Stay on Top of Enterprise Technology Trends Get updates impacting your industry from our GigaOm Research Community

Everyone knows Facebook (s fb) is full of interesting data that’s being exploited in all sorts of ways –- whether by startups building businesses on the social graph, or employers who are vetting job candidates using the site. But here’s a way in which you might not want your data mined: to help inform your credit score.

That’s precisely what’s on the cards in Germany, where Schufa, the country’s largest ratings firm, wants access to data from the Facebook, LinkedIn (s LNKD) and Twitter accounts of its customers.

For what? According to documents leaked to German media, the information would be used to “to identify and evaluate opportunities for and threats to the company.”

Schufa — which uses the slogan “We Build Confidence” — opened up a laboratory in conjunction with the Hasso Plattner Institute in Potsdam at the start of April, and both have confirmed that this is among their planned projects.

Cue outrage:

“It cannot be that social networks are systematically scoured for sensitive data, resulting in credit ratings of customers,” said consumer protection minister Ilse Aigner. “Content and comments on social networking sites should not be abused by the credit bureaus. Schufa may not be the Big Brother of the economy.”

It’s perhaps even more surprising that this effort should emerge in privacy-mad Germany, a country with a dark past where most people are very conscious of data protection concerns. Given that background, it’s hardly a surprise that Schufa and the HPI weren’t exactly shouting their plans from the rooftops.

So what kind of data does the credit agency actually want to mine? According to the leaked documents, the main thrusts seem to be establishing relationship links between people and keeping tabs on address changes and address history.

But not if it’s private, Schufa spokesman Andreas Lehmann told me, insisting that the experimental project would only draw in what the subject has chosen to make public.

If this all seems familiar, it should. A Hong Kong-based microlending startup called Lenddo caused a stir last December by asking potential customers for their social networking logins. And employers have been doing it for ages. The question of what information companies have the right to consider — and what decisions they should be able to infer from your online behavior — is increasingly up for grabs.

Mathew put some of this succinctly a couple of months ago:

“That’s part of what makes the issues around tracking people through Twitter, Facebook and other networks so problematic: the information is already public by default […] users happily post status updates and check-in to places and share that information with the world. How do we determine what is an appropriate use of that information?”

How indeed? For a start, by being aware that what’s public is public, and that most data is of value to someone – if not for commercial reasons, then for other types of surveillance. What used to veer into paranoia is now becoming reality. Not because those who want to pry are getting better at it (although they are), but mainly because we’re getting much worse at privacy.