A Canadian computer sleuth says he created a downloadable directory with personal information about 100 million Facebook users who have failed to tighten their security settings in light of Facebook's recent policy changes.

It wasn't hacking - the giant social-networking site considers the information public - but some users may be appalled at the result: Ron Bowes says they are all now part of a directory full of personal information such as their birth dates, phone numbers and addresses.

Reports about Bowes' directory have appeared on tech sites in the United States and Britain, such as Tech-eye.net. Here's what www.thinq.co.uk reported:

A directory containing personal details about more than 100 million Facebook users has surfaced on an Internet file-sharing site.

The 2.8GB torrent was compiled by hacker Ron Bowes of Skull Security, who created a web crawler program that harvested data on users contained in Facebook's open access directory, which lists all users who haven't bothered to change their privacy settings to make their pages unavailable to search engines.

Bowes' directory contains 171 million entries, relating to more than 100 million individual users - more than one in five of Facebook's recently trumpeted half billion user base.

The file contains user account names and a URL for each user's profile page, from which details such as addresses, dates of birth or phone numbers can be accessed. Accessing a user's page from the list will also enable you to click through to friends' profiles - even if those friends have made themselves non-searchable.

There's absolutely nothing illegal about what Bowes has done - the information is, after all, publicly available - but perhaps the existence of a stalker's online black book might finally persuade less security-minded Facebook users to get their arses in gear.

I wouldn't spell it that way, but I have to agree on the desired result.

You can also read what Bowes himself has to say on his Skull Security website. Bowes, who hardly considers himself a hacker, describes the process and his motivation in a post, Return of the Facebook Snatchers, where he offers the torrent as a download. 

Though Bowes says it would be hard for others to use, the directory sounds like a treasure-trove both for marketers and identity thieves. But says he hopes it will be a broader wake-up call about threats to privacy on the Web:

... as I thought more about it, and talked to other people, I realized that this is a scary privacy issue. I can find the name of pretty much every person on Facebook. Facebook helpfully informs you that "[a]nyone can opt out of appearing here by changing their Search privacy settings" -- but that doesn't help much anymore considering I already have them all (and you will too, when you download the torrent). Suckers!

Once I have the name and URL of a user, I can view, by default, their picture, friends, information about them, and some other details. If the user has set their privacy higher, at the very least I can view their name and picture. So, if any searchable user has friends that are non-searchable, those friends just opted into being searched, like it or not! Oops :)

Here is Facebook's latest statement on its privacy policy.  So far, there's no posted response to Bowes.