In July 2010 security consultant Ron Bowes used programming code to scan Facebook profiles and collected data over 100 million users who did not use privacy settings to protect their information. Once the data collection was complete, he uploaded the file on the web and made the file freely available for download.
Bowes did omit certain information in his file that would be deemed by most to be 'personal' such as phone numbers and addresses which may have been visible (it is not clear whether or not he collected it or just chose not to keep it in the file), however the file did contain the URL, user name and unique ID of every member not masked by privacy settings.
Immediately thousands of web downloads ensued with people eager to grab the information either out of curiosity, to see if their own name was listed or to take the list for more sinister intentions.
When Bowes took the information and made it into a nicely concise file, this act ignited a whole new round of privacy discussions, especially those related to Facebook. The company had already recently taken a large amount of disapproval in the media and as a result, once again Facebook is facing criticism about privacy issues, which seems to be a common theme for the company in 2010.
Bowes had claimed he published the file to highlight privacy issues, and Facebook responded to Bowes' actions by stating the information was freely available anyway. The company released a public statement which said "People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want". The company made it clear that no privately set data was compromised.
Basically their stance is users had either chosen not to use or did not properly use privacy controls offered by the social networking giant, in which they do have a valid point. However on the same token the company hasn't always exactly made their privacy controls easy to navigate and there have been enough instances when Facebook tweaked their features, all set privacy controls set were wiped out for many users and the default reset, unbeknownst to the member.
The act of publishing such a large neatly packaged file raises huge privacy issues as it does not take a rocket scientist to visit the URLs and subsequently claim all the information which is readily available, which could put 100 million Facebook users at privacy risk thanks to Bowes' actions. Without the consolidated list, this information would take a lot of time to compile and people may have remained quietly in their corner of the web, however all it takes is one able individual to write code and now thousands have a nice starting point if they wanted to use the information for illicit reasons. In this respect Bowes proves his point.
Many have long argued that public information listed on Facebook or any other website is no different than collecting all the names out of a phone book or from various other agencies which maintain public information on people. The thing is there is a difference because with the 'offline' way of collecting public information, there is typically a paper trail or some sort, unlike a social network like Facebook. Phone books carry limited amounts of details and is tedious to sort through, but a network with 500 million members and a variety of information is like finding a gold mine because it is clean, neat and ready for use, and little research required.
Granted people should ideally take control over their own information on their own, but the unfortunate reality is many do not understand or don't bother as social networks tend to give a 'small town' feeling, when the truth is there is a whole world out there watching.
However, if Facebook were to reset the default to stricter privacy and let users decide what to share, this could resolve many of the privacy issues and the company could begin to position and market themselves as one who cares about user privacy, which can't be a bad thing from a business perspective.
It will be interesting to see how this one plays out. Either Facebook will get a clue and step up with more force at the proverbial plate to protect their 500 million members or they'll divert the issue and release a new feature, users will get excited, and business will carry on as usual.
Sources:
http://www.bbc.co.uk/news/technology-10796584
http://www.cbsnews.com/8301-501465_162-20012031-5014 65.html