This paper presents some theoretical considerations arising from empirical research conducted on students from the University of Sassari, Italy (n: 1047). Students have little knowledge of the laws in Italy that regulate surveillance, and they underestimate the extent of dataveillance and e-surveillance. Some interesting findings include: only 30.9% of respondents were aware that Facebook is always allowed to collect and store data on their information behaviour (meaning that around 70% did not know) and only 23.9% knew that Facebook is allowed to reuse and resell personal data (so more than three out of four students did not know). However, half of respondents agreed or strongly agreed that private firms have strong interests in gathering the personal data of Internet users. Furthermore, 58.5% knew that the advertising clients of Facebook are allowed to gather data on users’ information consumption. These data are particularly interesting because they have been collected and analyzed before the PRISM-gate scandal erupted and became popular. In considering these data within a wider framework of data surveillance, this paper also explores the connections between such attitudes and knowledge of and attitudes towards surveillance by social networking sites.