Watch Out For Your Personal Info Online

Facebook's now self-admitted privacy blunder should serve as a wake-up call to all Net users. When you're online, it's up to you to keep an eye out for your personal information.

The storm at Facebook began in November when the company introduced its Beacon service, which automatically informed all your Facebook buddies about purchases you made at participating merchants. There was a way to prevent the information from being sent out, but the "opt-out" process was cumbersome and the default was set for sending the data rather than maintaining user privacy.

On December 5, Facebook founder and Chief Executive Mark Zuckerberg issued an apology admitting on his blog: "We've made a lot of mistakes building this feature, but we've made even more with how we've handled them."

The apology came after Moveon.org gathered 50,000 signatures on a petition to the company complaining that its advertising strategy invaded users' privacy. Facebook has also been criticized by security company Computer Associates, which accused the company of giving users "only marginal control over the annoyance concern and zero control over the privacy concern."

Along with his apology, Zuckerberg offered users the ability to completely opt out of the Beacon program which is certainly a step in the right direction. But even without Beacon, users of Facebook and other Web services should still be on guard to make sure their information remains under their control.

For example, users need to be careful when using some of the new applications that you can add to your Facebook profile. I tried out the New York Times Quiz on Facebook just to see how it worked. I tested it on a day when I hadn't yet read the New York Times or any other newspapers or news Web sites and, as one might expect, I didn't do very well. No worries - I was just trying it out. But what I didn't realize was that the application would beam my score to some of my Facebook friends. I can laugh about it now, but as a journalist and contributor to the New York Times, it was quite embarrassing.

I had a far more embarrassing moment about a year ago when I was trying to determine how a different social networking site would handle privacy for teenagers. To test the service I registered as a 15-year-old girl named "Lori Magid" so I could see what controls it had in place.

But as I went through the process late at night when I was probably too tired to be operating a computer, I stupidly clicked "OK" when it asked if I wanted to import my Yahoo mail contact list. The next thing I knew, all 1,500 people in my Yahoo address book got an e-mail from "Lori Magid" with my e-mail address asking them to sign-up and visit "her" profile.

You can imagine the messages I got from friends and colleagues. I quickly sent out a follow-up message apologizing and explaining that I was doing this for testing purposes. But I still took some razzing from associates over the issue, including some I hadn't heard from in years.

And then there was the time I accidentally clicked "reply" instead of "forward" to a message from my editor when I was writing for the Los Angeles Times. I meant to forward his e-mail to my wife with a note wondering aloud whether the guy liked my work. Instead I got a note back from him saying that he read my message but that all was well. It was nice to know but hardly the way to get validation from one's boss.

None of my examples involved highly sensitive information and none resulted in any real harm. But they serve as a reminder that when online, you need to look both ways, think twice and read the fine print before clicking the mouse.