Working in the IT industry, we spend a lot of time helping business owners and senior management to understand the risks of cybercrime; both to their organisations and to them personally. Security of data, particularly information held on individuals and subject to data protection law is quite rightly a concern for Board Members. With the impending arrival of the new EU General Data Protection Regulation (GDPR) which tightens both the criteria and penalties around data protection laws, this has significantly increased in profile.
But protecting digital identity is not just a concern for business. There is an increasing awareness amongst the public at large of the potential of identity theft and the very significant impact that it can have. Whilst the most common forms of identity fraud are financial, it is well known that criminals have used stolen identity to commit cybercrime, traffic drugs, smuggle illegal goods and a whole range of other illegal activities.
Between 2014 and 2015 the number of reported cases of identity fraud rose by 57%.
Some personal details were found to have been disclosed by hacking computers but increasingly fraudsters used social media to put together the pieces of someone’s identity
However, despite the attempts to make businesses more accountable for the data they hold on you, the technology – and more importantly our use of it – seems to be taking us further away from having any control of our identity in the digital world. And as a result, we are more exposed to both the risk of criminal activity and loss of privacy associated with it.
A prime example of this are the myriad of ‘free’ tools and applications we use every day on the web. From social networking services through to price comparison tools, we are willingly submitting what in some cases is quite personal information – in effect our ‘payment’ for using these services.
Information you submit online is often used to profile you and sold for advertising purposes
Facebook, one of the leaders in this form of profiling, even combine the data they collect with information from other providers such as credit record agency Experian to build up a highly detailed and accurate picture of you, where you live, your financial situation, your friends and likes and dislikes. Data that could be incredibly powerful and damaging in the wrong hands.
Of course, the shrewder amongst us will always ensure we tick the right boxes when submitting our details to request it is kept confidential. Even then of course security breaches can result in it being unwillingly disclosed as was well publicised with the hacking of the Internet provider Talk Talk.
The situation may become yet more complex in the future as our data is stored on distributed ledger technologies such as Blockchain. Whilst bringing promises of increased security, by design these technologies mean we will never actually know where our data is being stored.
So, where are we going with this post? Well, a lot of focus around preventing Cyber Crime is based on securing our computers, having good password hygiene and treating suspect emails with caution. Whilst all this is sound advice that we suggest you follow, protecting your digital identity, and disclosing the minimum of personal details online is just as critical. And think about what you might be ‘selling’ next time you give it away.
For more advice on Cyber Crime and how it affects you and your business, register for one of our workshops.