It seems to me that the raging debate over companies and we control our own information and move it around the web (aka data portability) should not be confused with privacy issues. Frankly, I think we are approaching a good and grand solution to the data portability challenge in the form of Open ID, Open Social, Google Friend Connect, the new data portability initiative from Myspace, and to a lesser extent Facebook Friends which first needs to resolve their issues with Google to be a good solution.

Online data privacy is a whole different animal in my view, and I think the debate is generally misguided. Although many people are still suggesting how important it is for companies and applications to make sure our data is safe I think they are for the most part just wasting virtual ink on the topic. The privacy ship sailed long ago, and much of the information you would not want exposed to everybody on the internet …. is already exposed to everbody on the internet. This takes many forms but the key challenge online is the persistence of data. Things that are posted about you will generally *never* disappear. There are ways to delete things from Google or from a specific location, but the internet is constantly copied at both the page level and the network level, so it’s not realistic to think stuff can be “erased from the internet”.

More importantly note how powerfully you are exposed without lifting a virtual finger. Your home is listed on Zillow.com . Your name and phone is often at Google as well as hundreds of phone book websites. Your credit reports and records are often available through a variety of third party services selling this information to others without consent or notification.
Facial recognition software and tagging are improving and it won’t be long before a search for your name at popular photo sites will allow a search for pictures with you in those pictures even if you had *no idea they were taken*.

All of these things happen whether you put information online or not. Bloggers and photo sharers are far more exposed than this to the extent some even are broadcasting most/all of their lives 24/7 to the global network in an information privacy gone wild streamfest.

So the USS Privacy ship sailed long, long ago and what we need are severe penalties for the *abuse* of personal information. Identity theft and simply fraud are going to increase as the internet matures, but we can stem this tide with rational and clever legislation to identify and track down data abusers and punish them severely. We cannot keep our information out of the hands of info abusers, but we can make it prohibitively expensive for them to abuse us.