Over the past six years, social networking has been the Internet's stand-out phenomenon, linking up more than one billion people eager to exchange videos, pictures or last-minute birthday wishes.
The sites, led by Facebook with more than 400 million users, rely in large part on people's willingness to share a wealth of personal information with an ever-expanding network of "friends," either ones they actually know and see from time to time, or those they have met virtually through the Internet.
Members' eagerness to add contacts has given the sites a powerful global reach, attracting users from 7 to 70 years old, from skateboarders to investment bankers, and with them a deep and potentially rich vein of targeted advertising revenue.
But at the same time it has concentrated vast amounts of data — telephone numbers and addresses, people's simple likes and dislikes — on the servers of a small number of companies.
In Facebook's case, the social networking tsunami has spread in barely six years from the Harvard dorm room of founder Mark Zuckerberg, 25, to envelope almost half a billion people —enough to be the world's third most populous country.
That in turn has raised profound privacy issues, with governments in Europe and North America and Asia concerned about the potential for data theft, for people's identities to be mined for income or children to be exploited via the Internet.
Data protection authorities from a range of countries held a teleconference this week to discuss how they can work together to protect what they see as a steady erosion of privacy, and the European Union too is studying what role it can play.
They may not be able to hold the social networking wave back, but policymakers are looking at what they can do to limit what they see as the "Big Brother"-like role of some sites. A showdown between privacy and Internet freedom is looming.
"We cannot expect citizens to trust Europe if we are not serious in defending the right to privacy," Viviane Reding, the European commissioner in charge of media and the information society, said in a speech in January, laying out her concerns.
"Facebook, MySpace or Twitter have become extremely popular, particularly among young people," she told the European Parliament. "However, children are not always able to assess all risks associated with exposing personal data."
Privacy, meet the Web
The privacy debate has been around as long as the Internet, but the explosive growth of social networking, and deepening concern about the impact it may be having on social interaction, has intensified discussion in recent months.
Incidents such as the Israeli soldier who announced details of an upcoming military raid via Facebook, and the murder conviction in Britain of a serial rapist who posed as a boy on the site, have fueled the fears of both lawmakers and parents.
In 2009 and again this year, Canadian authorities challenged Facebook's default privacy settings and its use of personal information for targeted advertising. Norway filed complaints after a year-long study of the site's terms and conditions.
Facebook has added fuel to the debate, with the company deciding in December 2009 to substantially change its privacy settings, effectively making members' profiles more openly accessible unless users altered the settings themselves.
Zuckerberg explained the move in January, saying social behavior was shifting as a result of the Internet and that privacy was not the same now as it was even six years ago.
"People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people," he told an audience at a technology conference.
"That social norm is just something that has evolved. We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are," he said.
That may well be the case — and the trend for teenagers to share naked or near-naked pictures of one another online or via mobile phones may suggest mores are changing —but privacy campaigners believe the slope is getting too slippery.
Thomas Nortvedt, the head of digital issues at the Norwegian Consumer Council, a government body, sees Facebook's alteration of its privacy settings as a turning point.
"The privacy settings on Facebook have raised awareness on ... privacy as a whole, not only by the people but also by the governments and the regulating authorities," he told Reuters.
"They see that this is, if not a problem, then at least a challenge and something has to be done about it."
As Canada's privacy commissioner, Jennifer Stoddart, told data protection experts on Tuesday: "We want to send a strong message that you can't go on using people's personal information without their consent ... Do your testing before, and make sure they comply with privacy legislation."
Facebook's global tug-of-war
With government authorities raising their concerns ever more loudly, Facebook and other sites have amended some of their practices, or highlighted the range of measures they say they are already taking to protect members' privacy and data.
As a result of the Canadian Privacy Commission's investigation, Facebook agreed to adopt some recommendations, including explaining why users have to provide their date of birth at registration and introducing 'high', 'medium' and 'low' privacy settings for user-published content.
The European Commission, the executive arm of the European Union and its 500 million citizens, does not regulate on privacy issues, leaving it up to the EU's 27 member states, but it can issue guidelines or directives for corporate practices.
In February, the Commission unveiled its "Safer Social Networking Principles for the EU," a voluntary pact involving 25 Web sites that agreed to safety measures for users under 18, including making profiles private and unsearchable by default.
But the agreement was drawn up before Facebook announced the changes to its privacy settings, a move that frustrated the EU.
"I can't understand that," Commissioner Reding said on the EU's Safer Internet Day in February. "It's in the interests of social network sites to give users control of their privacy."
In the coming months, Reding and her team are expected to study the activities of sites such as Facebook and Google, which recently launched its own social network, and pay close attention to any perceived privacy slippages.
Authorities in Canada, Spain, Germany, Britain and the Netherlands are watching closely too.
Officials want to emphasize to users, particularly young and vulnerable ones, that too much sensitive information can easily be posted to sites, and can then be mined by advertisers and third parties through applications like games or quizzes.
No one wants to be seen be legislating against the freedom and fun of the Internet. But watchdogs also see privacy as an cornerstone of democratic societies that also needs defending.
"What we're going to do in the coming months and years is organize ourselves as enforcement agencies in an international way," Jacob Kohnstamm, the chairman of the Dutch Data Protection Authority, told privacy protection chiefs this week.
"So that the gap between the online market being global and the enforcement being national is going to be filled up by actions like we start today."