What is Personally Identifiable Information (PII)?

Personally Identifiable Information (PII)

Personally Identifiable Information, also known as PII, is any information that can be used to identify an individual. This kind of information can be used on its own, or in conjunction with other information that helps to identify an individual. Some examples of PII would be your full name, driver’s license number, social security number, passport number, email address, vehicle registration number, biometric data (face, retinal, or fingerprint scans), birthdate, and telephone number.

Keep in mind that the above list is not “all-inclusive”, and there are many other forms that PII can take, like your medical, employment, or financial histories.

Why should I care about my PII?

Your PII is just that – yours. So, issues arise when PII is mistreated and ends up in the wrong hands. Most often, PII is referenced when speaking about identity theft, data breaches, or general online privacy and security issues. When a company experiences a data breach, any PII that is being stored by that company can end up being sold on the dark web with the intention to be used to commit identity theft.

Once your PII ends up on the dark web, it can be assembled by hackers and ID thieves to take over your identity. Typically, a single piece of PII is not enough for an ID thief to commit fraud, but by compiling a few pieces of PII from sources on the dark web or from data brokers, an ID thief can begin strategizing against a potential target.

Identity Theft is Real

It’s important to emphasize that identity theft is very real, and should not be taken lightly – someone new is impacted by identity theft every two seconds.

According to Javelin Strategy & Research in 2017:

• There was a record high 16.7 Million victims of Identity Fraud in the U.S.

1. • That’s 6.6% of all American consumers – yikes!

• 30% of U.S. consumers were notified of a data breach in 2017
• 1.5 million victims of identity fraud had an intermediary account opened in their name

Your PII and You

PII serves at least one legitimate purpose online: to allow marketing companies to serve you better ads. By compiling general information like your email address, gender, age range and browsing tendencies, data mining companies can create profiles about you which are then sold to marketing companies who serve ads on your Facebook or Instagram feeds, or banner ads on that website you’re visiting.

Unfortunately, there are negative implications with data profiles like this being created. Medical records have been sold to data brokers since the introduction of HIPAA (Health Insurance Portability and Accountability Act) in 1966 using “anonymized data” (health records with unique identifiers removed like name, social security number, or address). Even though the data is mostly “anonymized”, when cross-referenced against other databases, it can be used to build a health record about you, in-turn destroying the data’s anonymity.

These kinds of profiles open the doors to prejudice from health insurance providers or even potential employers – imagine a world where you’re denied a job or health insurance because you did a Google search for “cancer symptoms”.

Protecting Your PII

Even in today’s world of frequent data breaches, consumers are still forced to give out their personal information on a regular basis in order to use the products and services that they need. Because of this, it seems like an impossible task to try and protect your PII from getting into the wrong hands.

Thankfully, you’re not helpless, and you can use these tips to protect your PII:

• Be cautious of what you share on social media

• Remove your personal information from data broker websites (or use DeleteMe)
• Use a Masked Email address when signing up for a new service or mailing list online

• Use a Masked Credit Card when asked for a credit card online

• Use a VPN to disguise your device’s IP address and encrypt your browsing activities
• Request that your information be erased from a company’s database if you no longer need their product or service

The simplest and best thing you can do to protect your PII is to stop giving it out whenever it’s asked of you. Unfortunately, many times you’re still required to provide your real information in order to access a product or service, and you’re forced to trust the company you’re giving it to. Still, there are many things you can do to protect your PII, and your safety should always be prioritized.