__Every day, companies and cybercriminals collect, analyze, store, and sell your personal data. At best, this information is used by organizations to influence products, sales, and other marketing goals. At worst, the information is used by cybercriminals for financial gain. __
What exactly is personal data?
Personal data is a pretty vague term that includes any information related to an identified or unidentified person. Things like your social security number, driver's license number, banking details, and address are among the most sensitive of your personal data. Other bits of personal data include your search history, location history, IP address, and social media posts. The list of items that encompass the term Personal Data is endless.
Personal Identifiers
These are things that identify you as a person. It includes your first and last name, nickname, name changes, postal address, IP address, email address, username, social security number, passport number, or other identifiers that point to you as a person.
Customer Records
These are things that identify you as a customer of a business and include personal identifiers and records held by companies you do business with. Some of these records include your name, signature, social security number, physical description, address, phone number, passport number, driver's license or state identification card, insurance policy number, education background, current or past employment information, bank account number, credit or debit card number, other financial information, credit score, medical information, or health insurance information.
Biometric Information
These are physical traits that distinguish you from other people. Biometric information includes your hair color, eye color, fingerprints, height, retina scans, facial recognition, and voice.
Online Profile
This includes information collected about you online, including your browser history, search history, browser cookies, advertisements you've clicked on, and online purchases.
Why would someone want my personal data?
Different entities want your personal data for various purposes. Each time you upload a photo to the internet, you make Artificial Intelligence (AI) machines smarter. Your location history alerts investors which stores attract the most shoppers. Your search history informs advertisers what products you're most likely to buy. Personal data drives the most profitable corporations, and without it, these companies could not exist as they do today.
On the other hand, this same data in the wrong hands can be detrimental. Data breaches are at an all-time high, and scammers' phishing tactics are becoming more advanced, to the point that they outsmart email spam filters. When data gets into the wrong hands, either through a data breach or a successful phishing scam, cybercriminals can do anything they want with it. They can use your information to send emails in your name to scam your contacts, damage your reputation, access your bank accounts or create accounts in your name, perform significant damage to your credit, and sell your information for big bucks on the deep web. Even if you're broke and think a hacker couldn't possibly do anything with your information, there is still immeasurable value to your data.
What Safeguards are in place to protect my personal data?
Unfortunately, there isn't a universal standard in place to protect personal data. Because of that, the standards used to protect your information will vary widely depending on industry, the location where your data is stored, your location, as well as what services are utilized by the company storing your data.
Location-Based Standards
On January 1, 2020, the California Consumer Privacy Act (CCPA) went into effect. It regulates how businesses around the world are allowed to handle the personal information of California residents. It is the first law of its kind in the United States, and violators may face a fine of up to only $7,500, which is reserved for only intentional violations.
The General Data Protection Regulation (GDPR) went into effect in April 2016 and set principals to protect the European Union citizens. It is based on fairness, purpose limitation, data minimization, accuracy, integrity, and confidentiality. Those found in violation of the standards set by GDPR can face fines of up to €20 million or 4% of the company's global annual turnover of the previous financial year, whichever is higher.
Other companies with similar data protection regulations include Brazil, Australia, Japan, South Korea, and Thailand. The majority of countries in the world have not adopted standards.
Industry-Based Standards
The United States has some industry-focused standards. For example, the Driver's Privacy Protection Act of 1994 protects the disclosure of personal information collected by each state's Department of Motor Vehicles. Children's Online Privacy Protection Act prohibits collecting personal information of children under the age of 13. The Gramm Leach Bliley Act offers protection for the disclosure of financial information. Healthcare is protected under the Health Information Portability and Accountability Act (HIPAA). Other laws target other sectors, but no law provides universal standards that apply to all industries.
What can I do to protect my personal data?
Don't Automatically Provide Personal Information When Asked.
Companies often request more information about us than they need. When asked for information, especially information like your social security number, driver's license number, or other private data, ask questions to determine if they really need it. If they have a valid need for the information, ask for information about how they keep your data secure.
Know Ahead of Time What To Do If Your Information Is Breached.
If you learn of a data breach, the chances are that you're going to feel a bit panicked. Times like this tend to cloud our better judgment and, in turn, we miss certain major steps that need to be taken. This can cause the situation to become even more devastating than it was when it started. You can learn about what to do when your information has been breached here: I've Been Breached: A Step By Step Guide to Protecting Your Data
Activate Live Account Monitoring While you may be taking steps to stay safe online yourself, this doesn't mean that everyone else is doing the same. The news headlines are full of reports of major websites experiencing data breaches, but only some breaches are made known to the public. Companies hide breaches every day for fear of the negative attention and loss of business that comes with their breach of customers' trust. Guardio offers account monitoring that can alert you right away if your account information was shared online or on the dark web for criminals to access so that you know to begin taking action to protect yourself right away.
Install Browser Protection Browser protection is among the cutting edge of online safety technology. Products like Guardio scan each of the websites that you visit and extensions that you add, to ensure that they're free of malicious code and scams so you can avoid being the one to give criminals access to your data inadvertently. They catch things like phishing pages and key loggers that often go unnoticed, even to the savviest individuals. When a malicious site or extension is found, these products block the offending website or extension and let you know why. They also alert you when a website that you're visiting is still too new to be trusted. Browser Protection keeps you safe by stopping threats BEFORE they reach your device, instead of afterward like traditional antivirus solutions.