0

16 December 2013

Do You Know Where Your Personal Information Is?

image

The amount of data on the Internet is staggering.

As consumers of online services, we create information through our use of social media, online shopping, and many other activities.  Public records are also a source of information about individuals, which can get posted online. It is important to be aware that once this data is online, that can be difficult to remove.

Your habits and tolerance for risk can change over time. The information that you felt comfortable sharing publicly a few years ago may seem like information that you’d now rather take back. You may have found information about you online that is incorrect, misleading, or you simply want to get it removed.  Below are some considerations on how to take ownership and control the data about you.

See what information about you is available online

 It can sometimes be shocking how much information is collected about you and publicly available.  The search engines will help you to do a quick query of your public information.  You can also take a proactive approach to set up alerts for search terms of your name.

Data service sites such as Spokeo and Pipl have massive amounts of data compiled from a variety of sources, including public records and social networking sites about individuals.  This data can be used by credit issuers, criminal profilers, employers, and others for any number of purposes, not necessarily intended by the data service providers.

The first reaction to seeing your data might be “Oh my, that’s scary”, followed shortly by, “How do I remove this?” If you’ve experienced a similar reaction then take the following measures outlined below.  Be aware that some information posted about you is within your control, some of it is not.

Clean up the data you can control

 Information that is under your control includes information that you have posted, such as your social networking profiles and related information. In addition, there could be information about you on old blog postings, postings on a friend’s web site, an old dating profile, picture sharing account, or any other services that were useful at a point in time for you, but no longer necessary.

Review the accounts that you have access to. You basically have three options—remove the data, modify the privacy settings, and/or request that the account be deleted.  If you are going to request that the account be deleted, be sure to first remove all of the data. Be sure to request that the account be deleted rather than deactivated.

Request cleanup of data you don’t control

Contact site owners.  If the site does not have contact information for the site owners easily visible, you can look it up using the “WHOIS” service to give you an administrative and technical contact for the site. A “WHOIS” query can be done by visiting the website http://whois.net/.

 Opt out of data service providers.  The data service provider is a company or group that will provide lists of contact information to individuals or companies that request it.  They often charge a fee for this information.  In many cases, data service providers provide individuals with the ability to opt out of having their data published.  It is important to bear in mind that these services are aggregators, so the original source provider of the information will also likely have to be contacted to remove your information.  The Privacy Rights Clearinghouse publishes the opt-out URL for over 240 of these types of services.

Use a professional service.  The maintenance of your online data requires discipline and regular review.  What if there is misinformation being posted about you that you cannot get removed through the steps discussed above?  Then it is time to consider using a professional service. These services will constantly search for, analyze, and remove data that you don’t want public.  Review the service terms carefully from these companies to ensure the service you desire is what is being provided.

 The best course of action that you can take is to be aggressive about maintaining a cycle of checking your public data and removing items which don’t match your current risk tolerance.

For More Information:

 

For additional information, please visit:

Privacy Rights Clearinghouse Opt-Out Urls: www.privacyrights.org/online-information-brokers-list

Google support page for removal of data:  http://support.google.com/webmasters/bin/answer.py?hl=en&answer=164133&topic=1724262&ctx=topic

IT World Article, “Rescue your Online Reputation”:  www.itworld.com/it-managementstrategy/212115/seven-ways-rescue-your-online-reputation?page=0,2

Times Article “How to Fix (or Kill) Web Data About You”: www.nytimes.com/2011/04/14/technology/personaltech/14basics.html?_r=0

The information provided in the Monthly Security Tips Newsletters is intended to increase the security awareness of an organization’s end users and to help them behave in a more secure manner within their work environment.  While some of the tips may relate to maintaining a home computer, the increased awareness is intended to help improve the organization’s overall cyber security posture. This is especially critical if employees access their work network from their home computer. Organizations have permission and are encouraged to brand and redistribute this newsletter in whole for educational, non-commercial purposes.