Last week I was in Paris at the annual Xtech conference, listening to some of Europe’s (and America’s) best developers and open data advocates sharing their experience. One of the talks that really had an impact on me - actually, left me with my jaw hanging open - was Gavin Bell’s What is your provenance? in which he explores the unintended social networks that we form online.

Even ten years ago, our identity was formed of things such as our postal address or phone number, and these data were generally not available to people unless we gave it to them. Now much of our identity these days is available online, held at a distance from ourselves by social networking sites, blogs, wikis, and a host of other fora. How much can people find out about us without us being there? What kind of composite image of ourselves can we create from the information we’ve scattered across the web?

Gavin decided to find out what picture is formed of him by the data that he and other people have published. He started with the about page on his own website, GavinBell.com, which points to a number of other places where Gavin has identified himself using the rel=”me” tag. This includes his Flickr photos page which then leads to his Flickr profile. That links back to GavinBell.com, with the rel=”me” tag, strongly identifying these two pages as belonging to the same person.

Of course, Flickr also provides lists of buddies - data that can be scraped, along with screen name, real name and location (if given). By following the buddy list links, it’s then possible to scrape the data from his friend’s buddies pages, building up a picture of his wider Flickr network.

But there’s no reason to limit this data trail to Flickr. Scrape the links from friends’ profile pages, follow them, find more rel=”me” tags, more links to other social networking sites, such as Upcoming, and examine contacts there, and a clear picture of who knows who and what the web knows about each of them emerges.

The same works for any number of sites, Magnolia, Vox, Digg, Cork’d, and Gavin went on to talk about how you could use the same techniques with blogs, Del.icio.us and tags to form a picture of what you think you write about on your blog, and what other people think you write about. Fascinating, yes, but also alarming.

One of the things that struck me was that, logically, I know that there’s lots of information out there about me that people could collate to form a picture of the sort of person I am, what my interests are, who I know, where I go. Emotionally, though, I didn’t realise just how easy it was until Gavin showed us.

Last autumn, Facebook decided to expose its user’s actions within the site in a ‘news feed’. Suddenly, it was easy to see who was joining or leaving which group, who was leaving messages on whose walls, and who was friending or splitting up from whom. Users rebelled - whilst all of that data was there for people to see if they dug deep enough, no one was expecting it to be collated and exposed.

The underlying assumption in Facebook - and indeed, in life - is that others shouldn’t collate and expose your data without good reason. Indeed, much of the work that we do with the Open Rights Group, a UK-based digital rights advocacy group, is about the government collecting or collating data in ways that are not in the public interest.

The cynical might say that it would serve me right if someone did aggregate all my personal data and publish it for the world to see, but we all generate data - scads and scads of it, much of it perforce. And we can’t prevent others from doing with it what they will - it is, after all, out there. Question is, how will we deal with having that level of transparency foisted upon us?