'People are losing their jobs, relationships and even their lives as a direct result of exposing so much of themselves online'

Experts call for public education programme to highlight web privacy issues

It caught on because it was supposed to be anonymous and safe, but life online is not all it's cracked up to be. Swept away in the enthusiasm of the social networking fad, millions of active netizens are turning on, logging in and dropping straight into an information minefield - and if they put one foot wrong there'll be hell to pay back in the real world.

Have you ever posted something online? Are you happy with it? Are you certain there isn't anything incriminating, embarrassing or just plain daft about you lurking somewhere out there in cyberspace? No intemperate forum debates? No humiliating photos? You'd better hope so, because your internet identity is a permanent record that you'll have to live with for decades to come, wide-open to the ravages of misinterpretation.

Of their own volition, an entire generation are digitising their lives. Whether musing over the fine details of existence on MySpace, videoing it for YouTube or uploading the stills to Flickr, the 16 to 24-year-olds who make up the second web generation do an increasing amount of their socialising online, and in doing so they are creating an electronic trail of evidence from which it is impossible to hide.

Every day the list of cases where internet users have fallen foul of their online activities grows, and now Britain's top expert on the implications of the digital age has been joined by a raft of senior industry commentators in expressing grave concern over the phenomenon.

Citing a litany of cases where people have found themselves surprised by the implications of what seemed like a harmless web posting, leading academic Dr Yaman Akdeniz has called for a massive public education programme aimed at combating what is set to become a key social issue.

"It may seem like harmless fun, but the social networking revolution is already becoming a major issue in real life. People are losing their jobs, relationships and in some extreme cases even their lives as a direct result of exposing so much of themselves to the world.

"They are leaving themselves wide-open to commercial, personal and physical harm without any apparent understanding of the potential results," said Akdeniz, founder of the watchdog organisation Cyber-Rights & Cyber-Liberties UK.

"People must learn that once information has been released in digital format, it is impossible to get it back. We are living steadily more transparent lives, and the consequences of that could prove to be extremely dangerous."

Increasingly, the 21st-century citizen is defined by data. The conglomeration of personal records, certificates, applications and financial transactions that form the flurry of information following everyone about like a small cloud is the basis on which commercial and administrative judgements are made.

Do they pay their bills? Have they ever missed a mortgage payment? Where do they work and how much do they get for it? These are the criteria upon which modern reputations are based, and now the vast swathe of far more personal information uploaded to the internet on a daily basis is being added to the mix.

The internet search companies know what we look for, the forum archives reveal what we like to argue about, the online retailers know what we listen to or read and the software robots browsing our personal web spaces know what we think about everything from senior management to the last episode of Lost.

Look around long enough and you'll also probably find our uploaded CVs, complete in every detail down to home telephone number and address. These are our digital identities, and for many active netheads they're growing more comprehensive by the hour.

The tools and technology rippling around the internet are increasingly sophisticated, and last December came the breakthrough that could put into place the last piece of the internet reputation jigsaw.

Operating out of Malmo, Sweden, start-up company Polar Rose has unveiled a service that combines the latest facial-recognition techniques with a search application. In a nutshell, this means that once any photograph has been identified as depicting a particular individual, it is now possible to scour the web for any images containing the same person.

This sounds harmless enough if it's just linking mug shots on personal profiles, but nobody knows for certain what photos they might have online. Anyone could appear in the background of somebody else's tourist snaps, or in a webcast beamed live from some club, concert or public event, and they'd better hope they weren't doing anything questionable - because even if they're hidden behind an assumed identity, Polar Rose's technology will see to it that your pal's shots of that wild weekend in Amsterdam are attributed fairly and squarely to your name.

There will be no escape, because the internet never forgets anything. Anyone can mess up in real life and recover from the mistake by supplementing it with the sort of good works and solid behaviour that makes people discount their indiscretions, but in cyberspace that moment is frozen in time.

"What seems like a good idea on a Friday night might not be so funny by Monday morning, but those videos you uploaded to YouTube will be around for a long time," said Computeractive editor Paul Allen, who will next month launch an issue dedicated to protecting personal privacy online.

"For years to come people will be watching your antics online, but they will do so out of context. That joint you smoked at a student party might well have been a once-in-a-lifetime thing never since repeated, but thanks to the photo a friend put on his web page the event could haunt you for the rest of your days."

In virtually every situation context is everything, but the web strips all sense of that clean away. Once released in digital format, these infomatic snaps are shorn of all the cultural, social and historical references we use to judge a person's actions in real life perspective.

The drunken shenanigans perpetrated in your youth may long since have been eclipsed by an adult life of sober responsibility and charitable works, but on the web none of that really counts, and so far as the viewer is concerned they might as well have happened yesterday.

If the social networking millions aren't already taking this seriously, the people who employ them certainly are. Viadeo, an online business social network, recently conducted some extensive research of more than 2000 consumers and more than 600 employers in this area. It found that one in five UK employers find information about candidates on the web, with 59% saying that it influences their recruitment decisions.

A quarter of the HR decision-makers surveyed admitted to rejecting prospective employees based on personal information found online. The reasons for doing so including "his MySpace website showed a negative side to him including excessive alcohol abuse", "the candidate was personally into some activities which did not fit ethically into my company" and most spectacularly; "we found that the candidate was on the local police wanted list".

In the US, companies are already springing up that promise to check out job applicants' digital reputations on other firms' behalf. In addition to combing blog space, YouTube and an array of online forums for evidence, they also promise to track down potential recruits' Amazon reading lists in an effort to unearth any unwelcome political views.

"Practically the first thing everybody does when meeting someone new is to Google them. It's a great way of picking up extra information on a contact, but people don't seem to realise this when they're logging on to services like MySpace and Facebook, so they put everything online from their job title to their favourite sexual position," said Peter Cunningham, Viadeo's UK head of operations.

"A well-managed NetRep can work in your favour but nobody in business wants to take unnecessary risks, so if there's anything questionable about you online it will almost certainly have an impact upon your career prospects."

Then there are the security implications. The wealth of digital information growing on the back of the web 2.0 boom has given rise to a new form of crime known as social engineering, where hackers manipulate online relationships in order to get access to valuable data about themselves or their place of work.

"It's a type of attack that is becoming ever more sophisticated: the hacker can now gain substantial information on your employees remotely because more and more data is held in the public domain. Take, for example, social networking sites such as Linked In, Ecademy and Ryze or jobs websites which house curriculum vitaes.

"Both provide ample opportunity for the hacker to use our credentials to impersonate us or to launch an attack on our employers," says Ken Munro of SecureTest, the company responsible for vetting the security of installations such as GCHQ.

The question, then, is what to do about it. Although the Data Protection Act protects individuals from having certain types of information about them published or shared online, it doesn't cover data that has been put out there by the users themselves. Even it did, that wouldn't do any good if the material has been copied or hosted outside the UK.

Users who track down unwanted digital references to themselves could also approach the service provider that hosts the web space in question with a request to take it down. Many will comply, but there is no basis in law that actually compels them to do so, and a blunt refusal would leave no further options barring a long and expensive legal battle.

In recent months, there has also been a rise in a new breed of services such as the US-based ReputationDefender, which promises - for a fee - to track down and destroy all suspect digital material. Many in the industry believe that this is technically impossible, however, and the jury is still out over whether such companies can deliver the results they claim.

The internet is a whole new world, and managing your online identity is a brand new problem of which most of us are still only vaguely aware.

With no single agency, government or company capable of bringing the situation under direct control it promises to prove a challenging task in which an adequate solution could be decades away, and in the meantime experts are advising all web users to remember the dictum that if you wouldn't want your Mum to see something, you definitely shouldn't put it on the net.

"The technology companies keep pushing for greater transparency, but nobody is paying much heed to privacy. We must begin educating people about the risks in schools and colleges just as we teach them about other social dangers, because only they can protect themselves," said Dr Akdeniz.

"Everybody must stop and think. If we don't, the new generation of internet users is going to walk straight into a major problem."