The internet is a wonderful resource, but it is also a haven for bad actors who seek to profit off your personal data. Here’s several ways to keep your private info out of the hands of online data brokers and hackers.

The dark side of online data

You might have thought that the latest internet hack you’ve heard about on the news or through social media only impacts a few people with easy to guess passwords. Or that those people put themselves in harm’s way by being careless with their online data. Truth is, if you have ever signed into an online service, signed up to a website or simply given your name, address or other personal information to a company on the web, you are also putting yourself at risk of security and privacy breaches.

All a motivated hacker needs to do is gather enough data in order to compromise your finances, reputation… or even your physical safety.

See, by the time you finish reading this article, the data you have shared online will have been bought and sold countless times by third-party, for-profit companies who specialise in targeted advertising. And there is no guarantee as to the ethics, integrity or digital security of these myriad vendors. Each piece of information and every transaction is another vector for attack, and all a motivated hacker needs to do is gather enough data in order to compromise your finances, reputation… or even your physical safety. Once they’ve amassed enough personal data, bad actors can build a profile that can be used to gain access to virtually any private account you have by successfully impersonating you. The impact of such transgressions could be long lasting or even ongoing.

Now, these revelations may shock you, but there are solutions to the challenge of cybersecurity which don’t involve such drastic steps as closing every online account and living off the grid. In fact, there are several easy steps you can take today to help reduce your vulnerability to online attacks.

Data brokers are the worst

First, let’s understand who might be working against us in this situation. Most people give out their email, name, and address with little to no hesitation. Other data, like our banking details, are generally harder to come by, unless of course there is a reason to conduct a purchase online – something that is fairly commonplace in today’s internet-age. Often these requests might come in the guise of an innocuous registration form, perhaps for a local community sports team, a school event, or even a work-related activity. But the thing is, the story of that data doesn’t end with the initial act of collecting it. Lurking behind that harmless online form could be a data broker – companies that collect, buy and sell personal information.

Some of the types of info that they deal in can include:

  • First and last name
  • Email address
  • Physical address (current and former)
  • Education and occupation
  • Age and gender
  • Telephone and other contact information

Typically, this information can be sourced from your internet history, social media profile, credit card information, online purchase history and government records. Piecing this info together can help to create what’s called a user segment, which is representative of a potential audience that other companies might find commercially interesting. And thus, your data will be sourced, packaged and sold (or re-sold) to the highest bidder, likely forming part of a targeted advertising strategy by some company you’ve never heard of. Though data brokers promise to anonymise the info they are dealing, there are also ways to easily de-anonymise said data, for anyone who is motivated to do so.

If you’d rather your data not be used in this way, there is something that you can do about it.

Personal data deletion services

Whilst not a silver bullet, getting brokers to delete your personal information is a great way to start reclaiming your data. So, just contact all of the data brokers, or hunt around for all of the opt-out forms that you can find, right? Well, unless you are interested in embarking on a never-ending quest, it’s better to use a professional service to handle this on your behalf. A personal data deletion service will contact data brokers, including the big-time players like Axciom, Equifax and CoreLogic, and request that the collected data is deleted from their systems. Some specialise in removing social media info whilst others offer ongoing audit and removal services via subscription.

There are several thousand data brokers across the globe, constantly collecting information on you and selling it to the highest bidder.

Incogni and Delete Me are two of the better-known deletion services, both of which offer to work on your behalf to request that all your personal data be removed from the broker’s databases. However, new brokers can pop up at random and by some accounts there are several thousand of them in operation at any one time. And all of them are constantly collecting data about you (even now!). Deletion services are a good starting point to secure your data, but they can also be costly and should not be relied upon as the only way to protect your online information.

Woman sitting at a table against a window, using her laptop in a public cafe.
When in public, remain private with a VPN. Credit: Bonnie Kittle/Unsplash.

Cleaning up your act

For starters, next time you receive one of those annoying spam emails from a company you can’t remember doing business with, don’t just sent it to trash, follow through. First, see if there is an unsubscribe or opt-out link that you can use to remove yourself from the mailing list. And, if you don’t need their services at all, reduce your risk of attack by contacting the company directly and asking to have your personal data deleted. Most companies will be able to comply, especially those with data and privacy policies (including those in the European Union and Australia). Each account closed is one less opportunity for data brokers to profit off your data, or for it to fall into the wrong hands.

Next, be mindful of what you share on social media, and what you have previously posted. If you have any abandoned accounts or services you no longer log into, follow the same process as the spam emails by requesting your account be closed and personal data deleted. If you do actively use social media, consider the fact that many brokers will scrape user’s profiles for data they can harvest. Close down this avenue by making your profile ‘private’, restricting visibility to your followers only.

Audit the sites, services and apps you log into. If you no longer require their use, remove ‘auto-login’ permissions and close them down for good. And while you are at it, consider updating your passwords and turning on Two Factor Authentication (2FA) or biometric identifiers (such as fingerprint scanning) to help secure your most sensitive or at risk datapoints. This includes social media logins, financial institutions and physical devices such as your PC and smartphone.

And finally, when browsing the internet in a public place like your local coffee shop or airport terminal, never use the public Wi-Fi unsecured. Invest in a virtual private network (VPN) to ensure that no one intercepts your data when you are accessing an open, public network.

Regularly following these tips will help to ensure that your private data remains just that, reducing your chances of having your personal information compromised online.