Business Unusual

Treat your personal data like cash (because that's what it is)

It appears that a database with a significant amount of information about you has been leaked. It may not have been intentional, but it does not matter really. Once the data has been leaked, it is anyone’s guess where it could end up.

It may be that the only people that accessed it, alerted the right people and the data is still safe, but we don’t know. See the piece on bug bounty hunters that explains who those people are.

The reason for this article is less about the leak and more about you and your understanding, and maybe your attitude to your personal data.

Odds are you assume it is so inherently part of you no-one could readily do anything without you knowing or easily rectify the issue should one occur.

So perhaps a different comparison will help. If you have ever had a credit card stolen you know the initial panic, followed by anger and frustration at having to cancel, hopefully be compensated and get a new card issued. Not fun.

Or perhaps you have had the misfortune to have someone copy your car registration and have a bunch of fines delivered to your door.

The point is, all that was needed to create that harm was some numbers and that is all identity theft is - the fraudulent use of some numbers. The problem is that, while you can get a new number for a licence plate and credit card, you are less likely to get a new ID number or home address.

The intention is not to scare you, or make you angry, but rather to appreciate the potential risk and respond accordingly.

If you are reading this at home, consider opening your front gate and door so anyone could enter. It would likely move you to close one or at least monitor them closely. Our understanding and attitude to our personal data is similar. We are not inviting trouble, but we certainly are not doing much to avoid it either.

There are three ways you can respond.

  • Blame others
  • Go completely offline
  • Take steps to limit your risk.

The third option is of course the right thing to do, but our anger is likely to see us opt for the first and our fear the second, neither though solve anything.

A Barclays ad illustrates how easy it is to share your private information unintentionally.

What does the law say?

South Africa is following some of the best practices already tried and tested elsewhere. The main protection will come from the Protection of Private Information Act (POPIA) - or Popi - as you are more likely to hear it referred to.

It is being enacted in parts and once fully enforceable would offer some peace of mind that larger companies would not ignore the risks of falling foul of its provisions.

But it will not only be the large well-resourced companies that will seek to collect information. In fact, it would be unfair to exclude small business from what effectively is, or will become, a digital economy.

Instead we would need to take some steps ourselves when dealing with organisations wishing to access your personal information.

There is a simple test to determine if your personal info is more important than the service being offered. If the service is provided for free, your personal info is more valuable than the service.

This article is free to read, but we hope many will read it and when they do, they will see ads posted elsewhere on the page. Our ability to get advertisers to pay us for those ads is based either on how many people will see it or who may see it.

We don’t really know too much about who will see it, but if you visited this page and you have also visited Facebook or Google then they know who you are, what you have read and how often you return.

Almost every action you do online is being tracked by someone and all that information is being analysed to maximise the potential to have you buy some service or product because companies like Facebook and Google - and many others - offer their platforms free in exchange for exposing you to advertisers that want to sell you something.

Access to your info may allow someone to hack your email and bank accounts or use them to send spam or fake money requests to your friends (or to post ads as endorsement to your social media, or get you to like posts and pages you otherwise never would). It can be used to open accounts in your name, deflect bad reviews or complaints to you and even to blackmail you should someone get access to embarrassing documents or pictures.

Some breaches would be like a mugging where you are being directly targeted. It is more common your information might simply be bundled up with millions of others and sold for a few cents to someone else to extort money or misrepresent you.

John Oliver explains what it means when you don't understand that you are actually the product. Warning: strong language

So what can you do?

Small things will make a big difference, consider carefully who you share your ID with.

There are 7 principles that you should look for.

Notice — data subjects should be given notice when their data is being collected;
Purpose — data should only be used for the purpose stated and not for any other purposes;
Consent — data should not be disclosed without the data subject’s consent;
Security — collected data should be kept secure from any potential abuses;
Disclosure — data subjects should be informed as to who is collecting their data;
Access — data subjects should be allowed to access their data and make corrections to any inaccurate data; and
Accountability — data subjects should have a method available to them to hold data collectors accountable for not following the above principles.

A random online competition from a site you have never seen before? Don’t do it.

Great deal to buy something online via an email from someone you don’t know? Nope.

Take a free personality test offered from a company you have never heard about? Pass.

An email request to update your details from a company or person you don’t know? Delete.

You get the picture. Share what is requested only when you are sure you know who you are giving it to. It would be a bridge too far to recommend you actually read the terms and conditions, because you won’t, but at least check the privacy section.

Ideally governments might take the responsibility of verifying who you are to others as you already need to verify yourself to them. See the piece on e-government about how a chapter 9 institution could do this. For there are companies like ThisIsMe who offer the service.

Lastly, and this is actually the easiest thing, get a password manager. One you pay for would be best although if you use Google and have two-factor authentication enabled then you could use their Smart Lock. It is free, and so if you are trusting that Google will be more responsible with your data despite you still being the product for their advertising machine, then at least you will be getting more services in return.


Recommended

by NEWSROOM AI

CapeTalk welcomes all comments that are constructive, contribute to discussions in a meaningful manner and take stories forward.

However, we will NOT condone the following:

  • Racism (including offensive comments based on ethnicity and nationality)
  • Sexism
  • Homophobia
  • Religious intolerance
  • Cyber bullying
  • Hate speech
  • Derogatory language
  • Comments inciting violence.

We ask that your comments remain relevant to the articles they appear on and do not include general banter or conversation as this dilutes the effectiveness of the comments section.

We strive to make the CapeTalk community a safe and welcoming space for all.

CapeTalk reserves the right to: 1) remove any comments that do not follow the above guidelines; and, 2) ban users who repeatedly infringe the rules.

Should you find any comments upsetting or offensive you can also flag them and we will assess it against our guidelines.

CapeTalk is constantly reviewing its comments policy in order to create an environment conducive to constructive conversations.

Read More
The 5th Industrial Revolution sounds as scary as hell

The 5th Industrial Revolution sounds as scary as hell

Predicting the future is easy, that is why anyone can do it.

Let me tell you a story, its about how you are being manipulated - all the time.

Let me tell you a story, its about how you are being manipulated - all the time.

Entertainment and news are being used to change the way you see the world and not always truthfully.

The real world is about to change, again

The real world is about to change, again

Not only do you have virtual and augmented versions to compete with your reality, now mixed reality is here too.

Antibiotics: how our miracle medicine may be in danger

Antibiotics: how our miracle medicine may be in danger

We thought we had won the war against harmful bacteria, we were wrong.

We hope tech will fix most things, so what happens when we can't fix technology?

We hope tech will fix most things, so what happens when we can't fix technology?

A system that favours replacement rather than repair has allowed for rapid improvements, but that might need to change.

Why we celebrate a saints day with commercial things to show love

Why we celebrate a saints day with commercial things to show love

Valentine's Day is hundreds of years old, but some of the tokens of our love are quite new.

Popular articles
Why many couples today are struggling with marriage

Why many couples today are struggling with marriage

Dr Eve advises that many modern couples need marriage to be a safe space for self-expression and self-actualisation.

'The NPA should be ready and re-enroll the matter' - Nel on Malema prosecution

'The NPA should be ready and re-enroll the matter' - Nel on Malema prosecution

AfriForum not backing down over decision to privately prosecute Julius Malema.

'They shot out the tyres and they shot the victim'

'They shot out the tyres and they shot the victim'

EWN's Mandy Weiner describes an eyewitness account of one of the two shootings on Johannesburg's highways on Wednesday.

Cape Town not out the woods yet even with recent rainfall

Cape Town not out the woods yet even with recent rainfall

Climate expert, Piotr Wolski, says the city will know towards the end of May whether 2018 is a good or bad year.

Where is Zuma going to get this 'tsunami' of legal fees?  - Karyn Maughan

Where is Zuma going to get this 'tsunami' of legal fees? - Karyn Maughan

The Presidency has now officially withdrawn its application for leave to appeal the personal costs order against Jacob Zuma.

Water to be released from Berg River to Misverstand Dam to avoid Day Zero

Water to be released from Berg River to Misverstand Dam to avoid Day Zero

Government has put plans in place to prevent the Misverstand Dam from running dry in a week's time.

Highly-criticised world athletics body's rule could end Caster Semenya's career

Highly-criticised world athletics body's rule could end Caster Semenya's career

She faces ongoing complaints from rivals about having an "unfair advantage" on the track, but how fair is this proposed IAAF rule?