Your personal information can be easily distributed around the internet without your knowledge.
It’s never really a us their personal information is shared and logged behind the screen unbeknownst to them.
When we talk about personal information, we’re looking at your name, email address, home address, date of birth, school, workplace, etc.
This information can often be requested by businesses, and government and non-government organisations on the internet. You’ll be asked to provide it when you sign up to an emailing list, use social media, create a new account to online shop etc.
The information requested can be so general that you may even have your device pre-fill the fields on a web page for you because you regularly give it away.
I got to a point where I just let me phone fill in the fields for my online purchases, because it was convenient!
While you might be happy to provide these pieces of personal information to one party online, it doesn’t just stop with that one party.
There are layers and connections of multiple parties that will also gain access to, or build an online profile of you based on the personal information you provided at first instance.
Let’s explore what happens with your personal information in two scenarios – we’ll compare making an over-the-counter physical purchase with making an online purchase.
Your Personal Information in a Physical Shop
When you buy a book at a shop there are usually three parties involved:
- You
- The shop
- The financial institution where the funds come from
Beneath that layer, the financial institution will have to verify:
- Who you are – from an approved government agency
- Where you live – Usually a utilities company or government agency
- Whether you are a credit risk – verified with a credit agency
So, let’s do an approximate count of the instances of your personal information that will be stored in this scenario:
To start, your personal information is recorded and stored from the day you are born.
A government record is created of who you are, which looks like:
1. A birth certificate,
2. A medicare card, which has your address details.
The financial institution stores the following records of:
3. Who you are,
4. Where you live,
5. Are you a credit risk? They take this from a credit reporting agency.
The credit reporting agency stores the following records of:
6. Who you are,
7. Where you live,
8. Where you have conducted financial transactions,
9. Valid financial transactions, eg. What funds are in your bank account
10. Are you a credit risk? Y/N.
That’s 10 instances of your personal information recorded for one transaction for buying an item at the store.
By comparison, if you paid in physical cash, you can reduce instances of personal information recorded down to 0!
There are no records taken of your personal information.
Your Personal Information in an Online Transaction
Let’s look at the same transaction online.
If you buy a book from an online store, there are several parties involved:
1. You
2. The online store
3. The financial institution where the funds come from
4. The transportation companies delivering the books
5. The survey mechanisms involved (i.e. how did we go?)
6. The website tracking analytics company sponsored by the online bookshop, the credit companies, and the transport company.
If we continue from the same 10 points from the physical book store purchase, we now also include the the following:
The transportation companies delivering the books keep records of:
11. Who you are,
12. Where you live,
13. How to contact you.
The survey mechanisms involved – These are market and research companies assessing how well the services went in delivering your book. They will keep records of:
14. Who you are,
15. Where you live,
16. How to contact you.
The website tracking analytics company keep records of:
17. Who you are,
18. Where you live,
19. How to contact you,
20. The websites you visit,
21. How long you were on the websites,
22. Your Internet Protocol Address (IP Address),
23. Your ISP (Internet Service Provider),
24. What Web Browser you used? (e.g. Safari, Firefox, etc),
25. What device you were on, (PC, iPad, Android Phone etc.).
If the financial institution, online shop, transportation company and online survey company each employed their own web analytics company, we multiply points 17 to 25 by 4 (9 instances of your personal information stored multiplied by 4). You now have an additional 36 instances of personal information recorded.
If we add this to the rest of the online shop process, the instances of personal information that lead to you now are 17 + 36 = 53.
That’s 53 instances of your personal information recorded after making one online purchase.
Now, consider the other organisations that you purchase goods and services from online!
If you had 10 organisations that you made a transaction with online, take your 53 instances of stored personal information and multiply it by 10.
That’s 530 instances of your personal information recorded online from 10 online transactions.
530 instances that are hopefully being managed securely…’Hopefully’ being the operative word.
We don’t want to lay all of this out to scare you.
In the current state of the world, online shopping has become the main way for people to make purchases.
Online shopping has almost become unavoidable.
Our hope is that in being aware of this you’ll be prompted to ensure that your personal information for home and business is safe and secure online.
If you’re concerned about the security measures you have in place for you and your business online, or are interested in tightening your current practices, stay tuned for the next parts of our series.
Our next post is going to be diving into business security online.