In honor of National Data Privacy Day this Saturday, Jan. 28, we've put together a list of the 15 worst Internet privacy scandals of all time.
These high-profile privacy scandals involve many underlying technologies, from search to social media, email to voice mail, mobile phones to Webcams to GPS. But at the heart of all of these privacy scandals are companies collecting personal data without the user's knowledge or consent and then either sharing it with third parties or simply failing to keep it safe.
[ Stay up to date on the latest news in information technology with InfoWorld's Today's Headlines: First Look newsletter. ]
Meanwhile, on Wednesday the European Union unveiled stiffer penalties and higher fines for U.S. firms that fail to meet their privacy rules for cloud computing and social media applications.
With online privacy expected to remain a high-profile issue in 2012, here's our list of the biggest online privacy breaches of all time:
1. Sony CD spyware
Sony BMG ran into a major privacy flap in fall 2005 because of the anti-piracy measures called XCP that it added to music CDs. When a customer played one of these CDs on a Windows PC, the CD installed hidden rootkit software onto the PC that communicated the CD being played and the IP address of the PC back to Sony. This so-called spyware also created vulnerabilities on PCs for worms or viruses to exploit. Critics said Sony had created a backdoor onto its customers' machines, leading Sony to recall the CDs and offer a free removal tool for the rootkit software. Class action lawsuits were filed against Sony in Texas, New York and California. The U.S. Federal Trade Commission required Sony to pay $150 to any consumer whose PC was damaged by the software as part of a settlement for violating federal law. (Also see: Sony BMG rootkit scandal - five years later)
2. The Craigslist experiment
In February 2006, Seattle Web developer Jason Fortuny posed as a woman seeking sex on Craigslist to see how many responses he would get in 24 hours. He received 178 responses, including photos, names, email addresses and telephone numbers of the men who answered the ad. Fortuny then published all of these responses on a website called Encyclopedia Dramatica. The incident received a significant amount of mainstream media coverage, including the Associated Press and MSNBC. Fortuny was later sued in Illinois court by an anonymous plaintiff, and in May 2009 Fortuny ended up receiving a $75,000 default judgment.