Researchers at the Worcester Polytechnic Institute have performed a study of 110 popular non-online social networking (non-OSN) sites (eg. not Facebook) and 10 OSNs, finding 56% directly leak private information to third parties. That number increases to 75% if you count userids as private information. The information is often leaked to third party aggregators that may attempt to track you, to better deliver advertisements, for example. The leaking of information is not the only point of concern though, as linkage of the information is also possible. Consistently using a userid (I am “Guest_Jim_*” or “GuestJim” most everywhere, for example) or an email address on the Internet can allow apparently distinct information to be linked together, forming a single identity online. With enough information a globally unique identifier (GUID) can be made to track you even if you use separate logins for separate access points (work vs. home).
They examined 12 categories and created this table of when information is leaked (found in Privacy leakage vs. Protection measures: the growing disconnect along with explanations of what is leaked at each action):
|User Action||User Action||User Action||User Action||User Action|
|Category||Sites w/ Direct Leakage||Create Account||Account Login/ Navig||View/ Edit Profile||Input Content||Sensitive Search|
Makes you wonder how much the Internet knows about you, doesn't it?
Update: Though not a follow-up, Anonymizing Data Still a Valid Privacy and Security Technique, provides more information on this subject.