The Wall Street Journal has a story that shows exactly why strong legislation is needed to protect consumers’ rights online: “Facebook, MySpace and several other social-networking sites have been sending data to advertising companies that could be used to find consumers’ names and other personal details, despite promises they don’t share such information without consent.” Other social-networking sites involved are: LiveJournal, Hi5, Xanga and Digg.
The practice, which most of the companies defended, sends user names or ID numbers tied to personal profiles being viewed when users click on ads. After questions were raised by The Wall Street Journal, Facebook and MySpace moved to make changes. By Thursday morning Facebook had rewritten some of the offending computer code.
Advertising companies are receiving information that could be used to look up individual profiles, which, depending on the site and the information a user has made public, include such things as a person’s real name, age, hometown and occupation.
Several large advertising companies identified by the Journal as receiving the data, including Google Inc.’s DoubleClick and Yahoo Inc.’s Right Media, said they were unaware of the data being sent to them from the social-networking sites, and said they haven’t made use of it. […]
The sites may have been breaching their own privacy policies as well as industry standards, which say sites shouldn’t share and advertisers shouldn’t collect personally identifiable information without users’ permission. Those policies have been put forward by advertising and Internet companies in arguments against the need for government regulation. […]
But Facebook went further than other sites, in some cases signaling which user name or ID was clicking on the ad as well as the user name or ID of the page being viewed. By seeing what ads a user clicked on, an advertiser could tell something about a user’s interests.