MySpace and Facebook have both found themselves in trouble of late, with customers complaining about the revelation that the companies were sharing private information with advertisers, despite promises that user information would not be shared in the Terms of Service. 

Facebook was perhaps the worst offender with this.  Its CEO has insisted at times that customers don't really care about privacy.  And it has rolled out multiple changes to it page to try to get customers to mistakenly unveil more info.

Finally after much criticism, MySpace and Facebook have vowed at last to make changes to make sure that advertisers don't get the profile link that the click was received from (anonymizing it). The Wall Street Journal indicates that its reports on the subject finally spurred the popular social networks to action.

It was shown that advertisers could use the provided link to find private details like name, age, relationship status, hometown and occupation from a person's account.  Google Inc.'s DoubleClick and Yahoo Inc.'s Right Media were among the companies that received dumps of the links' private data, but they claim they didn't even know about it and never used it.

The industry advertising standard (set largely by Google) is that it is forbidden to collect personally identifiable information without users' permission.  Facebook and MySpace have been known to tread the line on privacy issues, but in this case the revelation of their mischief was too embarrassing for them to not take action.

Among the other companies that revealed links to personal profiles were LiveJournal, Hi5, Xanga and Digg.  Twitter also revealed links, but only when advertisers clicked on certain links on the profile page (as normal user profile pages do not bear ads -- yet).  However, these links would provide info on the profile being viewed, not the person themself.

Facebook went the farthest though, providing the ID of both the visitor and the visited profile.  Facebook says that it has since fixed the offending code.

States a Facebook spokesman, "We were recently made aware of one case where if a user takes a specific route on the site, advertisers may see that they clicked on their own profile and then clicked on an ad.  We fixed this case as soon as we heard about it."

Unlike Facebook, MySpace does not demand user's real names.  It is only sharing the ID of users, which will only reveal the info they choose to share on their page.  Nonetheless, in response to concerns, MySpace is making changes as well.  States a spokesperson, "[We are] currently implementing a methodology that will obfuscate the 'FriendID' in any URL that is passed along to advertisers."

In a statement Google wrote, "Google doesn't seek in any way to make any use of any user names or IDs that their URLs may contain."

And Yahoo's head of privacy Anne Toth similarly stated, "We prohibit clients from sending personally identifiably information to us.  We have told them. 'We don't want it. You shouldn't be sending it to us. If it happens to be there, we are not looking for it."