Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Personal information is the fuel that powers Facebook, Twitter, Myspace, and the other social networks, attracting users and advertisers alike. But privacy activists and regulators are taking a close look at the way all that information is collected, used, and protected, and this scrutiny could result in strict rules for network operators.

These watchdogs are finding that operators have repeatedly left personal information and subscriber data vulnerable, leading to highly visible privacy snafus that exposed users to the risk of embarrassment, identity theft, or even stalking. In February of last year, for example, Google launched its social-networking service Buzz with default settings that revealed whom users were e-mailing frequently. (Google was forced to make a settlement with the U.S. Federal Trade Commission, requiring it to submit to independent privacy audits for the next 20 years.) Then, in June, a hacker exploited a bug to capture the names and profile photos of approximately 70 percent of Foursquare users in the San Francisco area over a three-week period, regardless of privacy settings. Similar problems and allegations have plagued other social-media websites.

State and federal legislation has been proposed to address these issues. A bill in Congress would greatly expand the FTC’s ability to regulate online privacy, defining e-mail addresses and precise geographical locations as personally identifiable information that must be adequately protected and compelling companies to get permission before they can collect medical and religious data.

Complying with these regulations could require social networks to make costly changes to their infrastructure. In addition, operators would be exposed to greater legal risk if they were caught collecting restricted data, whether accidentally or otherwise.

Not surprisingly, many social-network operators claim that they are complying with existing law and that more regulation is unwarranted, even counterproductive. They contend, for example, that users who face a slew of detailed questions about how they want access to their information controlled before they even start using a service may become confused and make poor privacy choices. Nevertheless, it seems likely that the freewheeling approach of the industry’s early days will be curtailed in some fashion before too long.

0 comments about this story. Start the discussion »

Credit: Congressional Quarterly via Getty Images

Tagged: Web

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me