Check Before You Share — Tips to Help You Protect Your Personal Information
When I see a website or app asking for my details, I’m reminded of the book The Wizard of Earthsea. In this book you can be controlled by anyone who knows your true name. While this book was written in 1968, it provides a cautionary tale about your privacy that’s still relevant today.
In this blog post, I’ll clarify what personal information is and why it’s important, in support of Privacy Awareness Week (2nd — 8th May). And remember, you don’t have to provide your personal information to everyone who asks for it.
What is personal information?
Personal information (sometimes called PII or Personally Identifiable Information, or personal data) is any information that can be used to specifically identify who you are. For example, personal information can range from your full name, birth date, email address and phone number, to information as specific as your location, bank details, or biometrics such as facial or voice recognition.
Why is it important to protect your personal information?
I don’t know why people are so keen to put the details of their private life in public; they forget that invisibility is a superpower. ― Banksy
Did you know 1 in 4 Australians have been a victim of identity crime? Identity crimes include creating fake identity documents, applying for real identity documents using your name but with other people’s pictures, or opening bank accounts in your name. These crimes costs Australians AU$2 billion per year.
This scary statistic highlights the importance of protecting your personal information and reducing the risk of falling victim to identity theft. Your personal information should be protected in the same way you protect physical documents, such as your passport or birth certificate.
How is your personal information harvested?
There are many ways both legitimate and malicious actors can harvest your personal information. For example, the personal information you provide when you are:
- creating an account on a website
- signing in to a mobile app
- registering for an event, such as a webinar
- donating to a charity.
Even on a legitimate site, once you’ve entered your personal information, Australian privacy laws allow an organisation to disclose your details to others, such as for direct marketing activities.
If a legitimate site has this freedom with your details, imagine what the countless unsecured websites, malicious apps and phishing emails can do with your information!
What happens when your privacy is breached?
…privacy is something you can sell, but you can’t buy it back — Bob Dylan, Chronicles: Volume One
In Australia in 2021 there were 900 data breaches reported. Sadly, there’s a growing market for stolen personal information on the dark web. For example, a hacked Facebook account sells for $65 while a full set of credit card information (name, SSN, birth date & CVV) is worth $45.
This means for $45 someone can not only open a bank account in your name, but negatively impact your credit rating and diminish your borrowing capacity all at once. We know it’s a bit of self-promotion here — but check out SEEK’s Protect Yourself Online pages in AU & NZ to find helpful links to government sites if your personal information has been stolen.
How can you protect your personal information?
If you reveal your secrets to the wind, you should not blame the wind for revealing them to the trees — Kahlil Gibran
Always think about why you’re being asked for personal information online. Do they really need your phone number or date of birth to identify you? In some situations in Australia you have the right to use a pseudonym or engage anonymously.
Here are some tips to protect your personal information:
- Be careful about what you share on social media, so your information is less likely to be harvested
- Check your credit rating regularly to ensure your information hasn’t been compromised
- Provide minimal information, if it’s not mandatory, and think twice before giving your details away.
- Give out your personal information unless you know how it is going to be used.
- Provide personal information on sites like LinkedIn.
- Provide copies of personal documents within a CV.
Our SEEK Security team recommend regularly checking the website https://haveibeenpwned.com/ for any data breaches associated with your personal email address. This site lets you subscribe to notifications for any future breaches on your email address, so you can take any necessary steps such as changing passwords.