The data transmitted was primarily a “username” — which is the name a person uses to log into a Web site — or a user ID assigned by the Web site to a user. It was usually transmitted through referrers — which is information about the Web page transmitted automatically.

Read the rest of this post on the original site »

“We understand you may not want everyone in the world to have the information you share on Facebook; that is why we give you control of your information. Our default privacy settings limit the information displayed in your profile to your school, your specified local area, and other reasonable community limitations that we tell you about.”

–Facebook Privacy Policy, 2006

“When you connect with an application or website it will have access to General Information about you. The term General Information includes your and your friends’ names, profile pictures, gender, user IDs, connections, and any content shared using the Everyone privacy setting….The default privacy setting for certain types of information you post on Facebook is set to “everyone.”…Because it takes two to connect, your privacy settings only control who can see the connection on your profile page. If you are uncomfortable with the connection being publicly available, you should consider removing (or not making) the connection.”

– Facebook Privacy Policy, 2010

Perfect.

Facebook has enlisted a former senior Bush administration regulator to defend its privacy practices in Washington. Tim Muris, an attorney at law firm O’Melveny & Myers who served as chairman of the Federal Trade Commission from 2001 to 2004, is advising the company, whose privacy disclosures and fast and loose handling of user data are increasingly drawing scrutiny on Capitol Hill.

Indeed, on May 5, the Electronic Privacy Information Center filed a complaint with the FTC alleging that Facebook has engaged in unfair and deceptive trade practices in violation of consumer protection law.

“[The site] continues to manipulate the privacy settings of users and its own privacy policy so that it can take personal information provided by users and make it widely available for commercial purposes,” the Washington-based advocacy group said. “The company has done this repeatedly and users are becoming increasingly frustrated and angry.”

Clearly, the Facebook privacy backlash, which has been building for years now, has begun in earnest.

What better time, then, to seek the help of someone like Muris, who created the popular U.S. Do Not Call Registry and just last week received the Miles W. Kirkpatrick Award “for his significant and lasting contributions to the FTC, antitrust law, and the cause of consumer protection.”

Reached for comment, Facebook said Muris is not an official employee. “There have been some reports that Tim Muris has joined Facebook,” the company told me. “Muris has not joined Facebook.”

But he is serving as a consultant, something sources close to the company have told me, though Facebook declined to comment on.

It has, indeed. Which is why it’s so supremely ironic to hear that Viacom (VIA) and Google have reached a deal to mask the user IDs, visitor IDs and Internet protocol addresses contained in the YouTube database. From the agreement:

When producing data from the Logging Database pursuant to the Order, Defendants shall substitute values while preserving uniqueness for entries in the following fields: User ID, IP Address and Visitor ID. The parties shall agree as promptly as feasible on a specific protocol to govern this substitution whereby each unique value contained in these fields shall be assigned a correlative unique substituted value, and pre-existing interdependencies shall be retained in the version of the data produced.”

Why go to such trouble to conceal information that both companies claim isn’t personally identifiable?

Apparently, to protect the privacy of tens of millions of YouTube viewers who it personally identifies.