Saturday, February 07, 2009

Managing Your Information Footprint...

What information is available about you in cyberspace? What risks does it present and what, if anything, can you do to protect yourself?

These are the pressing questions raised in a terrific article by Computerworld's Robert Mitchell. After weeks of building a digital dossier on himself - or, in other words, investigating what private information about himself was publicly available online - his results are indicative of how real the problem of information privacy has become, and only serve to reinforce digital citizens' most paranoid fears.

Information discovered online:

  • Full legal name
  • Date of birth
  • Social Security number
  • Current property addresses
  • Personal phone numbers
  • Business phone numbers
  • Previous addresses and phone numbers dating back to 1975 (except for cell phone numbers)
  • Real estate property deed descriptions and addresses
  • Property tax record from 2004
  • Assessed value of home from 1997
  • Identifying photographs
  • Digital image of signature
  • Mortgage documents (current and previous) and a legal agreement
  • Computerworld affiliation, stories and blog posts
  • Employment history
  • Resume with educational background going back to high school
  • Sex offender status (negative)
  • Affiliations with several nonprofits
  • Editorial award
  • Spouse's name, age and Social Security number
  • Names of friends and coworkers
  • Names, addresses, phone numbers and first six digits of Social Security numbers for neighbors past and present
  • Parents' names, address, phone and first five digits of Social Security numbers

What I haven't found ... yet:

  • Driver's license number
  • Vehicle registrations
  • Banking records
  • Medical records
  • Detailed demographic data from marketing databases
  • Insurance claims history
  • Vehicle registrations
  • Property records for land in Florida
  • Voter registration record/political affiliation
  • Mother's maiden name
  • City and state of birth


Surely, with all of that information available, if your ex-girlfriend, rival co-worker, or disgruntled student (ahem) wanted to wreak havoc on your life then they'd have a pretty strong fighting chance of doing it. And that's nothing to say of total strangers who go the route of blackmail, extortion, or sexual predation.

Yes, there is hope, but even more important is the fact that if you want to manage your information footprint, then you have to be pro-active. It will not come about naturally by itself.

Mitchell provides a few tips for how to do this - that is, manage your information footprint. And "manage" is the proper term because it will take constant and persistent effort, and nothing is going to be 100% effective.

Unfortunately, many of Mitchell's suggestions are of the standard, run-of-the-mill variety that don't really offer any novel insights - like not giving out your social security number, obtaining a copy of your credit report, and avoiding signing up for retail store loyalty cards. But the reality is that most of us want to buy things from Amazon and iTunes, and that requires giving out our social security number. Many of us get a free copy of our credit report once a year, but then let it sit in a filing cabinet collecting dust, not knowing what else to do with it. And most of us, despite being forewarned about the privacy risks, ultimately find that immediate 10% discount at Target too irresistible when we sign up for their "loyalty" card.

In contrast, most people who I know are more concerned on a day-to-day basis with preventing embarrassing photos of ourselves getting posted to Facebook, or that some guy on the subway with a cell phone camera doesn't make us the next unwitting YouTube star.

The one truly helpful tip that Mitchell provides is that the best way to protect your online information is to get an idea of what information about you is already available online in the first place. Google yourself to see what comes up. Actually tinker with the privacy controls on your Facebook account. Create Google Alerts to continually search the Web and inform you of new instances of personally identifying information such as your name, address, phone number, Social Security number, and so on.

Think of these steps as putting a basic padlock on your high school locker. It won't prevent the most determined people from breaking in, but it ought to be enough to deter 99% of casual passers-by.
  

4 Comments:

At 10:24 AM, Blogger RobMitchell said...

Thanks for your comments about the story.

While most of the tips in my story were "run of the mill" in a sense, many people don't follow them.

One recommendation, however, is less well known. It's important to realize that the answers to security questions posed by financial institutions and others to protect your accounts can often be gleaned from information about you on the Internet.

The advice to use a made up "mother's maiden" name is a less well known idea. It's more work, but if you use your best friend's mother's maiden name it's just as easy to remember. Just to make sure you don't forget, keep that data in a encrypted password file, such as that created by the free Password Safe program. (http://passwordsafe.sourceforge.net/)

--Robert L. Mitchell

 
At 4:53 PM, Blogger Rob Domanski said...

Thanks for the comment, Robert, and I thought your article was terrific.

The Password Safe program, and other software like it, is at least a helpful solution to remembering all of your different passwords. I do this myself using a simple Access database. The only problem is that it's exremely important to secure that file, and then, of course, you find yourself mired in irony... needing a password to get into your password database :-)

 
At 5:51 PM, Anonymous Fitz said...

Rob (and Rob Mitchell),
Excellent article. You do terrific research and writing on the meaning and security of our "digital" lives. The whole idea - privacy, identity - interests me a great deal. Thanks for this and all your other work and advice on this senestive subject.

Fitz

 
At 4:21 PM, Blogger RobMitchell said...

Yes, passwords are a headache. And Password Safe does not allow you to print out a list of user account names and passwords it contains(which could be a good thing).

But it's better than nothing.

 

Post a Comment

<< Home