I'd say it's been an up and down year for Facebook. Hitting 500 million users is a huge milestone, obviously, and I can't think of a company or any marketing promotion that isn't using Facebook to connect with consumers.
But privacy is still a major issue. True, it is almost an oxymoron to think of Web-related privacy, but when you hear stories like this, data leaked on 100 million users, it makes you pause and think twice about what is posted.
Now, thanks to a bug in Facebook's login system, it appears privacy is truly under assault. According to an article on The Register:
A bug in Facebook's login system allows attackers to match unknown email addresses with users' first and last names, even when they've configured their accounts to make that information private. The information leak can be exploited by social-engineering scammers, phishers, or anyone who has ever been curious about the person behind an anonymous email message. If the address belongs to any one of the 500 million active users on Facebook, the social-networking site will return the full name and picture associated with the account.
It doesn't matter what your privacy settings are. With this bug in the system, the information of every user is up for grabs. Is it enough information that could lead to other information on a Facebook user's computer to be compromised?
It seems to me that until Facebook has truly worked out all the privacy-related kinks in its system, enterprises would be wise to have a policy in place (or continue to have a policy) restricting Facebook use on the network servers.