When Private Information Isn't

Personal information is the fuel that powers Facebook, Twitter, Myspace, and the other social networks, attracting users and advertisers alike. But privacy activists and regulators are taking a close look at the way all that information is collected, used, and protected, and this scrutiny could result in strict rules for network operators.

These watchdogs are finding that operators have repeatedly left personal information and subscriber data vulnerable, leading to highly visible privacy snafus that exposed users to the risk of embarrassment, identity theft, or even stalking. In February of last year, for example, Google launched its social-networking service Buzz with default settings that revealed whom users were e-mailing frequently. (Google was forced to make a settlement with the U.S. Federal Trade Commission, requiring it to submit to independent privacy audits for the next 20 years.) Then, in June, a hacker exploited a bug to capture the names and profile photos of approximately 70 percent of Foursquare users in the San Francisco area over a three-week period, regardless of privacy settings. Similar problems and allegations have plagued other social-media websites.

This story is part of our July/August 2011 Issue
See the rest of the issue
Subscribe

State and federal legislation has been proposed to address these issues. A bill in Congress would greatly expand the FTC’s ability to regulate online privacy, defining e-mail addresses and precise geographical locations as personally identifiable information that must be adequately protected and compelling companies to get permission before they can collect medical and religious data.

Complying with these regulations could require social networks to make costly changes to their infrastructure. In addition, operators would be exposed to greater legal risk if they were caught collecting restricted data, whether accidentally or otherwise.

Not surprisingly, many social-network operators claim that they are complying with existing law and that more regulation is unwarranted, even counterproductive. They contend, for example, that users who face a slew of detailed questions about how they want access to their information controlled before they even start using a service may become confused and make poor privacy choices. Nevertheless, it seems likely that the freewheeling approach of the industry’s early days will be curtailed in some fashion before too long.

Want to go ad free? No ad blockers needed.

Become an Insider
Already an Insider? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.