Even though the Update to this post on TechCrunch about Last.fm and the RIAA says that Last.fm hasn’t handed over any user data to the RIAA, um, guess what? There’s at least 3 different websites (and those are just the ones I know of) (that are pretty easy to find with a simple Google search) that will allow the RIAA to put in your Last.fm username and find all your other social profiles. Do you have your real, full name in Twitter? Is your Twitter username the same as your Last.fm username? Are you listening to unreleased tracks that you illegally downloaded (like, say, the new U2 album)? Busted.

See, I’d rather have everyone in the world know that I have listened to Hillary Duff (*awful BTW*), Mandy Moore, and Leona Lewis than to have the RIAA be able to easily figure out that I’m listening to music that I obviously should not have access to.

To their credit, TechCrunch does say:

Incidents like this highlight how the social Web can sometimes bite back if you are not careful. It also raises the issue of who owns all of this data about you and what they can do with it. Unfortunately, it’s come down to this: you really shouldn’t share any data on the Web you wouldn’t feel comfortable seeing in a court of law.

Yeah, it’s sticky when it comes to things like photos you upload to Facebook. But, when you are uploading/scrobbling your music listening to Last.fm, I don’t think it’s sticky at all. To me, that is all public domain data. I know that anyone and their mother can look at my listening history. But it’s clear that some people don’t really think about that. Again, as TechCrunch puts it:

most probably never even considered it a possibility that individually identifiable information about their listening habits (legal, illegal, or otherwise) could be handed over to an organization known for taking consumers to court for file-sharing. What makes this even more egregious is that it appears to be absent any legal precedent (such as a pending lawsuit) for which Last.fm could at least hide behind as an excuse.

Really, though, the RIAA could probably hire a code monkey to create a script to pull all the usernames from Last.fm who have pre-release U2 songs scrobbled, then either pull their name from Last.fm (if available) or search for other publicly available profiles to find your full name, and the do a quick Zabasearch to find your home address and/or phone number.

Now, of course, I think the RIAA needs to take a chill pill with the whole lawsuit thing in the first place, but the point of this post (if you didn’t guess from the title) is that people don’t realize that something like Last.fm can make their illegal activity available for everyone in the world to see. The same concept is easily applied to people in networks on Facebook. You know how many people that I’m not friends with in the Chicago network have hundreds of pictures of themselves which I can see posted on Facebook? I don’t either, but it’s a lot. Granted, most of them aren’t doing illegal things, but I’m sure there are some pictures that they wouldn’t necessarily want a complete stranger who just happens to live (or say they live) in the same city to see. There’s a reason that bank robbers don’t usually just walk in and wave at the security cameras while pulling off their heist. Does that mean we all need to learn to think like bank robbers when using the internet? No, but you might want to think like that when you’re doing something you know is illegal.

Bonus Link: If you’re going to kill your wife and try to make it look like a mugging, don’t search for things like “Medical trauma gunshot chest”, “Immigrating to Brazil”, “acute blood loss”. At least, not on your home computer.