Item: Citizens are concerned about online privacy and security. According to a new report from USC’s Center for the Digital Future, “Sixty-one percent of adult Americans said they were very or extremely concerned about the privacy of personal information when buying online, an increase from 47 percent in 2006. Before last year, that figure had largely been dropping since 2001.” These fears are well-founded.

The study, to be released Thursday, comes as privacy and security groups report that an increasing number of personal records are being compromised because of data breaches at online retailers, banks, government agencies and corporations.

The Identity Theft Resource Center, for instance, listed more than 125 million records reported compromised in the United States last year. That’s a sixfold increase from the nearly 20 million records reported in 2006.

About “two-thirds of adult Internet users shop online,” so their privacy fears aren’t acting as a deterrent, it seems.

Or are they? A new Pew Internet Project survey suggests that online shopping numbers would be even higher if people felt more secure.

More specifically, the report says:

• If the three-quarters of internet users who agree that they don’t like sending personal or credit card information online felt more confident about doing this, the share of the internet population shopping online would be 7 percentage points higher than the current average of 66%, or 73%.
• If those who disagree that online shopping is convenient felt otherwise, the share of the internet population shopping online would be 3 percentage points higher than the current average (or 69% instead of 66%).

Interesting. Most Internet users are concerned about privacy issues, although not all of them act on those concerns in the same way.

Item: Facebook’s attempts to push the envelope on marketing within social networks have sparked considerable user backlash. Clearly Facebook sees all those subscribers as consumers, but it’s not apparent that the users see themselves as commodities to be monetized.

The Beacon debacle was Facebook’s first big misstep (and Om Malik called it in advance, by the way). Company execs have evidently convinced themselves that it was just an implementation misunderstanding, but is that a conclusion they should be comfortable with?

In just two or three years Facebook has evolved from a site that people were dying to get on into one where people are actively trying to figure out how the hell to get off. Recently the company has had to endure major publicity over the difficulty of getting your data deleted from the site once you 86 your account – a problem that led to the creation of the How to permanently delete your Facebook account group, which currently has 14, 407 members. Yeah, that’s the kind of PR you’re looking for.

Item: We’re now starting to see pushes for legislative action restricting the ability of companies to mine and use consumer data.

After reading about how Internet companies like Google, Microsoft and Yahoo collect information about people online and use it for targeted advertising, one New York assemblyman said there ought to be a law.

So he drafted a bill, now gathering support in Albany, that would make it a crime — punishable by a fine to be determined — for certain Web companies to use personal information about consumers for advertising without their consent.

And because it would be extraordinarily difficult for the companies that collect such data to adhere to stricter rules for people in New York alone, these companies would probably have to adjust their rules everywhere, effectively turning the New York legislation into national law.

“Should these companies be able to sell or use what’s essentially private data without permission? The easy answer is absolutely not,” said the assemblyman who sponsored the bill, Richard L. Brodsky, a Democrat who has represented part of Westchester County since 1982. (Source)

There’s a similar, albeit more restricted, bill before the Connecticut legislature, as well. The implications could be dramatic:

If [the NY law] passed, computer users could request that companies like Google, Yahoo, AOL and Microsoft, which routinely keep track of searches and surfing conducted on their own properties, not follow them around. Users would also have to give explicit permission before these companies could link the anonymous searching and surfing data from around the Web to information like their name, address or phone number.

Of course, a lot can happen here. Lobbyists working for any number of affected companies *cough*Google*cough* can probably be expected to wade in with suitcasefuls full of cash thoughtful, reasoned explanations for why this is a bad idea, and it’s not likely that a state law would be allowed to hijack commerce nationwide – which means we can expect this issue to be taken up in Washington, which my Google Maps search indicates is significantly closer to K Street than is Albany.

In any event, we can probably expect to see more conversation on this issue over the next couple of years, not less.

Item: Citizens can expect their privacy to be challenged on more and more fronts in the future. For instance, the real social networking boom isn’t about the Internet at all – it’s about mobile.

The prize, as these start-ups see it, is the 3.3 billion cellphone subscribers, a number that far surpasses the total of Internet users. The advantage over computer-based communities, they believe, is the ability to know where a cellphone is, thanks to global positioning satellites and related technologies.

The market research company Informa Telecoms said in a report last month that about 50 million people, or about 2.3 percent of all mobile users, already use the cellphone for social networking, from chat services to multimedia sharing. The company forecast that the penetration rate would mushroom to at least 12.5 percent in five years.

Mobile has a number of advantages over the Net. For one thing, you don’t have to be sitting at your desktop – you don’t go to your network, it goes with you.

This also opens the door to a world of location-based marketing. As GPS and RFID technologies continue to build out, it will be increasingly easy to target a customer not just according to his or her past shopping habits, but according to where he or she happens to be at a given moment.

Imagine: my wife’s birthday is tomorrow. There’s a well-established profile on both of us, and perhaps my wife bought some diamond earrings six months ago. As I walk down the urban mall in my fair city, my phone buzzes. I pull it out and have a look. The jewelry story that I’m approaching is offering me a micro-targeted 15% mobile coupon on diamond necklaces that would look great with my wife’s earrings.

Minority Report, anyone? For what it’s worth, the scenario I just described isn’t an if, it’s a when.

To this, let’s add in the depth and complexity of Web 3.0 – the “semantic Web.” And all apologies to those of you who are still trying to catch up to Web 2.0. In 2006 Tim Berners-Lee, the man credited with more or less inventing the Web, described Web 3.0 this way:

“People keep asking what Web 3.0 is. I think maybe when you’ve got an overlay of scalable vector graphics – everything rippling and folding and looking misty – on Web 2.0 and access to a semantic Web integrated across a huge space of data, you’ll have access to an unbelievable data resource.”

If that’s a little thick, maybe this helps:

In contrast, the Holy Grail for developers of the semantic Web is to build a system that can give a reasonable and complete response to a simple question like: “I’m looking for a warm place to vacation and I have a budget of $3,000. Oh, and I have an 11-year-old child.”

If you’re tracking along here, you realize that getting to this point requires The Machine to have a good amount of data on you and a massive ability to think about it.

As is always the case with new technologies – always – the early vision is breathtaking:

Referred to as Web 3.0, the effort is in its infancy, and the very idea has given rise to skeptics who have called it an unobtainable vision. But the underlying technologies are rapidly gaining adherents, at big companies like I.B.M. and Google as well as small ones. Their projects often center on simple, practical uses, from producing vacation recommendations to predicting the next hit song.

But in the future, more powerful systems could act as personal advisers in areas as diverse as financial planning, with an intelligent system mapping out a retirement plan for a couple, for instance, or educational consulting, with the Web helping a high school student identify the right college.

It’s easy to see how such a Web – especially one that’s deployed via mobile – could be of tremendous value. Berners-Lee elaborates on the coolness:

“Using the semantic web, you can build applications that are much more powerful than anything on the regular web,” Mr Berners-Lee said. “Imagine if two completely separate things — your bank statements and your calendar — spoke the same language and could share information with one another. You could drag one on top of the other and a whole bunch of dots would appear showing you when you spent your money.

“If you still weren’t sure of where you were when you made a particular transaction, you could then drag your photo album on top of the calendar, and be reminded that you used your credit card at the same time you were taking pictures of your kids at a theme park. So you wouldd know not to claim it as a tax deduction.

“It’s about creating a seamless web of all the data in your life.”

One example frequently given is of typing a street address which, if it had “semantic data” built into it, would link directly to a map showing its location, dispensing with the need to go to a site like Google `maps, type in the address, get the link and paste it into a document or e-mail.

Still, if existing technologies (and associated practices) pose a significant enough threat to individual privacy that some lawmakers are already looking at how to shut the capability off, imagine if you can the potential for intrusion of an artificial intelligence-driven “World Wide Database” engine.

And note, if you will, that we’re only considering commercial intrusions at this point. If you’re the sort who also harbors some paranoia about the trustworthiness of governmental institutions, then the Web 3.0 future is perhaps even more chilling.

Berners-Lee actually envsions the semantic Web as a hedge against certain kinds of security threats:

He also spoke about what he described as one of the key challenges of the web today — confronting the security risks associated with large databases of information that were attractive to criminals and identity fraudsters.

“There are definitely better ways of managing that threat. I think we’re soon going to see a new tipping point where different types of crimes become possible and lucrative, and it’s something we constantly have to be aware of.

“One option is to build systems which more effectively track what information you’ve used to perform a particular task, and make sure people aren’t using their authority to do things that they shouldn’t be doing.”

Would the tech would be used in these ways? Sure. But for every tool it generated to address intrusions it would – as did the Internet – generate several more that could be used maliciously. This is a time-tested dynamic that accompanies innovation, and there’s no reason to suspect that this leap ahead would be different from all the others.

I’m not here to tell a Frankenstein tale, though. Heck, social media is how I make my living.

Instead, it seems important to acknowledge where we’re heading (and how fast) and to suggest that we begin talking about the implications sooner rather than later. Perhaps innovation and individual liberties aren’t inherently opposed, but a thoughtful glance around our existing landscape suggests the difficulty in investing more deeply in the bounty of tech-enabled consumerism without sacrificing our personal privacy.

Thousands of Facebook users and millions of online shoppers say they’re worried already. If so, the next decade promises to be absolutely terrifying.