If you use a smartphone and download apps, as more than a third of Australians do now, you have probably used an app that pops up a dialogue box asking ''Find your friends?'' and offering to search some new social network - or one of the more familiar ones - for people you already know.
It's easy and quick to click on the ''OK'' button. But do you know what's happening once you do? This is where you suddenly discover that what you thought you knew about your online privacy is wrong - or at best, incomplete.
In mid-February, an Indian researcher, Arun Thampi, figured out what was happening when Path, a would-be social network app for Apple's iPhone for ''sharing your life'', asked that question. It was uploading the entire contents of your address book - names, emails, phone numbers - to Path's servers.
The outcry over this data grab was rapid and widespread - at least among the Silicon Valley digerati and those who watch them. Path's chief executive wrote a mea culpa blogpost, the company updated its app so it would not upload all the data, and everything seemed calm.
Then Dustin Curtis, a user interface designer, pointed out that loads of apps did this. On his blog, he noted: ''I did a quick survey of 15 developers of popular iOS apps, and 13 of them told me they have a contacts database with millions of records. One company's database has Mark Zuckerberg's mobile number, Larry Ellison's home phone number and Bill Gates's mobile number.'' But he added: ''This data is not meant to be public, and people have an expectation of privacy with respect to their contacts.''
More digging showed that Facebook, Instagram, Yelp and the location service Gowalla did too. It seemed like it would be easier to list the apps that did not do it.
For those feeling suddenly itchy about their privacy, there was more to come. A few days after Curtis's blog, Twitter admitted that it too grabbed address book data (though only, it said, your friends' emails and phone numbers); the purpose being just to find people you already know who might already be, or will be, members of the service. Jon Leibowitz, the chairman of the US's powerful Federal Trade Commission, summed it up in a sentence: ''Right now, it is almost impossible to figure out which apps collect data and what they do with it.''
Apple chewed this over silently for a week and then announced that a forthcoming update of the iPhone and iPad software would prevent this.
But just as another privacy storm seemed to have come and gone, another arrived: Jonathan Mayer, who researches online privacy at Stanford University, discovered that Google had hacked past the default privacy settings of Apple's browsers on the iPhone, iPad and desktop so it could track people's use of the web, whether or not they were signed into its services. That also meant its advertising arm DoubleClick could follow them too. Adding to the appearance of culpability, as soon as The Wall Street Journal, following up Mayer's discovery, contacted Google, it stopped doing it. In recent weeks, only Facebook has emerged without immediate criticism.
But the damage has been done. ''Between the Path debacle and Google's Safari cookies, [Silicon] Valley's moral bankruptcy on privacy was made obvious,'' James Grimmelmann, an associate professor at New York Law School, commented on Twitter.
But it's not just in the narrow space of web browsing or apps that we are identifiable. A chilling story in The New York Times described how Target Corporation is now so good at tracking what items people buy that it can spot if someone is pregnant - especially in the second trimester, when they begin buying things such as vitamins and maternity clothes; catch them there and ''we could capture them for years'', as a statistician explained. The 25-item prediction system works so well that Target knew a teenage girl was pregnant (and began sending appropriate shopping coupons to her home) before her father did.
On Target's part, it was nothing personal. But it wasn't private either.
Essentially, the edifices of privacy that we once thought we understood are melting like ice in a heatwave. Once upon a time, before mobile phones, it was really hard, without direct surveillance, for anyone else to know where you were. Now add in smartphones and apps such as Path, Twitter and foursquare, as well as web-based companies such as Facebook and Google that rely on serving ads, and data-crunching like that done by Target (and all the big supermarkets) and the idea of ''privacy'' is being eroded from inside and outside. Your address book is somewhere in the ''cloud''. You are telling anyone who has access to your Facebook profile where you were. Foursquare users can track your whereabouts, if you ''check in''. The supermarket where you shop is sending you coupons for nappies.
A graphical representation of how much public data Facebook used to show in 2005 compared with 2010 looks just like scary forecasts of polar ice cap melt. Except it's already happening. In fact, online privacy looks altogether like global warming: we tut about it and mutter ''something must be done'', and then do the equivalent of clambering into 4x4s - tagging photos on Facebook of friends getting drunk, tweeting pictures of our lovely trip and family on Instagram.
Simon Davies, the director-general of Privacy International, a pressure group that has been warning about the ease of such invasions for years, thinks it's an apt metaphor - but equally that awareness is growing that it's not right, and that we cannot go on this way.
''We have had developers tell us that they don't want their platform screwed up by too much privacy management,'' he says. ''There's all sorts of hoodwinking and linguistic devices that they use to persuade you to hand over your data.''
But there is growing awareness among many people on social networks that there is value in keeping information about yourself, your whereabouts and life private. Not just to protect yourself from identity theft; also just because it's nice to have some part of you that is not subjected to the panopticon of the web.
''It is like the environmental movement, in that there are evangelists working to keep the brakes on excess use,'' Davies says. ''I think Microsoft and Google are starting to see a change there.''
The trouble for Google is that 97 per cent of its revenue comes from serving ads. Its profits improve if people click on ads, and the best way to work out which ads to offer is to watch which web pages people visit.
Google is painfully aware that government agencies take a dim view of any corporate infringement of people's privacy - and also that if it loses users' trust, the slope from top dog in search to also-ran could be slippery.
The culmination was the recent announcement by the Obama administration that it would push for all browsers to have a ''Do Not Track'' button as part of a ''consumer privacy bill of rights'', while the Californian attorney-general said apps would have to include privacy policies to tell users what data they would access.
But where does it all end? ''It's a systemic problem,'' Davies says. ''The situation will only change when it's not fashionable to give away your data, when it becomes sad to do so in front of your peers.''
Is there any chance of that happening? Mayer says there are ''bright spots'' in privacy; he is working on the ''Do Not Track'' system. But others in the industry point to the differences between the US and Europe - the strong data protection legislation in the latter, and its almost total absence in the former - and suggest the gulf cannot be bridged.
The columnist Helen Popkin commented despairingly: ''Facebook is the slowly-warming pot of water and we, my friends, are the frog. By the time we noticed our peeling skin, another hunk of our privacy is long gone.'' But that was last March. Since then more and more chefs have continued to gather around the pot. Do you want to find friends already using this service? Is it getting warm in here?
Guardian News & Media