From the Los Angeles Times, a particularly chilling story about social websites and third-party data:
Jane Yang, a 30-year-old marketing coordinator, was curious the other day to see what would turn up if she searched for herself on Reunion.com, a Los Angeles-based social networking site.
Sure enough, there was her name, which didn’t bother the Oregon resident all that much. Nor was she particularly troubled that her husband’s name was included under her “Friends & Family.”
What did startle Yang was seeing the name of her 4-year-old son.
What happened?
Jeff Tinsley, Reunion.com’s chief executive, said the company recently purchased records on millions of people from a data broker. But he said the broker, which he declined to identify, was instructed not to include anyone under 18.
“We have no idea how this happened,” Tinsley said.
Buried in the terms of service and privacy policies of many sites are such third-party data collection agreements. For example, Facebook’s privacy policy states “Facebook may also collect information about you from other sources, such as newspapers, blogs, instant messaging services…” Rapleaf, an upstart third-party data vendor, promises to “find information about people on the social web, on behalf of businesses and consumers.”
Information leakages, such as the one discussed in the LAT article, provide insight into the scope of third-party data collection operations. Amassing data from public and private sources, these databases correlate identities based on facets such as names, birthdates and location. Unlike credit or background databases, there appears to be no special regulation of these archives. Perhaps that will change, the more we’re confronted with our information.
