Is our relationship with Facebook and Google turning sour?

Wedding cake with bride and groom split in two
Image caption Is our marriage to web firms turning sour?

Like most marriages, the tie between citizens and the big corporations that dominate the web is one of both great joy and intense resentment.

On the one hand, they are very good at helping us with web chores: Need information? Google has more of the stuff than you could ever process. Want to keep in touch with friends? Facebook eliminates the need to pick up the phone.

On the other, they do not always give us the space we need. Privacy, it seems, is becoming the thorn in the side of this marriage of convenience.

Enter the regulators as our virtual marriage guidance counsellors.

Last week the EU commissioner for citizenship voiced her concern about how net firms were sharing data and talked up EU plans to overhaul data laws.

On the other side of the Atlantic, the Canadian privacy commissioner expressed her worries about targeted advertising.

And in the US, the Federal Trade Commission published its views on Facebook's changes to privacy settings in 2009 and concluded that it had engaged in "unfair and deceptive" practices.

These are tough words from regulators who have been criticised for being lax when it came to calling online firms to account over privacy.

It suggests that 2012 could see a change in the balance of power between net firms and citizens, with citizens, for once, holding the upper hand.

Perfect storm

If there is such as thing as "the other woman" in our relationship with net firms then it has to be advertisers. We may find their promotions annoying but the cash they generate for web companies puts them at the heart of the net businesses.

The dream for advertisers is to have all the bits of information that people share online each day. From the transactions that we make, through the thoughts that we share, to the online wish lists that we create on sites such as Amazon - colliding in a perfect storm of consumer data.

They already do pretty well for data sources - from IP addresses, web browsing histories, online purchases, length of time spent on web pages, articles read and even location, taken from GPS applications on mobile devices.

Cookie law

But consumers currently have very little idea about how their data is being used, say experts.

Image caption Web cookies mount up pretty quickly when people are online

"People who share data don't actually read privacy notices. They have to be much better written as a lot of them are very long and complicated," said Matthew Newman, spokesman for European Commissioner for Citizenship Viviane Reding.

Ms Reding is taking a close interest in how firms use data. The EU is currently working on two bits of legislation designed to improve the current situation.

The first has been dubbed the cookie law because it looks specifically at the pieces of code which are used to track web behaviour. Cookies allow, for example, adverts from sites people have previously viewed to pop up on unrelated sites.

Firms are increasingly using such cookies to serve up more targeted ads, but the EU is considering how to make it easier for people to opt out of cookies altogether.

Ms Reding is also determined to overhaul the way net firms use people's data and a new directive will begin life in January.

It may require firms to be far more explicit about what data is shared with advertisers.

Facebook's terms and conditions once famously ran longer than the US Constitution. They have been radically simplified but few people probably realise that by signing up to the service they are also agreeing to share information with marketers who place targeted adverts based on user preferences.

The system is, Facebook insists, completely "anonymised".

Advertisers upload ads to Facebook's system, along with a bid to display them to certain users; say, men between the ages of 25- 35. Facebook's ad system pairs these ads with matching users but the data remains on Facebook's servers.

The relationship between advertisers, the public and net firms is a tricky one, says Nick Stringer, director of regulatory affairs at the Internet Advertising Bureau.

"Data drives the advertising model but it needs to be balanced with privacy," he said.

"Advertising funds the web services that we use so there has to be a trade-off. Consumers may not be aware of how Facebook and Google make their money but they are very happy to use the service and would not want to pay for it," he said.

'Downright creepy'

But privacy campaigners remain suspicious of who targeted advertising is actually helping. Canadian privacy commissioner Jennifer Stoddart has this week added her voice to the debate, claiming that it needs to be made far easier for people to opt out of receiving such ads.

In a speech to the Marketing and Law conference in Toronto, she made her views clear.

"Some people like seeing ads tailored to their particular interest. Others don't like seeing these super-tailored ads," she said.

"They are about as uncomfortable with the notion of their online wanderings being tracked as they would be with someone following them around a shopping mall. In other words, they find this practice downright creepy."

Ms Stoddart said that the practice of hiding such data collections in the terms and conditions was "unacceptable".

"You can't make people's collection of personal information a condition of service," she told reporters after the event.

Ms Stoddart stressed that advertisers must not collect or use an individual's web browsing activity without that person's consent.

And she expressed concern about how many firms seemed determined to grab a piece of the targeted advertising pie, She cited a patent taken out by credit card firm Visa which would combine its transaction information with other data from across the web to create targeted adverts.

Shadow profiles

Facebook's founder Mark Zuckerberg once famously said that "social" should be the default setting of the web - but there are plenty of people prepared to campaign against this.

"People have a fundamental right to privacy but the question is 'Do people still have rights over their data?'" asked Jim Killock, director of the Open Rights Group.

Image caption Data remains even when we log off

One way open for citizens to take back control of their data, said Mr Killock, is to apply for a Subject Access Request, which requires firms to hand over all the personal data they have stored on an individual.

Law student Max Schrems did just that. Along with two fellow students he requested all their personal data from Facebook.

The results - CDs with pdfs (portable document format) containing thousands of pages of sensitive information including political and religious views - turned Mr Schrems' relationship with Facebook decidedly sour.

He has now set up a website - Europe v Facebook - to fight what he sees as the firm's unwarranted intrusion into personal data.

He claims that the social network is creating "shadow profiles" by collecting excessive information on users.

He has taken his fight to the Irish Data Protection Commissioner, choosing Ireland because it is where Facebook's European headquarters is based. The commissioner is due to report his findings in January.

Google dashboard

Of course the issue is not just one for Google and Facebook, although as the grandparents of the modern web they are often singled out.

A recent study conducted by Worcester Polytechnic Institute found that hundreds of popular websites leak information to third-party tracking sites, proving that privacy is not just an issue for the big firms such as Google and Facebook.

Ms Stoddart has had harsh words for Google and Facebook, but recently she praised the strides they had made in the privacy arena.

She is a fan, for example of Google's Dashboard which allows users to answer the question "What does Google know about me?" and its Ads Preference manager which allows users to edit the information Google uses to show personalised ads.

Whether such developments will cancel out scandals such as its massive vacuuming up of personal data from wi-fi networks during filming for Google Street View, or the launch of its ill-fated social network Buzz which it linked to user's Gmail accounts without asking permission, remains to be seen.

Most of us would be heartbroken if Google, Facebook and the other net firms we have come to rely on decided that they had had enough, packed their bags and left the internet.

While trust may have been damaged, the issues we have with them are probably not enough to break up over but, as with all relationships, we would all like to know a little more about what they are up to.

More on this story

Related Internet links

The BBC is not responsible for the content of external Internet sites