Our Terms of Service and Privacy Policy have changed.

By continuing to use this site, you are agreeing to the new Privacy Policy and Terms of Service.

5 data breaches: From embarrassing to deadly

Major companies including Netflix, Google and Facebook have let private data loose -- and the results can be devastating.

1 of 5
BACKNEXT
Netflix accidentally reveals rental histories
Netflix accidentally reveals rental histories

Four years ago, Netflix came up with what seemed like an ingenious plan to improve its movie recommendations algorithm: crowdsource the problem and award the best solution a $1 million prize. But the video rental and streaming company found out that anonymizing data isn't easy.

For the first edition of the "Netflix Prize" in 2006, the company released 100 million supposedly anonymized movie ratings. Each included a unique subscriber ID, the movie title, year of release and the date on which the subscriber rated the movie. Contestants were asked to develop an algorithm that was 10% better than Netflix' existing in predicting how subscribers rated other movies.

Just 16 days later, two University of Texas researchers announced that they had identified some of the Netflix users in the data set. In some cases, Arvind Narayanan and Vitaly Shmatikov were able to identify targets by matching their Netflix reviews with data from other sites like IMDb. More damningly, the found that if you knew a few movies a Netflix subscriber had rented in a given time period, you could reverse-engineer the data and find out the rest of their viewing history.

Despite the UT findings, Netflix continued the contest and named a $1 million winner. But when Netflix tried to launch another contest in 2009 -- with subscriber data including gender, zip code, and age -- the smackdown came in the form of a lawsuit. One plaintiff said she would be "irreparably harmed by Netflix's disclosure of her information."

That woman is a lesbian mother who is not open about her sexual orientation. She filed the suit as Jane Doe. As her legal filing put it: "To some, renting a movie such as Brokeback Mountain or even The Passion of the Christ can be a personal issue that they would not want published to the world."

After months of back-and-forth, Netflix called off the second contest and settled the lawsuit. Lead counsel Scott Kamber, of KamberLaw LLC, says he believes Netflix genuinely tried -- but failed -- to protect its users' privacy.

"The contest was clever, but they overlooked an aspect of privacy that I think we were able to get them to focus on," Kamber said. "Netflix was in its infancy, so really, it made a mistake while trying to do the right thing."


NEXT: Insurer seeks patient's Facebook posts
Last updated December 14 2010: 1:03 PM ET
More Galleries
Google's logos through the years Google changed its logo for the fifth time in 17 years this week. Here's what the old ones looked like. More
How much you should have saved for retirement right now Joe is 50 years old and makes $70,000 a year. He should already have $364,000 saved for retirement. Are you on track? More
The stock market's wild week in 6 pictures It was the wildest week in stocks in recent memory. Here's photos and CNNMoney's tweets of reactions to the panicked selling on Monday and Tuesday, which gave way to a mad buying scramble on Wednesday and Thursday. And then...a selloff on Friday again. More

Special Offer