If I was to enter your address and other personal details into an online application like Plaxo (an address book/calendar), and those details were leaked (or sold, for that matter – not that Plaxo would do that), how pissed would you be. Would you forgive me for storing your details in some third party database? If somebody used those leaked details to impersonate you, and they were caught, would I be liable for having entered your details into my online address book in the first place without getting your permission? I wouldn’t think twice about putting someone’s details into an electronic address book that resides on my computer or using an old-fashioned paper-based address book. But an online address book service could potentially store millions of address book entries put there by thousands of users, and it therefore becomes an attractive and worthwhile target for criminals.