So what are the dangers? Well, at heart it’s down to teenage life. Like most of us who have happily passed well beyond that time in our lives, there are things I did and said then that I really don’t want dragged up in public – and I’m as square and law abding as they come. Some universities and employers really do look online for profiles of their candidates before deciding whether to accept their application. In 20 years’ time will it be right to find out that you’ve not got a job because when you were 16 you drank too much after taking your school exams? (Euan Blair take note!)

I can’t find a public reference but Sonia Livingstone spoke at a conference I was at recently about some young people who had – past tense – an active MySpace profile. Now they’re more grown up so they’ve moved on to Facebook. They already don’t want to be associated with the fluffy pink hearts or stereotypical male black and red colour schemes of their junior selve’s profiles. Other teenagers shared their passwords amongst themselves so that they could play the game of editing each other’s profiles. “Yes, my profile says I’m a 36 year old bridge engineer with a bit of a drink problem but that’s cool – I know it’s rubbish and so does everyone else I know – my _real_ profile’s at xyz and that’s the one that’s important” – how is an open system supposed to know the difference?

And what about peer pressure? Imagine a child who, for whatever reason, has moved area and needs to keep their location private (think abusive parent, bullying victim or whatever). Those children are already vulnerable and, of course, they will want to join all their school friends online. How can they do that safely if the machines are going to make connections between people without any control by those individuals (or their parents in the case of minors)?

It’s a big topic and one that the policy side of industry is aware of. As ever, it’s the good guys like Vodafone, Bebo and MySpace who are actively looking at how to keep their user’s safe. Engineers need to be aware of this stuff too before they open everyone’s private lives to everyone else.

Google does a lot more than opening up published data and putting spotlights on it. Google makes assumptions and publishes them. It’s ok when I link to all the accounts I own in my FOAF file and put that in the public and they come and index it so that you can google me better. But if I don’t make any connections between my accounts then that means I don’t *want* people to know. And that’s no obscurity but simply facts that I didn’t publish.

I did a rough check on what the Social Graph API has about me. One of my account names clashes with a nick on a turkish hacker site and so it assumes we’re the same person (and for some reason it also thinks that I am that site as well so I get connections to all kinds of other people who it thinks are me). Sure with freedom of opinion I’d say everyone’s basically allowed to say person X is a criminal, with X being me or some famous person or whoever. But if it’s a company like Google then they should think about their responsibility before making and publishing wild assumptions. Maybe I will not get a job because someone googles my social graph and believes in that? Yes, ideally society would understand the Internet better and not do things like that. But we’re simply not there yet. Society might need half a century or more to catch up with the changes and implications the Internet has brought so far – and things are still changing!

Making the existing public record more accessible is good, but Google is adding to the public record based on algorithms only they know (once again).

The rules of hurt others/hurt myself will also go towards saving your own life, except in a very few cases.

Knowing that what do we do? We have to push technologies and define practices which help people to control the granularity of access to their content. http://www.w3.org/TR/chips is a part of the puzzle, but there is a lot more to do.

I fully agree that an illusion of privacy is worthless, but there are those who like illusions, and to many an illusion of privacy is better than real privacy, so we actually have to make real privacy a compelling possibility.

I think we need to work on this problem in parallell with efforts on the social web. In particular, I think there is a lot of promise in http://www.policyawareweb.org/ but it has to move beyond the pilot application level to practical, deployed solutions.