What is ‘digital privacy’ about?

When using the Internet, many web users reveal a lot more information about themselves than they probably realize. When you visit a website, you’re giving them information about the device you’re using, where you’re connecting from, and how you use their website. Some of this information is required in order to provide the right user experience. Other information may be used to develop a profile about you to help them understand who you are and what you are about.

It is not uncommon for advertisers and publishers to uncover secrets about web users that they themselves were unaware they were revealing online.

Jim Edwards from Business Insider wrote about how advertisers were able to figure out when users were pregnant and used that information to deliver targeted ads towards a number of products aimed a pregnant women.

Kate Kaye from Ad Age wrote a piece about location tracking and how that information is sold off to advertisers.

Whether you’re searching for a nearby restaurant on a smart phone, looking up the price of concert tickets on your laptop, or even making purchases on Amazon using your desktop, these companies are using different tools to track your online behavior in order to build advertising campaigns which appeal to your needs and interests. While this does produce more accurate advertising campaigns, it also highlights the fact that most people aren’t aware of the extent at which the information is gathered and shared. It is also important to note that federal and international laws about data gathering and sharing are still being developed.

Why is this important?

Your online fingerprint is a lot more invasive than you think. By providing your information over the Internet, you open yourself up to potentially malicious individuals using that information for their own gain. For example, if someone is able to figure out your mother’s maiden name, they could feasibly reset your password on a website where your mother’s maiden name was used as a security question.

Social media websites like Twitter and Facebook connect people online. Most of these services are provided free for the whole world to use, but these companies have to find ways to pay their bills. They do this through advertising and through the collection of information which often times is sold to third-parties. While there are privacy controls on most of these social networks, they are not always straight-forward and most of the time they are not turned on by default.

Facebook has an entire section dedicated to their privacy settings and tools, showing just how granular and complicated the settings can be. Some companies want to make the process of opting out of tracking or restricting who can view your information difficult in the hopes that you will give up and not change the settings. While some web users don’t care about their online privacy, others cannot figure out how to protect their privacy despite having an interest in keeping personally identifiable information private.

What is ‘personally identifiable information’?

Information is ‘personally identifiable’ when it can be used to narrow the field of potential people down to or near “1”.

Your first name could potentially identify you on the Internet, but many web users have a first name that is shared by thousands of not hundreds of thousands of web users around the world. This alone would not be enough to identify you.

If you’re in the United States, your Social Security Number can be used to personally identify who you are. Your email address can do that as well. Any information that is unique to yourself or close to unique is personally identifiable.

How does my information fall into the wrong hands?

It really depends on what we consider to be “wrong hands”. Some do not want advertisers and publishers to be able to build a profile for them while others simply don’t want malicious actors to have access to their personal information. There are a few ways that this information can end up in a database or even used by a criminal to do something illegal.

Breaches

Over 9 billion individual data records have been lost or stolen since 2013. In many of these cases the breach occurred to a legitimate business that had a legitimate reason to accept and maintain personal information for their users or customers. When this information is not properly secured and their servers are not properly maintained, it becomes possible for malicious actors to access the information and use it either criminally or sell it to online spammers.

Social Media

Your social media presence can say a lot about who you are and what you’re about. It is important to be mindful about what you say about yourself, friends, and family when you’re online. Any bit of information you expose about yourself can be used by someone to identify who you are, who your friends are, and who you are related to which can all be used to either expose who you are online or use your identity in malicious ways. Even with the right privacy settings, you still put your information at risk as a social media platform could be breached, exposing even private information to potentially bad actors.

Phishing and Scams

Phishing refers to an individual or organization pretending to be someone who they are not to gather information from an unaware target. Phishing can be used to get personally identifiable information in order to commit crimes online. It can also be used to get access to accounts in order to take advantage of that access. This is often done through email by spoofing an email address or domain name, but also happens in search results. It is important to ensure that the individual you’re talking to or the website you’re visiting is legitimate before continuing a discussion or taking any action.

(This page is still under construction.)