New developments on the Internet in the past years have brought up a number of online social networking applications within the so-called Web 2.0 world that experienced phenomenal growth and a tremendous attention in the public. Online social networking services build their business model on the myriad of sensitive personal data provided freely by their users, a fact that is increasingly getting the attention of privacy advocates. After explaining the economic meaning and importance of online social networks to eCommerce in general and reiterating the basic principles of Web 2.0 environments and their enterprise mechanisms in particular, this paper addresses the main informational privacy risks of Web 2.0 business models with a focus on online social networking sites. From literature review and current expert discussions, new privacy research questions are proposed for the future development of privacyenhancing technologies used within Web 2.0 environments. The resulting paradigm shift needed in addressing privacy risks in social networking applications is likely to focus less on access protection, anonymity and unlinkability type of PET-solutions and more on privacy safeguarding measures that enable greater transparency and that directly attach context and purpose limitation to the personally identifiable data itself. The FIDIS/IFIP workshop discussion has resulted in the idea to combine existing privacy-enhancing technologies and protection methods with new safeguarding measures to accommodate the Web 2.0 dynamics and to enhance the informational privacy of Web 2.0 users.