A key European Union working group late last week released a report urging social networking sites to conform with the organization's data protection directive and to uphold and strengthen the rights of users. The report, which could have major implications for sites like MySpace and Facebook, comes as U.S. lawmakers prepare to scrutinize Internet companies' privacy and advertising practices at a Thursday hearing on Capitol Hill. The joint hearing of the House Energy and Commerce Communications Subcommittee and Consumer Protection Subcommittee will hear testimony from Google, Yahoo and Facebook executives. "Of paramount importance, [social networking sites] should inform users of their identity from the outset and outline all the different purposes for which they process personal data. Particular care should be taken by SNS providers with regard to the processing of the personal data of minors," the report stated.

The document recommends that users should only upload pictures or information about other individuals with the individual's consent and considers that SNS also have a duty to advise users regarding the privacy rights of others. The paper notes that online communities and, in many cases third party application providers, are data controllers with corresponding responsibilities to users. Robust security and privacy-friendly default settings are advocated throughout the opinion as the ideal starting point with regard to all services and access to profile information emerges as a key area of concern. Topics such as the processing of sensitive data and images, advertising and direct marketing on SNS and data retention issues are also addressed. Read the full report here (PDF).