Why We Should Take Privacy & Security Seriously???
I hope all of you are fit and fine. Nowadays most of the peoples are filling COVID vaccine form and posting it directly on social media is a trend. Where private information like citizenship, contact number etc. are disclosed publicly on the internet. I know privacy and security is a new topic for a country like Nepal. So I decided why not share what I understand and why Privacy and security matters. Is it a really serious topic?
I also saw most of the time if someone’s found citizenship, passport, license etc document he/she directly post in the social media without hiding or blurring their private information.
We don’t care or give importance of our data until we are victim our self!
Why it matters? Does privacy matter?
Personally identifiable information (PII) is any data that can be used to identify a specific individual. Social Security numbers, mailing or email address, and phone numbers have most commonly been considered PII, but technology has expanded the scope of PII considerably. It can include an IP address, login IDs, social media posts, or digital images. Geolocation, biometric, and behavioural data can also be classified as PII.
So where it can be used to misused our data?
Yes, this data leads to find more information directly and indirectly. Where it can be misused in the following places:
- We make our citizenship/passport/license etc. documents one time and it will be forever. And if it leaked it can not be changed. (Like our father’s name mother’s name, date of birth, birthplace which can not be changed it will remain forever.) So we need especial take care of it before it leaks.
- If we post citizenship/passport or any documents malicious use can documents in fraud activities one good example can be used to buying new sim card using that sim card in fraud activities.
- If we just post with citizenship number, passport number, date of birth. Using date information a malicious actor can use that information to bypass the mechanism.
- Like if a malicious user accidentally get your username and password then try to login in from unknown location or device many of social media like Google, Facebook and some of banking account asks dob, citizenship number to verify if you really try to login or not.
Social media like Google, Facebook and some banking account ask to verify if you try to log in or not. Where it is asked to verify by uploading your document or asks date of birth. Guess what if the malicious user already got it?
- So we should be very careful before we post our private information publicly.
According to GDPR for especially severe violations, listed in Art. 83(5) GDPR, the fine framework can be up to 20 million euros.
Yahoo had paid a $35 million penalty to settle charges related to the data breach. Where names, email addresses, telephone numbers, dates of birth, hashed passwords etc are leaked.
But are we breaching or selling our data for free? seriously??
Advice from my side:
- Don’t post this kind of information/documents publicly which discloses our private information.
- If you want to post, please blur the sensitive information like citizenship number, passport number, date of birth etc. so using that information malicious can not misuse.
- Don’t publicly allow your full date of birth on Facebook or other social media.
- Use a different email for different purposes.
- Use all the available security mechanisms like Two Factor Authentication(2FA).
- Use the different password in different social accounts.
- Completely remove the phone number after you don’t use it.
Thank you so much for your time to reading my article.
Also, I am thankful to Nirmal Dahal dai for proofreading.
If this article seems informative don’t forget to share this article with your friends, family and circle. #StaySafe #StaySecure
Connect with me on:
What is personally identifiable information (PII)? How to protect it under GDPR
Personally identifiable information (PII) is any data that can be used to identify a specific individual. Social…
What is considered personal data under the EU GDPR? - GDPR.eu
The EU's General Data Protection Regulation (GDPR) tries to strike a balance between being strong enough to give…
Yahoo reaches $117.5 million settlement in huge data breach
San Francisco - Nearly 200 million people who had sensitive information snatched from their Yahoo accounts will receive…