diff --git a/apps/facebook/tests/test_forms.py b/apps/facebook/tests/test_forms.py
index 4a8b9580..3d47b592 100644
--- a/apps/facebook/tests/test_forms.py
+++ b/apps/facebook/tests/test_forms.py
@@ -2,10 +2,11 @@
 
 from nose.tools import eq_, ok_
 
-from facebook.forms import (FacebookAccountLinkForm, FacebookBannerInstanceForm,
-                            LeaderboardFilterForm)
-from facebook.tests import (FacebookBannerFactory, FacebookBannerLocaleFactory,
-                            FacebookUserFactory)
+from facebook.forms import (BannerInstanceDeleteForm, FacebookAccountLinkForm,
+                            FacebookBannerInstanceForm, LeaderboardFilterForm)
+from facebook.tests import (FacebookBannerFactory,
+                            FacebookBannerInstanceFactory,
+                            FacebookBannerLocaleFactory, FacebookUserFactory)
 from shared.tests import TestCase
 from users.tests import UserFactory
 
@@ -117,3 +118,20 @@ def test_filter_country(self):
 
         form = LeaderboardFilterForm({'country': 'us'})
         eq_([user1, user3], list(form.get_top_users()))
+
+
+class BannerInstanceDeleteFormTests(TestCase):
+    def test_validate_user_owns_banner(self):
+        """
+        The delete form must validate that the user passed in the constructor
+        owns the banner instance.
+        """
+        user = FacebookUserFactory.create()
+        instance1 = FacebookBannerInstanceFactory.create(user=user)
+        instance2 = FacebookBannerInstanceFactory.create()
+
+        form = BannerInstanceDeleteForm(user, {'banner_instance': instance1.id})
+        ok_(form.is_valid())
+
+        form = BannerInstanceDeleteForm(user, {'banner_instance': instance2.id})
+        ok_(not form.is_valid())
diff --git a/apps/facebook/tests/test_views.py b/apps/facebook/tests/test_views.py
index e65910ac..36825452 100644
--- a/apps/facebook/tests/test_views.py
+++ b/apps/facebook/tests/test_views.py
@@ -455,3 +455,24 @@ def test_post_id(self, success):
         response = self.post_banner_share(post_id=999)
         self.assert_redirects(response, 'http://mozilla.org')
         ok_(success.called)
+
+
+class BannerDeleteTests(TestCase):
+    def setUp(self):
+        self.user = FacebookUserFactory.create()
+        self.client.fb_login(self.user)
+        FacebookBannerInstanceFactory.create(user=self.user)
+
+    def _delete(self, **kwargs):
+        with self.activate('en-US'):
+            return self.client.post(reverse('facebook.banners.delete'), kwargs)
+
+    def test_dont_delete_if_user_doesnt_own_banner(self):
+        instance = FacebookBannerInstanceFactory.create()
+        self._delete(banner_instance=instance.id)
+        ok_(FacebookBannerInstance.objects.filter(id=instance.id).exists())
+
+    def test_delete_if_user_owns_banner(self):
+        instance = FacebookBannerInstanceFactory.create(user=self.user)
+        self._delete(banner_instance=instance.id)
+        ok_(not FacebookBannerInstance.objects.filter(id=instance.id).exists())