social networking sites and privacy

While doing some research for work I came across this interesting piece by Roger Clarke via corante.

Through the 1990s, there was a recurring piece of pop-anthropology verging on an urban myth, referred to as 'six degrees of separation' (e.g. Matthews 2000). During 2003, apparently inspired by this idea, a number of companies released services to assist people to 'network'.

Many of these services encourage or even require that users provide information not only about themselves, but also about their friends or contacts. In some cases, users' address-books may be stored on the company's server, which is accessible over the Internet, and therefore from any Internet-connected device.

This paper provides a brief privacy impact assessment of such services. Its primary concern is not the privacy of the users who sign up for such schemes. That is a legitimate topic for an article as well; but those users are providing data about themselves consensually, and the risks and (lack of) protections are reasonably well-understood. This article instead focusses on a matter that is new, and of great concern: the privacy of other individuals whose data is volunteered to such services by its users.

I've only skimmed a portion of the paper but I found this statement very interesting:

Several of the sites display the Trust-e 'meta-brand'. Meta-brands were examined in an earlier article in this series (Clarke 2001), and their value was shown to be very close to zero.

I've always wondered if stuff like the Trust-e 'meta-brand' was any use. I shall have to go read this meta-brand paper.