When Private Information Isn't

Personal information is the fuel that powers Facebook, Twitter, Myspace, and the other social networks, attracting users and advertisers alike. But privacy activists and regulators are taking a close look at the way all that information is collected, used, and protected, and this scrutiny could result in strict rules for network operators.

These watchdogs are finding that operators have repeatedly left personal information and subscriber data vulnerable, leading to highly visible privacy snafus that exposed users to the risk of embarrassment, identity theft, or even stalking. In February of last year, for example, Google launched its social-networking service Buzz with default settings that revealed whom users were e-mailing frequently. (Google was forced to make a settlement with the U.S. Federal Trade Commission, requiring it to submit to independent privacy audits for the next 20 years.) Then, in June, a hacker exploited a bug to capture the names and profile photos of approximately 70 percent of Foursquare users in the San Francisco area over a three-week period, regardless of privacy settings. Similar problems and allegations have plagued other social-media websites.

This story is part of our July/August 2011 Issue
See the rest of the issue
Subscribe

State and federal legislation has been proposed to address these issues. A bill in Congress would greatly expand the FTC’s ability to regulate online privacy, defining e-mail addresses and precise geographical locations as personally identifiable information that must be adequately protected and compelling companies to get permission before they can collect medical and religious data.

Complying with these regulations could require social networks to make costly changes to their infrastructure. In addition, operators would be exposed to greater legal risk if they were caught collecting restricted data, whether accidentally or otherwise.

Not surprisingly, many social-network operators claim that they are complying with existing law and that more regulation is unwarranted, even counterproductive. They contend, for example, that users who face a slew of detailed questions about how they want access to their information controlled before they even start using a service may become confused and make poor privacy choices. Nevertheless, it seems likely that the freewheeling approach of the industry’s early days will be curtailed in some fashion before too long.

Want to go ad free? No ad blockers needed.

Become an Insider
Already an Insider? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.