By: Pete Warden

My name is Pete Warden, and a few months ago I created visualization based on crawling 210 million public Facebook profiles that raised a lot of questions about how openly available that information should be.

While I've seen a lot of discussion of the impact on users, I've seen little on why Facebook and other companies care so passionately about that data. If we want to understand what's likely to happen to our information in the future, it's important to understand why it's such a crucial foundation for everything Facebook does and what threats it faces.

Facebook is able to offer a fantastic experience because it knows who your friends are. No other site has that knowledge, so it's an incredible competitive advantage for the service - and despite all the privacy worries, makes it tough to quit because nowhere else can offer you those channels to reach your friends.

The real danger for Facebook is that others will get access to a broad and comprehensive social network and be able to offer the same rich social experience to new users. I see two ways this can happen:

• Someone copies the information from Facebook in bulk
• A similar network is created from an independent source using implicit data

Copying

There are two ways someone could copy user information from Facebook, either through crawling public profiles or using the API. I noticed while I was doing my crawling that it would only show eight friends at a time but it was a different set every time, which meant with enough visits to a user's page I could gather a complete list of their connections. Facebook has fixed this hole so it only shows the same eight people now, but that's still enough to build a partial but usable social network.

Using the API is a lot trickier because they have technical controls to throttle heavy-users who are downloading data too fast, but if you have a wide userbase on Facebook, like Zynga, then you could easily download information on tens of millions of users a week without noticeably increasing your API usage.

Facebook's primary defense against both of these approaches is legal. They recently introduced a whitelisted robots.txt, so now legitimate Web crawlers have to agree to the same kind of terms of service that restrict what third parties can do with the data they gather through the API.

The weakness of this approach is that it relies on the honor system, since it's extremely hard to track the flow and usage of data once it's in another company's hands. It's possible to use fake accounts(Mountweazels) to act as markers to prove data came from Facebook originally, but all you need to do is cross-correlate the Facebook data with other public sources like phone books, electoral data or Twitter to weed out non-existent people.

As long as the data copiers take those sort of basic precautions it's essentially untraceable - and Facebook will have a hard time proving they were the source in court. It's also very hard to spot that a company is using data sourced from Facebook internally, unless they publicly announce it.

An Independent Network

Creating an independent source of social network data is a tough nut to crack. Facebook's big advantage is that it's a massive hassle for users to manually re-enter their social networks into yet another service, so the path of least resistance for website owners is to integrate with their existing repository. However there are alternative sources of information about our social networks that can be accessed without partnering with Facebook or requiring laborious user input: your email inbox and cellphone history.

I saw Buzz primarily as a bid by Google to stealthily build their own social network by leveraging those patterns of who you email most. It doesn't seem to be making great progress, but the same idea is useful for any startup who needs to build a picture of its user's social network.

You can now use OAuth to connect to Google and Yahoo inboxes without requiring a password, analyze the email headers to spot a user's frequent recipients, and then use that information to help you offer a better service, for example by pre-populating your invite suggestions with a user's inner circle rather than the using the entire contents of their address book.

Using phone calls and SMS patterns to understand social networks is a lot harder for third-parties, but you can bet that both the big telecom companies and the mobile software providers like Apple and Google are trying to figure out how to compete with Facebook using that data.

Facebook has an overwhelming advantage thanks to the network effects of having social information on so many users, but the very attractiveness of their position has to be focusing their competitors' minds on how to replicate that strength.

Right now Facebook looks invincible, but it all rests on the unique social network they've gathered - they could be the next MySpace or Friendster if their rivals figure out an alternative.

These are hard times for newspapers, and not just the Times. America’s other iconic daily of the past half-century, the Washington Post, has been doing a long, slow fade, speeded up lately by the Great Recession. The Post’s weekday circulation is barely two-thirds what it was in the nineteen-nineties. During the most recently measured six-month period alone, sales of the weekday paper plummeted thirteen per cent. Repeated buyouts have decimated the staff. Last year, the Post closed its remaining domestic bureaus, in Chicago, Los Angeles, and New York. Its stock price today is less than half what it was in 2004. Kaplan, the for-profit education outfit the Post acquired in 1984, now provides some sixty per cent of its income. A glum, decade-old newsroom wisecrack—that the Post is a test-prep tutoring service that puts out a newspaper as a hobby—got glummer in 2007, when the Washington Post Company officially declared itself an “education and media company,” no joke.

All the more reason, then, to ladle on the praise when the Post shows that it can still produce the kind of public-spirited, enterprising journalism that is essential to the health of a free society. Last week, in a series of three articles totalling some thirteen thousand words, the paper explored the immense national-security industry created since 9/11—a bureaucratic behemoth, substantially privatized but awash in public money, that “has become so large, so unwieldy, and so secretive” that it “amounts to an alternative geography of the United States, a Top Secret America hidden from public view and lacking in thorough oversight.” Mimicking, consciously or not, the work product of its subject, the series begins by summarizing itself with a PowerPoint-like set of bullet points:

* Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States.

* An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances.

* In Washington and the surrounding area, 33 building complexes for top-secret intelligence work are under construction or have been built since September 2001. Together they occupy the equivalent of almost three Pentagons or 22 U.S. Capitol buildings—about 17 million square feet of space.

* Many security and intelligence agencies do the same work, creating redundancy and waste. For example, 51 federal organizations and military commands, operating in 15 U.S. cities, track the flow of money to and from terrorist networks.

* Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year—a volume so large that many are routinely ignored.

Beyond the numbing numbers, the Post describes a vast archipelago of gleaming new office parks, concentrated in the Washington suburbs but also scattered throughout the country, protected by high fences and armed security guards, bland-looking but inaccessible, and filled with command centers, internal television networks, video walls, armored S.U.V.s, and inner sanctums called SCIFs, short for “sensitive compartmented information facilities.” How much of this—“the bling of national security,” the Post calls it—is necessary or even useful may be doubted, but it is undeniably expensive. Much of it is there because the taxpayer cash to buy it is there—an unending, ever-growing, BP-worthy fiscal blowout that, beginning just after 9/11 and continuing to this day, flooded the agencies with “more money than they were capable of responsibly spending,” the Post writes. “They’ve got the penis envy thing going,” a contractor whose business specializes in building SCIFs says. “You can’t be a big boy unless you’re a three-letter agency and you have a big SCIF.” Moreover, fully a quarter-million holders of top-secret security clearances are employees not of the government but of private, profit-making businesses. Government agencies serve as a hiring hall for contractor corporations offering perks and salaries the agencies can’t match, leaving them to rely on recent graduates whose familiarity with the countries they analyze, including their languages, is minimal. The concern this raises—a concern that Robert M. Gates, the Secretary of Defense, and Leon Panetta, the head of the C.I.A., told the paper they share—is “whether the federal workforce includes too many people obligated to shareholders rather than the public interest—and whether the government is still in control of its most sensitive activities.”

An intelligence community hobbled, as the Post shows, by a toxic mixture of secrecy, compartmentalization, turf rivalry, and tremendous duplication of effort is further bedevilled by a problem familiar to every computer addict: too much information. Every day, for example, the National Security Agency alone intercepts and stores nearly two billion separate e-mails, phone calls, and other communications. By the time the gusher reaches officials charged with making policy, it’s still a fire hose. “The complexity of this system defies description,” John R. Vines, a retired Army general who reviewed the Defense Department’s slice of it last year, told the Post. “Because it lacks a synchronizing process, it inevitably results in message dissonance, reduced effectiveness, and waste. We consequently can’t effectively assess whether it is making us more safe.”

The story the Post tells is not about criminal conspiracies or rogue elements or corruption in the usual sense. No one’s dedication to the cause of protecting America is questioned. The tale has no villains—unless you count the pathologies of secrecy and bureaucracy and the panicky bravado that led the White House, Congress, and the public to frame the response to Al Qaeda as an essentially unlimited War on Terror. It is an exposé about a secret world, but it exposes no secrets. Interviewees who asked for anonymity did so not in order to “leak”—to reveal classified information—but to express judgments that their bosses and colleagues might hold against them. Virtually all the data that the paper collected in the two years it took to prepare the series was already in the public record.

And the bulk of the public record is no longer to be found in library stacks, dusty courthouse files, and microfilm rolls. Just as its subject is a new kind of bureaucratic enterprise, “Top Secret America” is a new kind of journalistic enterprise, pairing expert reporting of the traditional shoe-leather variety with the information-gathering power of the Internet. One of the series’ lead writers, Dana Priest, is a winner of two well-deserved Pulitzer Prizes, for her stories on abuses at Walter Reed and the C.I.A.’s overseas “black sites.” The other, William M. Arkin, is that despised creature, a blogger—or was until he put aside the national-security blog that he conducted on the Post’s Web site to begin his collaboration with Priest. While she worked the phones and racked up the miles, he sat in his converted barn in Vermont, surfing oceans of data. The result is a portrait of a problem. Laying it all out is a start. Reining it all in will be harder.

A Journal investigation finds that one of the fastest-growing businesses on the Internet is the business of spying on consumers. First in a series.

Hidden inside Ashley Hayes-Beaty's computer, a tiny file helps gather personal details about her, all to be put up for sale for a tenth of a penny.

The file consists of a single code— 4c812db292272995e5416a323e79bd37—that secretly identifies her as a 26-year-old female in Nashville, Tenn.

The code knows that her favorite movies include "The Princess Bride," "50 First Dates" and "10 Things I Hate About You." It knows she enjoys the "Sex and the City" series. It knows she browses entertainment news and likes to take quizzes.

"Well, I like to think I have some mystery left to me, but apparently not!" Ms. Hayes-Beaty said when told what that snippet of code reveals about her. "The profile is eerily correct."

Ms. Hayes-Beaty is being monitored by Lotame Solutions Inc., a New York company that uses sophisticated software called a "beacon" to capture what people are typing on a website—their comments on movies, say, or their interest in parenting and pregnancy. Lotame packages that data into profiles about individuals, without determining a person's name, and sells the profiles to companies seeking customers. Ms. Hayes-Beaty's tastes can be sold wholesale (a batch of movie lovers is $1 per thousand) or customized (26-year-old Southern fans of "50 First Dates").

"We can segment it all the way down to one person," says Eric Porres, Lotame's chief marketing officer.

One of the fastest-growing businesses on the Internet, a Wall Street Journal investigation has found, is the business of spying on Internet users.

The Journal conducted a comprehensive study that assesses and analyzes the broad array of cookies and other surveillance technology that companies are deploying on Internet users. It reveals that the tracking of consumers has grown both far more pervasive and far more intrusive than is realized by all but a handful of people in the vanguard of the industry.

• The study found that the nation's 50 top websites on average installed 64 pieces of tracking technology onto the computers of visitors, usually with no warning. A dozen sites each installed more than a hundred. The nonprofit Wikipedia installed none.

• Tracking technology is getting smarter and more intrusive. Monitoring used to be limited mainly to "cookie" files that record websites people visit. But the Journal found new tools that scan in real time what people are doing on a Web page, then instantly assess location, income, shopping interests and even medical conditions. Some tools surreptitiously re-spawn themselves even after users try to delete them.

• These profiles of individuals, constantly refreshed, are bought and sold on stock-market-like exchanges that have sprung up in the past 18 months.

It's rarely a coincidence when you see Web ads for products that match your interests. WSJ's Christina Tsuei explains how advertisers use cookies to track your online habits.

The new technologies are transforming the Internet economy. Advertisers once primarily bought ads on specific Web pages—a car ad on a car site. Now, advertisers are paying a premium to follow people around the Internet, wherever they go, with highly specific marketing messages

In between the Internet user and the advertiser, the Journal identified more than 100 middlemen—tracking companies, data brokers and advertising networks—competing to meet the growing demand for data on individual behavior and interests.

The data on Ms. Hayes-Beaty's film-watching habits, for instance, is being offered to advertisers on BlueKai Inc., one of the new data exchanges.

"It is a sea change in the way the industry works," says Omar Tawakol, CEO of BlueKai. "Advertisers want to buy access to people, not Web pages."

The Journal examined the 50 most popular U.S. websites, which account for about 40% of the Web pages viewed by Americans. (The Journal also tested its own site, WSJ.com.) It then analyzed the tracking files and programs these sites downloaded onto a test computer.

As a group, the top 50 sites placed 3,180 tracking files in total on the Journal's test computer. Nearly a third of these were innocuous, deployed to remember the password to a favorite site or tally most-popular articles.

But over two-thirds—2,224—were installed by 131 companies, many of which are in the business of tracking Web users to create rich databases of consumer profiles that can be sold.

The top venue for such technology, the Journal found, was IAC/InterActive Corp.'s Dictionary.com. A visit to the online dictionary site resulted in 234 files or programs being downloaded onto the Journal's test computer, 223 of which were from companies that track Web users.

How to Protect Yourself

Almost every major website you visit is tracking your online activity. Here's a step-by-step guide to fending off trackers.

The information that companies gather is anonymous, in the sense that Internet users are identified by a number assigned to their computer, not by a specific person's name. Lotame, for instance, says it doesn't know the name of users such as Ms. Hayes-Beaty—only their behavior and attributes, identified by code number. People who don't want to be tracked can remove themselves from Lotame's system.

And the industry says the data are used harmlessly. David Moore, chairman of 24/7 RealMedia Inc., an ad network owned by WPP PLC, says tracking gives Internet users better advertising.

"When an ad is targeted properly, it ceases to be an ad, it becomes important information," he says.

Tracking isn't new. But the technology is growing so powerful and ubiquitous that even some of America's biggest sites say they were unaware, until informed by the Journal, that they were installing intrusive files on visitors' computers.

The Journal found that Microsoft Corp.'s popular Web portal, MSN.com, planted a tracking file packed with data: It had a prediction of a surfer's age, ZIP Code and gender, plus a code containing estimates of income, marital status, presence of children and home ownership, according to the tracking company that created the file, Targus Information Corp.

Both Targus and Microsoft said they didn't know how the file got onto MSN.com, and added that the tool didn't contain "personally identifiable" information.

Tracking is done by tiny files and programs known as "cookies," "Flash cookies" and "beacons." They are placed on a computer when a user visits a website. U.S. courts have ruled that it is legal to deploy the simplest type, cookies, just as someone using a telephone might allow a friend to listen in on a conversation. Courts haven't ruled on the more complex trackers.

The most intrusive monitoring comes from what are known in the business as "third party" tracking files. They work like this: The first time a site is visited, it installs a tracking file, which assigns the computer a unique ID number. Later, when the user visits another site affiliated with the same tracking company, it can take note of where that user was before, and where he is now. This way, over time the company can build a robust profile.

One such ecosystem is Yahoo Inc.'s ad network, which collects fees by placing targeted advertisements on websites. Yahoo's network knows many things about recent high-school graduate Cate Reid. One is that she is a 13- to 18-year-old female interested in weight loss. Ms. Reid was able to determine this when a reporter showed her a little-known feature on Yahoo's website, the Ad Interest Manager, that displays some of the information Yahoo had collected about her.

The Tracking Ecosystem

Surfing the Internet kickstarts a process that passes information about you and your interests to tracking companies and advertisers. See how it works.

Yahoo's take on Ms. Reid, who was 17 years old at the time, hit the mark: She was, in fact, worried that she may be 15 pounds too heavy for her 5-foot, 6-inch frame. She says she often does online research about weight loss.

"Every time I go on the Internet," she says, she sees weight-loss ads. "I'm self-conscious about my weight," says Ms. Reid, whose father asked that her hometown not be given. "I try not to think about it…. Then [the ads] make me start thinking about it."

Yahoo spokeswoman Amber Allman says Yahoo doesn't knowingly target weight-loss ads at people under 18, though it does target adults.

"It's likely this user received an untargeted ad," Ms. Allman says. It's also possible Ms. Reid saw ads targeted at her by other tracking companies.

Information about people's moment-to-moment thoughts and actions, as revealed by their online activity, can change hands quickly. Within seconds of visiting eBay.com or Expedia.com, information detailing a Web surfer's activity there is likely to be auctioned on the data exchange run by BlueKai, the Seattle startup.

Each day, BlueKai sells 50 million pieces of information like this about specific individuals' browsing habits, for as little as a tenth of a cent apiece. The auctions can happen instantly, as a website is visited.

Spokespeople for eBay Inc. and Expedia Inc. both say the profiles BlueKai sells are anonymous and the people aren't identified as visitors of their sites. BlueKai says its own website gives consumers an easy way to see what it monitors about them.

Tracking files get onto websites, and downloaded to a computer, in several ways. Often, companies simply pay sites to distribute their tracking files.

But tracking companies sometimes hide their files within free software offered to websites, or hide them within other tracking files or ads. When this happens, websites aren't always aware that they're installing the files on visitors' computers.

Often staffed by "quants," or math gurus with expertise in quantitative analysis, some tracking companies use probability algorithms to try to pair what they know about a person's online behavior with data from offline sources about household income, geography and education, among other things.

The goal is to make sophisticated assumptions in real time—plans for a summer vacation, the likelihood of repaying a loan—and sell those conclusions.

Some financial companies are starting to use this formula to show entirely different pages to visitors, based on assumptions about their income and education levels.

Life-insurance site AccuquoteLife.com, a unit of Byron Udell & Associates Inc., last month tested a system showing visitors it determined to be suburban, college-educated baby-boomers a default policy of $2 million to $3 million, says Accuquote executive Sean Cheyney. A rural, working-class senior citizen might see a default policy for $250,000, he says.

"We're driving people down different lanes of the highway," Mr. Cheyney says.

Consumer tracking is the foundation of an online advertising economy that racked up $23 billion in ad spending last year. Tracking activity is exploding. Researchers at AT&T Labs and Worcester Polytechnic Institute last fall found tracking technology on 80% of 1,000 popular sites, up from 40% of those sites in 2005.

The Journal found tracking files that collect sensitive health and financial data. On Encyclopaedia Britannica Inc.'s dictionary website Merriam-Webster.com, one tracking file from Healthline Networks Inc., an ad network, scans the page a user is viewing and targets ads related to what it sees there. So, for example, a person looking up depression-related words could see Healthline ads for depression treatments on that page—and on subsequent pages viewed on other sites.

Healthline says it doesn't let advertisers track users around the Internet who have viewed sensitive topics such as HIV/AIDS, sexually transmitted diseases, eating disorders and impotence. The company does let advertisers track people with bipolar disorder, overactive bladder and anxiety, according to its marketing materials.

Targeted ads can get personal. Last year, Julia Preston, a 32-year-old education-software designer in Austin, Texas, researched uterine disorders online. Soon after, she started noticing fertility ads on sites she visited. She now knows she doesn't have a disorder, but still gets the ads.

It's "unnerving," she says.

Tracking became possible in 1994 when the tiny text files called cookies were introduced in an early browser, Netscape Navigator. Their purpose was user convenience: remembering contents of Web shopping carts.

Back then, online advertising barely existed. The first banner ad appeared the same year. When online ads got rolling during the dot-com boom of the late 1990s, advertisers were buying ads based on proximity to content—shoe ads on fashion sites.

The dot-com bust triggered a power shift in online advertising, away from websites and toward advertisers. Advertisers began paying for ads only if someone clicked on them. Sites and ad networks began using cookies aggressively in hopes of showing ads to people most likely to click on them, thus getting paid.

Targeted ads command a premium. Last year, the average cost of a targeted ad was $4.12 per thousand viewers, compared with $1.98 per thousand viewers for an untargeted ad, according to an ad-industry-sponsored study in March.

The Journal examined three kinds of tracking technology—basic cookies as well as more powerful "Flash cookies" and bits of software code called "beacons."

More than half of the sites examined by the Journal installed 23 or more "third party" cookies. Dictionary.com installed the most, placing 159 third-party cookies.

Cookies are typically used by tracking companies to build lists of pages visited from a specific computer. A newer type of technology, beacons, can watch even more activity.

Beacons, also known as "Web bugs" and "pixels," are small pieces of software that run on a Web page. They can track what a user is doing on the page, including what is being typed or where the mouse is moving.

The majority of sites examined by the Journal placed at least seven beacons from outside companies. Dictionary.com had the most, 41, including several from companies that track health conditions and one that says it can target consumers by dozens of factors, including zip code and race.

Dictionary.com President Shravan Goli attributed the presence of so many tracking tools to the fact that the site was working with a large number of ad networks, each of which places its own cookies and beacons. After the Journal contacted the company, it cut the number of networks it uses and beefed up its privacy policy to more fully disclose its practices.

The widespread use of Adobe Systems Inc.'s Flash software to play videos online offers another opportunity to track people. Flash cookies originally were meant to remember users' preferences, such as volume settings for online videos.

But Flash cookies can also be used by data collectors to re-install regular cookies that a user has deleted. This can circumvent a user's attempt to avoid being tracked online. Adobe condemns the practice.

Most sites examined by the Journal installed no Flash cookies. Comcast.net installed 55.

That finding surprised the company, which said it was unaware of them. Comcast Corp. subsequently determined that it had used a piece of free software from a company called Clearspring Technologies Inc. to display a slideshow of celebrity photos on Comcast.net. The Flash cookies were installed on Comcast's site by that slideshow, according to Comcast.

Clearspring, based in McLean, Va., says the 55 Flash cookies were a mistake. The company says it no longer uses Flash cookies for tracking.

CEO Hooman Radfar says Clearspring provides software and services to websites at no charge. In exchange, Clearspring collects data on consumers. It plans eventually to sell the data it collects to advertisers, he says, so that site users can be shown "ads that don't suck." Comcast's data won't be used, Clearspring says.

Wittingly or not, people pay a price in reduced privacy for the information and services they receive online. Dictionary.com, the site with the most tracking files, is a case study.

The site's annual revenue, about $9 million in 2009 according to an SEC filing, means the site is too small to support an extensive ad-sales team. So it needs to rely on the national ad-placing networks, whose business model is built on tracking.

Dictionary.com executives say the trade-off is fair for their users, who get free access to its dictionary and thesaurus service.

"Whether it's one or 10 cookies, it doesn't have any impact on the customer experience, and we disclose we do it," says Dictionary.com spokesman Nicholas Graham. "So what's the beef?"

The problem, say some industry veterans, is that so much consumer data is now up for sale, and there are no legal limits on how that data can be used.

Until recently, targeting consumers by health or financial status was considered off-limits by many large Internet ad companies. Now, some aim to take targeting to a new level by tapping online social networks.

Media6Degrees Inc., whose technology was found on three sites by the Journal, is pitching banks to use its data to size up consumers based on their social connections. The idea is that the creditworthy tend to hang out with the creditworthy, and deadbeats with deadbeats.

"There are applications of this technology that can be very powerful," says Tom Phillips, CEO of Media6Degrees. "Who knows how far we'd take it?"

If your telephone number is published, a simple Google search can turn up your home address, phone number and a map to your front door. Everyone knows that. But there are other databases and sites that contain intimate details of your life.

Specialty reports let potential insurers check your prescription history. Retailers can view your purchase returns history. And your employment and rental history are also online.

This information may be incorrect. It can haunt you when you apply for a job, credit or health insurance. So, it's a good idea to do a background check on yourself from time to time.

The Fair Credit Reporting Act lets you request free credit reports once a year. You can also request a report if you've been denied credit based on information it contains. And, you can request that any errors be corrected.

Credit reports

Credit reports are widely used to verify your credit-worthiness. Experian, Equifax and TransUnion are the three main reporting agencies. You can request your free report by visiting AnnualCreditReport.com. You can request reports from all three agencies.

Personal information reports

Personal Information Reports include information on your employment and tenant history. They also contain information on liens and judgments, voter registration and more. This information is used for background screening.

Start by requesting a report from LexisNexis. Then, request your background screening report from Acxiom. You can also request information from Acxiom's directory and fraud detection service; however, there is a $5 charge for that.

You should also request a Full File Disclosure from ChoicePoint, a LexisNexis company. The information will differ from your LexisNexis report.

Insurance reports

Your ChoicePoint Full File Disclosure will include home and auto insurance claims. But you'll also want to order a report from Insurance Services Office.

Have you applied for individual health or life insurance in the past seven years? Then, you may have a file at the Medical Information Bureau. It is designed to protect insurers from fraudulent or incomplete applications.

Your file may include information on medical conditions and tests. It could also include driving history and dangerous hobbies or professions. You can request your consumer file from MIB. However, it may not have one on you.

Your prescription drug information may also be available to insurance companies. IntelliScript and MedPoint compile information on drugs, including refills and dosages. It can go back five years.

Checking reports

Banks often use ChexSystems to vet account applications. Your report may reflect accounts that have been mishandled. For example, it shows if you have had excessive overdrafts.

Retailers use TeleCheck for check verification. It gathers information on returned checks and check fraud.

Employment history

The Work Number collects employment and income information. The data comes from employers. Abso also gathers employment-related information.

These companies may not have information on you. Still, you'll want to request copies of your files from both companies.

Tenant history and utilities reports

A number of companies gather tenant information. The information can include evictions and disputes with landlords.

Your tenant history may be available from one or more databases. Check with First Advantage SafeRent, RentBureau and Tenant Data Services.

The National Consumer Telecom and Utilities Exchange provides information to utility companies. It stores information on defaulted and fraudulent accounts.

Other reports

The Social Security Administration sends yearly Social Security statements. Your statement shows your Social Security earnings history. It also includes estimated benefit payments. You can request a copy of your report at any time.

The Retail Equation is designed to prevent fraudulent and abusive returns. Information provided may prevent you from returning an item to a store. In that case, request a copy of your return activity report.

Teletrack collects subprime credit information. It is used by payday loan companies.

CentralCredit is a credit bureau used by the gaming industry. Casinos use it when extending credit to guests.

The process for requesting a specialty report varies from database to database. You may need to call the company or mail a form. Be prepared to disclose your Social Security number and current address. You may also need to submit copies of documents to prove your identity.

It's fun to use social networking sites, but where does your data go after you die?

According to Forrester Research, 55.6 million adults in the United States have a social networking account with a site like Facebook, MySpace or Twitter. More people join social networking sites every day. For some users, online networks serve as the primary means of staying in touch with friends and family. Social networking sites let us post our thoughts, pictures, videos, music and other content. But what happens to all of that when we die?

It's a sobering problem. As we invest more of ourselves into our online presence, we become more affected by the things we see and do on the Internet. We also affect our online friends. It might seem like worrying about what happens to your online presence after your death is a trivial matter but it's becoming more important as time goes on.

Part of the reason for that is the Internet provides a place for people to express thoughts and feelings as they grieve a loss. Your social networking profile could become a spot where your friends and family can share memories of you. People who might not otherwise hear of your passing may learn of it through your profile page.

But maintaining a presence online after you die has its share of problems as well. Mean-spirited people -- called trolls in the online world -- might take the opportunity to leave insulting or inflammatory comments on your page just to stir up trouble. Who guards your profile after you're gone? Can someone request access to your accounts to act as custodian to your online presence?

The answer varies from one site to another. As of yet, there is no law in the United States with rules about how to handle an online presence after someone passes away. Each company creates its own policies. Some, like MySpace, do so on a case-by-case basis. Others, like Facebook, establish rules that allow friends and relatives to transform a normal profile into a memorial.

Facebook After Death

The Canadian government's concerns over user privacy helped shape Facebook's policies on memorial accounts.

Facebook instituted a policy a few years ago regarding how to handle the profiles of deceased individuals. Family members could choose one of two options: close the account -- Facebook will delete an account permanently upon the family's request -- or converting the account into a memorial profile. Facebook's policy states the company will never release login information to anyone other than the account holder, even after death 

Before making any changes, Facebook requires proof that the user has died. First, someone must use an online form to report the user's demise. Within that form is a space to include a link to an obituary or news report confirming the death. Facebook employees then review the user's profile to verify there has been no recent activity. Only then will the company begin the conversion process.

A profile undergoes several changes when switching into a memorial. Facebook removes sensitive information from the profile. This includes contact information and addresses. The company also removes status updates to protect the privacy of the deceased user.

Facebook changes the profile settings so that only friends can find the profile and post information to the user's wall. This lets other members visit the profile and use it as a place of grieving and healing while preventing digital vandalism from trolls. Searches for the deceased user on Facebook's search engine will not list the memorial page.

The company will also deactivate the user's login information. This prevents anyone from guessing the user's password and logging in to cause mischief.

If no one contacts Facebook to alert the company of the user's passing, his or her profile will remain active indefinitely. Facebook doesn't delete inactive accounts without notification. Depending upon the user's privacy settings, people will still be able to search and visit the profile and leave comments.

Not every site has established a policy for dealing with death. Some will obey whatever the family wishes as long as the company receives proof of the user's passing. A few won't take any action without a copy of a death certificate. Other companies won't make any changes at all. But as the issue pops up, more online social networks are adopting rules to handle the situation.

Preparing Your Online Life for Death

What can you do to help your family or friends manage your online presence after you die? Depending on your level of activity online, you may have dozens of different accounts. And some sites may not have policies in place to deal with your account after your death.

One thing you can do is designate someone to be in charge of your online accounts after you die. You'll need to create a list of your user names and passwords and put it in a safe place. A few companies will store that information for you, usually for a fee.

One of those companies is Legacy Locker. The company offers three plans. You can create a free account and store up to three assets (e.g., login information), designate one beneficiary to retrieve those assets should you pass away and write a Legacy Letter. Legacy Letters are messages the company will deliver to designated recipients after verifying that you've died.

Or you can set up a paid account. For $29.99 a year, members can store an unlimited number of assets and designate as many beneficiaries as they like. There is no limit on the number of Legacy Letters they can create. They can also use an online document backup system and upload videos to the site for others to watch after they pass on. For a one-time fee of $299.99, members can create an account that will remain active without the need for yearly payments.

Besides Legacy Locker, here are other companies that will store information for you and release it to designated individuals upon proof of your death. And while online services offer convenience, they may not be as secure as you would like. After all, you're storing all of your login information with one service. If a hacker should get access to the company's files, he or she would be able to access all of your login information you've stored. That might include everything from social networking profiles to online bank accounts.

You don't have to rely on a third party if you prefer to maintain your own list of login information. In fact, there are several ways to encrypt your data, and you could give the decryption key to people you trust. You could also designate an executor to your online property in your will.

So, what to do with a dead user's information remains a tricky subject. Most social networking sites allow users to post comments and messages to each other, but who owns that data? Is it the recipient, the sender or the company? If you've left a message for someone and they pass away, can you retrieve it? These are questions most sites have yet to address.

Even though companies are beginning to acknowledge the problem of what to do with your data once you die, most of the responsibility falls to you and your family. It's not a lot of fun to think about but a little consideration could save your loved ones from experiencing hours of frustration on top of their grief.