In light of Facebook’s recent privacy settings overhaul, it should be clear to everyone that social networking websites are seeking to open up their userbases to the world. There is a good incentive for them to do so. The more information that is publicly searchable, the more attractive websites become for marketers. Of course, it would be downright foolish for a company like Facebook to come right out and say this to its users. People may be willing to give up their privacy in exchange for something of value, but they won’t do it if they don’t feel protected in other ways. That’s why so many companies have put up a mere facade of privacy, or as entrepreneur Rohit Khare calls it, “Privacy Theater.”

In a recent guest post for TechCrunch, Mr. Khare, who is the co-founder of Angstro and an award-winning Internet researcher, expounded upon the notion of “Privacy Theater,” explaining just how social networking websites are only pretending to protect user privacy. Khare begins his blistering column talking about the recent hacking of social networking app developer, RockYou.

From the post:

Last week’s headlines brought news that RockYou had accumulated 32,603,388 identities over the past few years — and negligently stored them in plaintext in an incompetently protected database.

RockYou’s official bluster about “illegal intrusion” should fool no one: blaming Imperva, the firm who exposed the flaw, or accusing the hacker(s) of being the identity thieves is misdirection: it was actually RockYou who stole those credentials, and RockYou should be held to account.

I realize that I’m using the incendiary terms “identity theft” and “stole,” even though I would agree that users voluntarily consented to type their passwords into RockYou’s forms. I assume that both users and RockYou’s developers actually only intended to share some particular bits of information: a contact list, a user photo, a friend’s gender; but the bottom line is that instead of sharing that specific data, RockYou retained enough secrets to impersonate those users at will.

[...]

The fault, dear Reader, is not in our stars; it lies with sites that pretend to waive all care and duty by idly warning their users not to share their account passwords with anyone else.

In the absence of vigorous enforcement of those ToS agreements, any RockYou developer who passed up the opportunity to, say, phish MySpace passwords was putting their own employer at a disadvantage to any other startup that was willing to race them to the bottom.

Khare goes on to explain how Personally-Identifiable Information (PII) is distributed freely in order for social networking websites to function.

If PII is so hard to protect, then the only way for social networks to protect their users’ privacy must be to prohibit partners from accessing contact information in the first place. I might not be able to export my holiday card mailing list from my favorite social network— a roach motel for our data — but giant marketing corporations can buy and sell our private information with impunity.

[...]

Now, merely indexing public web pages can’t be evil—but reconciling online identities and 3rd-party advertising cookies with real-world credit reports, government records, and other databases can be. Adding in all that information doesn’t increase Mr. Smith’s anonymity; Jeff Jonas has made a small fortune proving that semantic reconciliation dramatically collapses uncertainty. Just think about combining Spock’s 100M profiles with Intelius’ 20B other data points; or Wink’s 200M profiles with Reunion MyLife’s 34M members and 700M records…

Khare closes his editorial with a warning that government regulation is coming if the Internet industry doesn’t take proactive steps to fix its epidemic privacy problems.

If the industry expects self-regulation to forestall government regulation, well, here’s what I think it would take: An immediate ban on all of RockYou’s applications by all of their partners, pending a public audit of all of their apps. That’s taking a page from the audit provisions of LinkedIn’s ToS and adding sunlight by publishing the results.

Sounds harsh? I thought the market was supposed to provide swifter, surer justice than some pesky regulator with its clunky old notions of due process and presumptions of innocence. API agreements are a private matter between ruthless corporations. Heck, if they really wanted to put the rest of the ecosystem on notice, they ought to audit every application funded by Sequoia, Partech, DCM, and Softbank, all lead investors in RockYou.

It’s not like lawsuits are being filed, as Marissa Mayer announced by going after work-from-home scam artists in an interview with Mike Arrington at LeWeb. It’s not like this is Scamville 2.0, since this isn’t stealing users’ cash, only their dignity. It’s not like there’s a legal spotlight on the issue, since there’s only $9M set aside for a hazy new privacy foundation in the latest Facebook class-action settlement. It’s not like it’s a political issue in the headlines, since a Facebook Chief Privacy Officer is running for Attorney General, the top law-enforcement office in California. It’s not like it’s as complicated as “don’t be evil,” since I can give you one simple tip to eliminate privacy theater: enforce your ToS and obey others’ ToS — or else stop setting unrealistic expectations and just let users have their data back!

While, I have cherry-picked a few selections of Mr. Khare’s piece, I highly recommend you read the whole article at TechCrunch. It is undoubtedly one of the best and most thoughtful summations of the state of our digital privacy I’ve ever read.

As 2009 comes to a close, many analysts around the web are taking time to reflect on the first decade of the new millennium. Rather than looking into the wayback machine for ourselves, however, we thought it might be fun to do a wrap-up of some of the best reviews of the decade floating around the Internet.

Curious about which social networking website had the greatest impact in the 2000′s? Wondering what year Facebook took off and MySpace began to lose popularity? Look no further, because we’ve compiled the best analysis of Internet trends and news from the decade that Time Magazine has called the “Decade from Hell.”

Mashable Says YouTube is the Top Social Media Innovation of the Decade

According to Mashable, no social media website had a bigger impact than YouTube. While I would argue that Facebook and its 350 million users make a pretty strong case, it’s hard to argue with Adam Ostrow’s logic.

From the post:

YouTube didn’t even exist for more than half the decade, but a perfect storm of increasing bandwidth, advances in Flash, and the rise of social networks (where YouTube content could be embedded) made 2005 the perfect time for the site to make its debut. The growth was meteoric, and within 18 months, the website became one of the most trafficked on the web and the company was sold to Google for $1.6 billion.

Ostrow goes on to point out the numerous specific ways that YouTube has had an impact on our culture, citing the rise in citizen journalism (felt nowhere more strongly than during this year’s Iranian election protests), the ability to become an overnight celebrity (countless “YouTube stars” have extended their 15 minutes of fame), and the move by television companies and movie studios to release content to YouTube (and its competitor Hulu).

While I don’t spend as much time on YouTube anymore, I’ll be the first to admit that I used to waste many hours on the site. When I’m looking for an old TV commercial, music video, cartoon, or whatever hot viral video is sweeping the web, YouTube is the first place I turn. That definitely makes it an important social media innovation in my book.

The Village Voice Says Social Media Ruined the Internet

In an amusing twist on the typical reflection article, the folks at The Village Voice have been compiling ten reasons why 2000 to 2009 sucked. To close their list, they’ve decided to explain how social media ruined the Internet. Picking apart many of the things that have come to define the web as we now know it, The Village Voice article saves its most vehement criticism for blogs. In particular, the Voice discusses how, in the early days, most blogging revolved around attacking public figures.

From the post:

Online Journalism Review called 2004 “the year bloggers made a difference,” not because it had improved the national discourse, but because it had destroyed the career of Dan Rather. When bloggers helped take down Trent Lott, John Podhoretz called him “The Internet’s First Scalp,” and exulted, “there’s nothing more exciting than watching a new medium mature before your eyes” — as if the ability to ruin a politician, as newspapers had done for decades, were a sign of maturity.

Since 2004, blogging has definitely become a more refined and generally accepted form of communication. Unfortunately, the problem of defamation online hasn’t abated. While some victims of anonymous slander have successfully argued their cases in court, the vast majority of individuals don’t have the time and resources needed to fight back against cyberbullies. In the new decade, it will be interesting to see how the law changes to protect individuals from having their reputations damaged on the web.

Howard Kurtz of the Washington Post Talks About “The Evolution of Media in the Awful Aughts“

Many pundits have talked about the death of traditional media thanks to the evolution of digital technologies, but few have done so as eloquently as the Washington Post’s Howard Kurtz. In his two-page analysis of the past decade, Kurtz explores how the traditional media model has drifted away from hard reporting toward sensationalistic tabloid journalism and how the business model for print content is no longer viable in the Internet age.

Conversely, Kurtz discusses how new media technology, despite its occasional clunkiness and privacy lapses, has made information gathering more efficient and opened up communications for the masses.

From the post:

If the declining health of the traditional media is the barometer, the ’00s have been an unmitigated bummer. But the past decade has also brought such digital delights as Twitter, where I learn new things every day. Those posting there provide links to stories that eluded my radar, striking observations about the news, zingers in ongoing debates, and perhaps a funny line or two. Many of those I follow are journalists and pundits, but some are regular folks who have dived into the rolling conversation, no credentials necessary.

Sometimes I think back to the cumbersome business of information-gathering when you actually had to call people rather than pinging them by e-mail. I can remember searching for ancient newspaper articles on microfilm; going to the Justice Department to pore over lobbying records; visiting C-SPAN to watch videotapes of campaign commercials from far-flung local races. Now huge storehouses of knowledge are available with a couple of mouse clicks.

It’s no surprise that drunk driving arrests increase around the holidays. Between the Christmas eggnog and the New Year’s champagne, there are more people on the roads who’ve had one too many celebratory libations. To help cope with this problem, some law enforcement agencies have turned to the web for creative solutions. A recent CNET article highlights the efforts of law enforcement officers in Montgomery County, Texas.

According to the CNET article, anyone who gets arrested for suspicion of drunk driving from Christmas Eve to New Year’s Eve will have their names featured publicly on the Twitter page of Montgomery County Texas District Attorney Brett Ligon. Naturally, this has led some to criticize Montgomery County law enforcement for disregarding the constitutional right to due process and effectively bypassing the innocent until proven guilty mentality that makes the U.S. Justice System the finest in the world.

In November, we wrote about a new effort from the Honolulu Police Department to feature suspected drunk drivers on the department’s website. At the time, I wrote that this approach was flawed and that, while drunk driving is a serious crime with serious consequences, it should not be prosecuted “at the expense of personal liberty.” In the Montgomery County case, I believe the same logic applies. Whatever good can come of sharing a suspect’s name on Twitter is undone by the long-term damage it can potentially cause to personal reputations.

What about the drunk driving suspect who is found not-guilty? Will there be an additional tweet sharing their innocence? If an individual is found guilty, will there be a tweet sharing their regret for their actions and the progress they’re making on their community service? Individuals shouldn’t be forced to relive their mistakes online for the rest of their lives. Finding ways to use social media to help enforce the law is a noble pursuit and one which we should all support, but this initiative falls short.

In many ways, 2009 was a banner year for social media. While pioneering sites like Friendster were forced to finally cut their losses and sell, others, like Facebook, eclipsed 350 million users, setting a new precedent for social networking websites. With its 140 character “tweets,” Twitter brought micro-blogging to the masses, becoming one of the most talked about new companies in the world in the process.

Will social media continue to expand in 2010? Most experts agree that social media is more than just a fad, and will continue to be an integral part of our lives in the years to come. Perhaps nowhere will the importance of social media be felt than in the area of personal branding and online reputation management.

Recently, in a guest column for ZDNet, ReptuationDefender CEO Michael Fertik shared his social media predictions for the new year, and why he believes that 2010 will be the year of “Atomic Branding.” Check out Michael’s insights here and feel free to share your own thoughts on the future of social media in the comments.

It’s that time of year again. Yes, time to reflect back on the previous 12 months and determine what you’d like to do better. Time to put your best foot forward in the year to come, keeping in mind new goals, things you’d like to keep the same, or items you plan to do only slightly different. We at Reputation.com like to put our best foot forward in the new year too – our digital foot – so we’ve compiled a list of seven simple to-do items to keep our online reputations spotless and protect our digital privacies. Feel free to follow in our footsteps!

1. Turn on cookie notices in your Web browser.

Cookies are information that websites can store on your computer, preventing you from having to type in the same information every time you visit a website. Some cookies are used to monitor what types of sites you visit and items you buy online, a process called data mining, A few browsers, including Netscape and Internet Explorer, allow you manage cookie settings and select what cookies you’d like to have or not have on your computer. Also, you can use easy-to-find cookie management software, such as www.adsubtract.com for Windows.

2. Know your online privacy settings and use them.

This is a simple yet effective idea and an opportunity for you to learn a little about how protected – or unprotected – you really are. Recently, we shared a complete guide to Facebook’s updated privacy settings. Check them out here. Here’s a helpful website for turning on privacy settings for MySpace. It’s a good idea to explore the settings of each site before you begin actively using them.

3. Use a temporary credit card number for online purchasing.

Though the Christmas rush to purchase presents online is past, it’s always a good idea to follow this suggestion. Call your credit card provider to determine if they can issue a temporary number with a preset spending limit and impending expiration date. To stay even more secure, try and pay with cash whenever possible.

4. Set up a separate account for your personal e-mail.

If you haven’t done this already, it’s time. Work e-mail isn’t safe. Besides the fact that you may accidentally share important company information with outsiders, employers often have the legal rights to view the information in your account. If they don’t like what they see, you can be fired. Signing up for a free account with Google’s Gmail or Microsoft’s Hotmail is quick and easy to do, and often accessible from work.

5. Make sure you’re using strong passwords and protecting those passwords, or change your passwords altogether for the New Year.

Avoid passwords that can easily be guessed, such as your last name, spouse’s names, date of birth, etc. Vary your passwords from site to site and change them occasionally. A secure password is one of the most important parts of maintaining a secure identity on the web. If you don’t have strong passwords already, make some today. After all, there’s no time like the present!

6. Update your online profile.

Keep your online reputation fresh and updated with information you want people to know on websites you use regularly. Renew your public profiles on LinkedIn and other professional web pages, blogging sites, and social networking platforms with new work information, achievements, hobbies, links, and more. Keep people in the loop with the info you don’t mind sharing.

7. Be extra wary of any information you enter online.

This is more of a general tip to keep in mind throughout 2010 and beyond. Even if you’re using a social networking website, that doesn’t mean you have to share all there is to know about you. Taking the cautious route isn’t a bad thing at all. You should only enter your information into sites you know and trust. Treat websites like you would treat your e-mail. If you see spam, delete it. There are plenty of phony websites that shouldn’t be used at all.