The Facebook privacy war has escalated to a whole new level. An international regulator is now charging that the social-networking site is building shadow profiles of nonusers. That's right, there is no running from Facebook.

Back in August, Ireland's Office of the Data Protection Commissioner filed a claim against Facebook for collecting data -- phone numbers, e-mails, names -- of people who are not even on Facebook. Ireland's Facebook is undergoing auditing this month. Facebook itself continues to deny allegations that it tracks users and nonusers, and that it stores their personal information. In fact, representatives of the networking site insist that cookies and plug-ins are used to improve user security.

It turns out Ireland isn't buying any of that. Compared with American information privacy laws, the European versions are actually stricter about penalizing companies violating those regulations. In the United States, several states are proceeding with privacy-rights litigation, while the Federal Trade Commission continues to investigate the company's activity.

For holding deleted user information, Facebook may be facing a fine of $138,000. A 24-year-old Australian law student demanded that the company hand over the personal data on him in its possession. He was sent a disk containing 1,200 pages of his information, including friending histories, likes and chat logs. The real problem was that he had deleted most of those data, but Facebook held on to them.

Although there isn't evidence of Facebook actually using any of this personal information, the concern remains that privacy breaches or hacks could easily leak someone's data to third parties.