More and more businesses and organisations are storing our personal data so that it can be used to contact us later, for purposes like marketing (selling us things). Every time you fill in a form on a website, or sign up for a special offer, your details are stored in a database somewhere.
If the data in a database falls into the wrong hands, this can lead to some very big problems...
If the data in a database falls into the wrong hands, this can lead to some very big problems...
Data Misuse
If the wrong person has access to your data, they can misuse it in a variety of ways:
- Data could be deleted (e.g. your bank balance could be wiped out)
- Data could be changed (e.g. you could end up with a criminal record, for something you didn't do)
- Data could be used for blackmail (e.g. your school record might contain information that you are embarrassed about, and someone might threaten to reveal it to the press!)
- Data could be used to help someone impersonate you (e.g. they could apply for a bank loan in your name). This is known as Identity Theft
Identity theft is becoming a huge problem. It's an easy way for a criminal to get money, or goods - there is little risk to them since they are pretending to be someone else!
Imagine if you received a letter from the bank asking for repayment of a $20,000 loan that you didn't apply for!
How could you prove you didn't apply for it when the person who applied had all of your personal information (your name, date of birth, ID numbers, address, parent's names, etc.)?
The more data you reveal about yourself, the more likely you are to be a victim of identity theft.
Time to change your privacy settings on FaceBook! Time to put good passwords on your mobile phone and your laptop!
Imagine if you received a letter from the bank asking for repayment of a $20,000 loan that you didn't apply for!
How could you prove you didn't apply for it when the person who applied had all of your personal information (your name, date of birth, ID numbers, address, parent's names, etc.)?
The more data you reveal about yourself, the more likely you are to be a victim of identity theft.
Time to change your privacy settings on FaceBook! Time to put good passwords on your mobile phone and your laptop!
How Do Bad People Get Your Data?
So how does data end up in the wrong people's hands?
- A CD-ROM or memory stick might be left somewhere by mistake (e.g. on a train)
- A hacker might break in to a network
- A password might be guessed
- Information might be sent in an e-mail which is intercepted
- Someone might read things on an unattended monitor
- The data might be sold by someone for profit
- Discarded printouts can be found in bins
How Do You Stop Data Getting into the Wrong Hands?
You should always follow sensible precautions when dealing with other people's data:
- Encrypt files, especially when taken out of the office (e.g. on a memory stick, or sent via e-mail)
- Use strong passwords
- Lock your computer when you are away from it
- Always shred printouts that contain sensitive data
Data Protection Act
Many governments have realised the need to protect peoples' data from misuse, and have created Data Protection Acts. These are a legal rules that must be followed by any business of organisation that keeps a database containing peoples' personal data.
A typical Data Protection Act might include the following rules:
A typical Data Protection Act might include the following rules:
- Data must only be kept if it is necessary for the business / organisation (e.g. a store shouldn't keep details of your political or religious views - they don't need to know this!)
- Data must be accurate and kept up-to-date (it is the duty of the business / organisation to make sure the data has no errors)
- Data must not be kept longer than necessary (e.g. you can't keep a customer's details forever - only whilst they are still your customer)
- Data must be kept secure (e.g. databases should be encrypted, firewalls should be used for networks, etc.)
- Data must not be transferred to any country that does not have a similar data protection laws
UK Data Protection Act 1988
Every country has its own version of a Data Protection Act, but they all provide a similar set of protections.