You provide some of it voluntarily on your social media profiles. Signup forms and surveys request other pieces of it. And even more, is sneakily gathered on just about every website you visit.
Regardless of the way it’s obtained, your personally identifying information (PII) is a precious commodity. It’s in high demand by government agencies, tech giants, marketing firms and everything in between. These entities use your PII to build surveillance profiles, sell you products, and even predict your future interests and activities.
Creeped out? We don’t blame you. PII collection is a privacy nightmare – but we’ve got the information you need to wake up from it.
What is PII?
The precise definition of PII varies by country, as it’s a legal term rather than a technical one.
In the USA, PII is defined as information that directly or indirectly infers your identity. This includes information that is linked or linkable to you.
Linked information is specific to you, such as your full name, email address, SSN, phone number, credit card number, or login credentials. Digital identifiers – IP addresses, web cookies, MAC addresses, and other device IDs – are also considered PII. Linkable information doesn’t identify you on its own but could do so in conjunction with additional information. Examples include your gender, race, zip code, and last name.
In the EU, PII is called “personal data” and is covered by the General Data Protection Regulation. It includes names, usernames, ID numbers and addresses, as in the US definition. IP addresses, device IDs, and cookies also count as personal data. The EU’s definition also includes any directly- or indirectly-identifying information in many different categories: physical, mental, physiological, financial, cultural, and social.
Not sure if something counts as PII? There’s a good rule of thumb to follow. If it’s specific to you or could be combined with other information to describe you specifically, it’s PII.
Who Collects PII and How?
Bad news, privacy lovers: just about everyone has their hand in the PII honeypot these days. Their reasons for doing so range from understandable to sketchy to downright nefarious.
Social Media
Perhaps the most obvious source of PII is social media. We voluntarily provide all sorts of PII to it on an ongoing basis. Facebook’s entire purpose is to personally identify you so that you can connect with those you know. LinkedIn needs not just your name and location but also your employment and education histories to serve its function. Other sites, like Twitter and Instagram, allow for more anonymity but still require PII to sign up.
Even if you don’t fill out your entire profile, these sites still collect PII in other ways. If you’re tagged in a photo, that data gets added to Facebook’s facial recognition database. Social media apps demand location data from your GPS and network adapters, creating a map of your real-world activity. And social media trackers like Facebook Pixel are found on most websites and link your profile to your browsing history.
Search Engines
A search engine query might not amount to PII on its own. You’re not the only one looking up Avengers showtimes, after all. But when queries are combined, or linked to your email account, they can paint a very personal picture of you. The most popular search engines – Google, Microsoft Bing, and Yahoo – are also the biggest ad providers. They offer their search engine services for free because your searches are the product.
Your compiled search history makes for a very valuable profile. It’s a clear reflection of your interests – the things you spend time and money on. But it can also be used to calculate your age, gender, location, marital status, occupation, and even health status. Search engines use these agglomerated profiles for their ads, but they also sell them to other companies. Your supposedly private searches are surprisingly big moneymakers – just not for you.
Retailers
Most of us don’t have a problem handing over our PII when shopping online. After all, we’re not going to get any packages without providing our addresses and credit card details. Some merchants continue to profit from you even after your purchase by selling your PII to other companies. But even those that don’t often have their own motives for storing your data.
The daily barrage of emails regarding “products we think you’ll love!” is good evidence of this. With your email address and purchase history in hand, it’s second nature for any company to advertise in this way.
But what if you haven’t bought anything before? Well, if you signed up for that newsletter to get a 15% off code, you’re still a direct target. Browser cookies let the merchant know which products you viewed and even how much you liked them based on your visit times. Cookies also give the retailer a way to follow you around the web with targeted ads, even on unrelated websites.
App Developers
The iOS App Store and Google Play Store are both filled to the brim with free apps. Developers have to make money somehow. To do so, they typically pepper their free apps and games with ads and in-app purchases. But that’s not the only way they profit from their apps: they also harvest PII.
A mobile game shouldn’t need access to your location, contacts, and text messages. But check the permissions and chances are you’ll see those things listed. The app collects your PII so the developer can then use it for ads or sell it to a third party. As with search engines and other web services, remember: if it’s free, you’re the product.
Even top-rated apps have been caught collecting and redistributing PII. The Weather Channel app, for instance, ostensibly tracks location data to display an accurate forecast. But that location data was also used for hedge fund analysis. It tracked the stores that users visited to assess retailers’ popularity and investment potential. And the dating app Plenty of Fish sold a million user profiles to a data broker. The broker then resold the data, including zip codes, sexualities, and photos, for around $150.
Website Analytics
Running behind the scenes on nearly every website is a complex system of analytic software. The most common is Google Analytics. These systems let website owners gather information about you and your activity without you needing to lift a finger. Your location, keystrokes, mouse movements, and timestamps are all available to the site owner. Other data, like your IP address and device ID, is stored by Google but isn’t available to the site owner.
Analytic data is used by site owners to find out which pages are most popular, track ad clicks, and identify usage trends. But is it PII? It depends on the amounts and types of data included. If IP addresses or other ID numbers are included, the answer is likely yes. But overall, it’s a bit of a gray area – one that’s likely to be the subject of many privacy debates in the near future.
Governments
You likely give the government plenty of PII without thinking twice. After all, it’s not like you have much of a choice. The DMV requires your name, address, SSN, and date of birth to issue your driver’s license. That information and more is needed to purchase property. And when you get married or go to court, your PII (and your privacy) becomes inextricably linked with others’.
But many of these government records are publicly available, both in-person and online. And even those that aren’t can often be obtained for the right price. Some DMVs sell citizens’ data to private companies. Ever wonder how “people search” sites like Spokeo possess such detailed information on virtually every one? The answer is government records, and the incredible amounts of PII held within them.
And we can’t forget the various NSA data harvesting scandals that have surfaced over the past decade. From PRISM to ECHELON to Xkeyscore, government intelligence programs monitor digital communications from around the world. Online profiles, real names, contacts, browsing activity, and email content is collected and stored. Though there’s no evidence that this data is sold, it is freely shared with several other countries.
Who Buys PII?
We know who collects PII (pretty much everyone) and how it’s used (mostly ads). But there’s also clearly an external market for it as well. Retailer marketing emails are only so profitable, and they don’t explain the weird places your data often ends up in. So who buys PII – and what do they do with it?
Enter the world of data brokers. These can be standalone companies or divisions of an existing company, but all do the same thing: buy and sell personal data. Though the industry has historically been secretive, several states now require data brokers to be publicly identified. Thanks to this, we now have a better idea of who’s trading your data and why.
Advertising and Marketing Data Brokers
Acxiom, Epsilon, Oracle Data Cloud: three examples of companies you’ve never heard of, though they know all about you. They’re just a few of the many advertising and marketing data brokers collecting and trading your data.
These brokers purchase their data from websites, web tracking companies, and other brokers. They then compile it into “audiences” – subgroups of people with various traits. Some of these are simple and obvious, such as people who like cars or people with young children. Others are the result of complex analysis: impulsive shoppers, potential inheritance recipients, users susceptible to “fake news.”
Any company interested in targeting an audience can buy a list for just pennies a name. Yet advertising data brokers made over 19 billion dollars in 2018 from American companies alone. The quantity of data being traded is astronomical, and it almost certainly includes yours.
Health Data Brokers
You might think your medical information is private, but you’d be wrong. Brokers like Healthcare.com and Experian Health source their information from health records, medical trials and insurance claims. They also use unexpected tactics like obtaining lists of smokers from tobacco company mailing lists.
Although medical privacy laws bind doctors, data brokers aren’t. Initially, names are replaced with unique ID numbers. But these IDs still tie all your information together and potentially identify you, especially if the broker already has your other PII. Your contact information could be for sale in a list of diabetics, alcoholics, cancer survivors or people taking Zoloft.
Advertisers can utilize this information, but it’s got a darker use as well. Insurance companies and healthcare providers use this data to deny coverage or alter treatment. For instance, if a health data broker says that you smoke cigarettes, your insurance company could raise your premiums.
Political Data Brokers
The Facebook/Cambridge Analytica data scandal brought this class of data broker into the public consciousness. But political data brokers have been around since long before that story broke. These companies gather or buy PII from public voting records, social media, web trackers, insurance companies, credit bureaus, and other sources. It’s then sold to political candidates for use in campaigns. Individual data profiles are analyzed to target ads and influence voters.
Cambridge Analytica is defunct, but many brokers specializing in politics remain. These include i360 and Infocore. Come election time, many of the campaign ads you see will be brought to you by a political data broker.
Background and Credit Check Data Brokers
Want to get a job, rent an apartment, or apply for a loan? You’ll probably have to consent to a background or credit check. And that check will most likely be conducted via a data broker.
Rather than building lists of audiences, these brokers focus on constructing standalone profiles of individuals. Public records are often used, but so are records purchased from DMVs, credit bureaus, and other data brokers. Names, birthdates, and SSNs are good starting points, but these profiles go much deeper. Relatives, address history, criminal records, employment history, salaries, financial accounts – you name it, they’ve got it.
Employers, landlords, and lenders then use this information to decide whether you’re trustworthy or not. A bank may compare your given information with the broker’s to detect fraud. Landlords will look for eviction history and confirm your income and employment. Employers check for criminal history and confirm prior employment. Even the US government has used these brokers to track undocumented immigrants and locate suspected criminals.
Not all background check brokers limit their services to these types of users, though. Some, like Spokeo and Whitepages, call themselves “people search” services. They allow anyone to access someone else’s PII – provided, of course, that the searcher is willing to pay for it. Your ex with stalker tendencies and that dox-happy online troll only need a few bucks to get your PII.
How Can I Protect My PII?
Our PII is everywhere – that much we know. But can we stop it from spreading?
Probably not. At least, not entirely. Terms of use are frequently vague enough that they permit all sorts of data usage – and you can’t opt-out. Invisible trackers lurk on every webpage and in every email. You could quit using the internet altogether (ha!) but your data would still be out there. Public government records generally can’t be taken down, and your photos could still end up on a friend’s Facebook profile.
But you can mitigate the damage and minimize the profits others make from your PII. These tactics range from free and simple to costly and complex. Here are our suggestions – good luck on your privacy restoration journey!
Lock Down Your Mobile Devices
Our phones go everywhere with us these days. That’s great for convenience and terrible for privacy. But making smart choices about the apps and features you use can minimize exposure of your PII.
Always check permissions before using any new apps. Both the iOS App Store and the Google Play Store make it easy to do so.
On iOS, you’ll need to install the app and then launch it. It will then ask for various permissions, which you can allow or disallow. On Android, you’re shown a list of permissions when you first attempt to download an app. The permissions should align with the purpose of the app – if they don’t, that’s a sign that your PII is at risk. A calculator app shouldn’t need to access your address book, and a typical mobile game shouldn’t need your location.
Speaking of location data, that’s one of the toughest things to keep private. Even if your GPS is off, your location can be estimated using WiFi and cell tower signals. Apps like Facebook need your location for geo-tagging, but many continue to track it even when you’re not making a post. The only way to stop this is to disable the location feature entirely.
Disable Third-Party Web Cookies
Third-party cookies aren’t all bad. Many are used for legitimate purposes, like streaming video from different sources. But some track your page views for targeted advertising or sale to data brokers. Others are used by social media sites like Facebook to link your browsing activity to your profile.
All web browsers allow you to disable third-party cookies. Doing so can break certain website functions, but it will stop many of the most pervasive PII collectors in their tracks.
On Microsoft Edge, go to Settings – Advanced Settings and set “Cookies” to “Block only third-party cookies.”
If you’re using Firefox, go to the menu and click “Content Blocking.” Select “Custom” and make sure the “Cookies” box is checked. In the drop-down menu, select “All third-party cookies.”
On Chrome, go to Settings – Advanced. Scroll to the “Privacy and Security” section and go to Site Settings – Cookies. Then turn “Block third-party cookies” on.
If some sites don’t work correctly without third-party cookies, you can make exceptions for them. This option is available for Chrome and Firefox. Edge, unfortunately, doesn’t offer a way to allow specific third-party cookies.
On Firefox, visit the site you want to unblock, click the information icon in the address bar and select “Turn off blocking for this site.”
It’s a similar process with Chrome. Visit the site you want to unblock, click the favicon in the Omnibar and click the number under “Cookies.” You can then enable or disable individual cookies or do so in bulk.
Minimize – or Quit – Social Media
It’s one of the biggest time-sinks and distractions in our digital age. But it’s also one of the biggest sources of PII. Social media is both a blessing and a curse, but when it comes to privacy, it’s definitely more of the latter.
Facebook, Twitter, Instagram, and other sites view your profiles, posts, photos, and contacts as data to be sold. And many of the third-party apps you connect to these sites are even less respectful of your privacy. Facebook personality quizzes, surveys, fortune tellers, face manipulation apps… they’re fun, but they exist mainly to harvest your data. The infamous Cambridge Analytica scandal utilized a Facebook survey app to obtain data on app users and all of their friends.
Quitting social media has positive mental health effects, but it also protects your data. But if you’re not ready to give up the habit just yet, you can still boost your privacy. Make sure your profiles are set to private or friends only and don’t link any untrusted third-party apps to them. Change your settings so that you can’t be tagged in posts or photos without your approval. Reduce the amount of PII you display on your profile (especially education, family members, and political/religious affiliations). And tell your friends to do the same – one of them could be the weakest link in the privacy chain.
Use a VPN
There are many reasons to use a virtual private network or VPN. It encrypts your web traffic so your ISP (and your boss) can’t log your browsing activity. Encryption also prevents hackers from intercepting and manipulating your digital data. With a VPN, you can mask your location to access geo-restricted content. Because your IP address changes, site owners and web trackers can’t identify and follow you.
Though free VPNs are available, many of them are bad news for privacy. They keep their own activity logs, which are often shared with third parties. Some even inject their personal ads and trackers into the sites you visit. We recommend using a trustworthy paid VPN instead.
Look for a VPN with a zero-logs policy (and read the privacy policy to verify any such claims). Make sure your provider offers an internet kill switch and DNS/IPv6/WebRTC leak protection. For maximum security, pick one that requires minimal signup information (no phone numbers, addresses, or birth dates). Use an anonymous or throwaway email address to register your account. If possible, pay with cryptocurrency or retailer gift cards to protect your financial information.
Any decent VPN will help you keep your PII safe. Some are more budget-friendly, some offer advanced features, and others support many different OSes and devices. Our favorites include NordVPN, Private Internet Access, AirVPN, ExpressVPN, and VyprVPN.
Opt-Out of Data Brokers
There are thousands of data brokers around the world. You’re not likely to get your information off all of them, but you can at least opt-out of the biggest ones. The process for doing so varies from broker to broker. It generally involves identity verification and lots of patience. Here’s how to rescue your PII from the most heinous data brokers.
Acxiom used to offer consumers the opportunity to view and edit their personal data profiles. However, the company was recently sold and claimed to be in the process of building a new data management tool. In the meantime, the opt-out page is still live and functional. You’ll need to provide a mailing address, phone number and/or email address, plus your name. If you’re opting out on behalf of a child, other dependent or deceased relative, you’ll need to submit the form again for each person.
Oracle Data Cloud’s opt-out form requires your name, email address and mailing address.
Whitepages allows you to remove your profile, but the process is a bit convoluted. You’ll need to enter the URL of your profile in this form and provide a reason for your request. Then you’ll need to provide a phone number and input a code to verify your identity. This removes your standard listing but not your Premium listing. To remove that, you’ll need to submit a support ticket and verify your name and address.
Epsilon doesn’t provide detailed opt-out instructions. Its opt-out information page states that you can opt-out via email or snail mail. Though addresses are provided, it’s not clear what information you need to include in your request.
Intelius provides a simple opt-out form that requires only your name and email address. Removal requests are processed within 72 hours.
Opt-out instructions for many other data brokers are available here, though the list isn’t comprehensive. Some services, like DeleteMe, remove your PII from various people search sites for a fee. However, these services aren’t comprehensive either, and many data brokers don’t allow third parties to submit opt-out requests.
Summary: Names, addresses, interests, habits… many aspects of yourself are considered PII, and they’re all probably for sale. Social media sites, retailers, and data brokers harvest your personal data and sell it to advertisers, insurance companies, and each other.
