(via http://www.schneier.com/blog/archives/2010/08/a_taxonomy_of_s_1.html)
Below is my taxonomy of social networking data, which I first presented at the Internet Governance Forum meeting last November, and again – revised – at an OECD workshop on the role of Internet intermediaries in June.
Service data is the data you give to a social networking site in order to use it. Such data might include your legal name, your age, and your credit-card number. Disclosed data is what you post on your own pages: blog entries, photographs, messages, comments, and so on. Entrusted data is what you post on other people's pages. It's basically the same stuff as disclosed data, but the difference is that you don't have control over the data once you post it – another user does. Incidental data is what other people post about you: a paragraph about you that someone else writes, a picture of you that someone else takes and posts. Again, it's basically the same stuff as disclosed data, but the difference is that you don't have control over it, and you didn't create it in the first place. Behavioral data is data the site collects about your habits by recording what you do and who you do it with. It might include games you play, topics you write about, news articles you access (and what that says about your political leanings), and so on. Derived data is data about you that is derived from all the other data. For example, if 80 percent of your friends self-identify as gay, you're likely gay yourself.[…] As we continue our conversations about what sorts of fundamental rights people have with respect to their data, and more countries contemplate regulation on social networking sites and user data, it will be important to keep this taxonomy in mind. The sorts of things that would be suitable for one type of data might be completely unworkable and inappropriate for another.