Only two social networking sites make minors' profiles private by default, according to a test of 14 such sites conducted for the European Commission.
The test aimed to find out whether the sites were complying with the E.U.'s Safer Social Networking Principles, a self-regulatory agreement that they signed up to in 2009.
Only Bebo and MySpace have default settings to make minors' profiles more private.
"I am disappointed that most social networking sites are failing to ensure that minors' profiles are accessible only to their approved contacts by default. I will be urging them to make a clear commitment to remedy this in a revised version of the self-regulatory framework. Youngsters do not fully understand the consequences of disclosing too much of their personal lives online," said Digital Agenda Commissioner Neelie Kroes.
The Commission's tests were carried out between December 2010 and January 2011 on Arto, Bebo, Facebook, Giovani, Hyves, Myspace, Nasza-klaza, Netlog, One, Rate, VZnet, Galleria, Tuenti and Zap. Researchers tested the sites in their main language (for example, Tuenti was tested by a Spanish-speaking researcher and Rate by an Estonian-speaking researcher) and found that while most provide basic safety information, this is difficult to find on many sites.
Currently 77 percent of 13-16 year olds and 38 percent of 9-12 year olds who use the Internet are on social networking sites.
Around 65 percent of 13-16 year olds and 34 percent of 11-12 year olds who use the Internet know how to change the privacy settings on a social networking profiles, according to the EU Kids Online study, published in January.
The possibility of tagging people in pictures, offered by most social networking services, makes it very easy to search for someone's photos online. Ten of the sites tested allowed potential strangers (so-called 'friends' of friends') to contact minors through personal messages or comments on their public profiles, increasing the risks of online grooming or cyber-bullying.
In the case of Facebook, researchers found that although the reporting mechanisms for inappropriate content or behavior are easy to use, Facebook does not react expeditiously to user reports and that when signed in to Facebook as minor, some of the adverts displayed on the profile could be considered inappropriate.
Users must be 13 or older to use Facebook, but this relies on self-declaration. When trying to register as a nine-year-old, permission was denied and it was not possible to immediately re-register as older from that machine. However, it was possible to re-register once the browser was closed down and reopened. No parental control devices are available on Facebook.
A further nine companies -- Dailymotion, Google, Microsoft Europe, Skyrock, Netzwerke, Stardoll, Sulake, Yahoo Europe and Wer-kennt-wen -- have also signed the Safer Social Networking Principles and will be tested later this year.
Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to jennifer_baker@idg.com.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.