters Licht geführt wurden. Am Ende stirbt man nämlich gar nicht. Voll blöd. Oder auch nicht. Je nach […]

  4. […] The story behind Social Roulette. People thought they were putting their digital identity at risk, but it was also about showing that people don’t own that identity in the first place. […]

The expressions published in this site are all in the public domain. You may enjoy, use, modify, snipe about and republish all F.A.T. media and technologies as you see fit.