So this week a torrent was uploaded on The Pirate Bay, which apparently contained "Personal details for 100 million [Facebook] users". The BBC article is actually a fairly sensible and balanced take on it, there were a few other news reports on it which a bit more sensationalised and stupid about it.
The fact is, there's absolutely nothing notable about that torrent aside from the fact that all the vast amount of data is collated together. You can't find anything in that than you wouldn't be able to gather from just searching the name on Facebook and looking at their public profile. It wasn't some sort of breach of security, as was implied by several news sources.
Personally, I don't buy into the whole paranoia over personal information on the internet. My name, date of birth, address and phone number are all public knowledge as far as I'm concerned. I rather wouldn't plaster my address or phone number all over the internet, but the fact is that it's already in the phone directory, so it's not like it's impossible for people to find it if they are looking for it. And I'd also say that the personal data which I have put up on the internet isn't likely to be used for malicious purposes, or at least the chances of that happened far outweigh the benefit to myself and others of it being there, which is why it's there in the first place.
I had this discussion with people in IRC yesterday, and there are plenty of things which just completely don't bother me that some people apparently take huge exception to. Personally I don't give a shit if Google tracks my internet usage, because it's not ever going to get used in some way which harms me. It'll be used to give me more relevant ads, more relevant search results, something which assists both myself and Google, and not something I see any reason to be particularly concerned about.
Pretty much the only online information that I wouldn't want available for some bot to look at are passwords and my bank account details. Sure, I entrust my email, my calendar, my name and address to Google, but ultimately why would I give a shit about that? Even if they're going to use bots to read through people's mail (not something I think they would do, but it's possible), then I really don't care that much. There are things in my email I wouldn't want people to read, just because they're personal, but Google bots wouldn't collate personal information in any way that would leave the detail that I'd rather people didn't see.
If I were to draw a Venn diagram, which included the groups for things I consider personal and don't want other people to see, things which Google could make money from, and things which are uploaded up onto the internet to be accessed, then the intersection is minuscule, and most likely doesn't exist at all. There are emails and private messages on forums that I wouldn't want people to read, but they'd be of no interest to a bot, so ultimately the fact that they exist in a database on a server somewhere isn't going to be much of a problem. Google aren't going to employ people to read through everyone's email, and if they're not being read by people, then I don't care, because it's not ever going to end badly for me.
I'm placing far more trust in sites like Amazon and my bank to keep my details secure, because that's pretty much the only details I have on the internet which could genuinely cause problems for me if they were to be made publicly available. Google have emails and my calendar, not really sure if there's much malicious they can do with that. Most of my stuff is publicly viewable on Facebook because I don't really see how anyone could use it maliciously either, except for maybe "lol Rosti is ugly". The town I live in, the schools I went to, none of them have much use to anyone except for perhaps singling me out on Facebook as the "Chris Rowe" they want.
The only stuff I've got locked down to not be publicly viewable on Facebook are my email and IM addresses, and my address and phone number, which are more to prevent bots trawling that sort of thing and sending me spam than anything else. And it's up there for friends to see, because I want them to be able to see it, beecause that's sort of the point of putting it there to start with.
There's always going to be people out there who have what I personally consider to be paranoia over anonymity and personal data on the internet, to the extent where retention of pretty much any trace of them is seen as a gross breach of privacy. And I can sort of see where they're coming from, but given that it's going to make fuck-all difference to their everyday life, I don't quite get why they kick up such a fuss about it, and go to such huge lengths to stop it happening. If I was the sort of person who went around making a lot of people angry on the internet (I'm not that bad I hope), then I might be more worried about people connecting my online pseudonym to my personal information, because you only have to piss off one absolute psychopath for that to start to be come a real problem.
Ultimately I would say that if you're the sort of person who wouldn't want even a trace of personal information leaked onto the internet, if you were the sort of person who is genuinely bothered by the torrent, then why would you bother getting Facebook in the first place? For one, the privacy controls do work. Sure, some things are by default set to be publicly viewable, and you have to set them to be hidden if that's what you want, but ultimately Facebook is a social networking site. The whole point of it is to share what is basically personal information with other people.
If anything I would say that the torrent highlights the fact that sure, you might have some personal information on the internet, but so do one hundred million other people. The chances of someone actually using your information for anything more than just broad statistical analysis are extremely small. And that's assuming there's anything they can really do with it in the first place.