Privacy settings on any sort of application are important, but on social networking they're crucial. Facebook has privacy settings and you're able to make your profile private so that, for example, recruiters can not find your drunken pictures etc.
However, the privacy settings are not that clear when you make your profile "private". If, for example, you fail to change the search privacy settings it entirely possible for some to cross reference search for people and find out information that is meant to be private.
For example, an advanced search for all Muslim men in London who are also gay throws up many results, including profiles of people that have restricted access to information about their sexuality. Whilst the information is not displayed, Facebook has, by providing the result, confirmed that information about a person.
There is a simple fix for this if you have a "private profile", simply lower the "search privacy" settings right down so that your profile cannot be cross-reference searched by someone data mining. The big question is whether, in it's default mode, Facebook privacy settings are actually breaching data protection laws?
For more information see here