How companies use your identity and what you can do to protect it.
One of the most valuable things you own is YOU. Your identity includes the basics - where you live, your age, and your gender. But it also includes your interests, who you know, and what you buy. So, do you know who has your identity? Here’s the life cycle of your identity and what to do to protect it.
It gets collected. Think about the organizations that legally collect information about your identity – your employer, government entities, insurance companies, banks, credit reporting agencies, and non-profit organizations. And then add those companies you give your identity to freely - like Google, Facebook, LinkedIn, Twitter, and any other website or social media platform you visit.
It gets stored. Once your identity gets collected, it then needs to be stored somewhere. Storage is most often on servers or locally on a computer or mobile device. This is one of the core concerns with Tik-Tok, a Chinese-originated short video service. The concern is that a foreign entity will have stored U.S. citizen's interests and behaviors that can help identify potential targets that can be manipulated.
It gets sold. Once information related to your identity and interests are collected, most organizations then sell it to other companies. Not only is information about your identity sometimes collected without your knowledge, this information is then monetized. Your viewing behavior can also be actively manipulated by the sites you view. So if you read articles about cats, you are going to get a lot more articles about cats and get ads that relate to cat-lover behavior. This is often so subtle, you do not realize it is happening.
It gets accessed. If your information is considered a public record, anybody can see it. Business licenses, property tax records and real estate ownership are just a few examples of personal information that anyone can access.
It gets stolen. Identity thieves are always looking for ways to access your information. Thieves either hack one of the organizations that collects your confidential information or find a way to trick you into giving them your information, with techniques such as phishing emails.
What you can do
- Opt-out of providing personal information. The best place to start with protecting your identity is knowing who has access to it and asking if they really need it. Consider opting out of providing information if possible.
- Be vigilant with the data you possess. While you can’t control how secure an insurance company’s servers are, you can control how secure you handle the information and documents you possess. Be on the lookout for phishing emails, verify requests for your information and don’t forget about getting rid of documents the old-fashioned way with a shredder.
- Deliberately monetize your identity. Stop giving away your identity without a thought. Here's an idea. Consider you are worth a million dollars. Then see what these services are paying you for your information and how they are using it. If this little exercise gets you to pause before signing up for a new service, then the exercise is worth it!