We are data and are openly for sale!

Everything that occurs in the modern world begins on a device, we use the terms “Google it” to answer questions and cannot leave the house without an internet-connected device to stay in touch with social media, keep up with the news, watch the latest influencer posts, use the device for navigation and many more digitally connected tasks.

No longer are our lives private or our experiences personal, instead they are all shared and available online; When you click like on a photo, post or video you create a data point, browse amazon but don’t buy you then create a data point, you read the news and agree to the privacy or cookie policy you create a data point; everything you look at, search for and post is a data point about who you arewhat you likewhere you have been”, “where you want to go” and so much more.

When is the last time you reviewed the cookie policy for that site you enjoy before selecting agree!

The next time you visit a news site check the cookie and privacy policy before selecting “agree” have a good read through the polices; on one news site that we checked before this post over 550 third party agencies where listed as companies the data will be shared/sold to by you selecting to agree.

Sometimes the terms and conditions state that merely selecting “like“, share or watching a minimum of 3 seconds of video content is a digital signature of an agreement allowing the site to sell your data on to brokers.

Think about how much data you have given away and are continually giving away?

  • Driving/vehicle ownership records are available to purchase.
  • loyalty cards share your likes, spending habits, income predictions and health data based on your shopping with other parties.
  • Free trials and surveys allow companies to profile your personality, risks and behaviours and pass this onto parties such as insurance agencies.
  • Voter information, bankruptcy records, credit data, company and employment records are all up for sale.
  • resume data on job sites or LinkedIn.
  • political & social views from twitter or Facebook posts or comments.

So much of what we do online passes through algorithms and companies to assess and predict who we are based on the site usage and agreement to share stored cookie data; with so much valuable data, data-miners can accurately predict your health, income, leisure activities, how many children are in the home, what car you drive, whether you are an adrenaline junky or like to play it safe; it’s all up for sale and you have legally agreed to it.

For most of the time this is perfectly acceptable and allows a site to present us with great offers or tailored products but what if this affects your insurance premiums, credit scores employment acceptance, would you care then? Unfortunately, this can often be the case, where data brokers share our information with insurance providers, loan companies etc thus affecting insurance premiums and putting us into risk categories which eventually cost us more money.

With changes introduced such as GDPR which go in the right direction, the data points may not explicitly include our personally identifiable data such as our name and National insurance number, driving license number etc; but with enough data points gathered such as IP, geolocation, postcode, house number it’s only a matter of probability via well written AI software that the user-supplied data points can be used to accurately pinpoint exactly who you are by combining the publicly available information found on social media platforms with the data points gathered, it is therefore entirely possible that a name can be put against the information gathered.

It must be stated legitimate data brokers should not and hopefully would not do this! But as we all know there are more illegitimate brokers out there that may not pay as much attention to such legal requirements as YOU are the data and YOUR DATA is money!

Ok, all of this sounds quite scary and the truth is, it is; as currently the amount of data-mining by data brokers and hackers alike is real and occurs 24/7 as it has become a multi-billion dollar industry and is a trend that is set to continue for now.

These tactics in terms of gathering browsing habits, Facebook posts, likes, dislikes etc all help hackers profile a person before targeting them using a method best known as OSInt (Open-source intelligence), OSInt with AI-based tools can often be enough to guess users passwords, security questions and more opening the user up to the possibility of identity fraud, theft or even blackmail in worst-case scenarios!

Some of the most obvious phishing activities that can be used by hackers and data-miners are found on social media platforms. Take a good look at the posts where there are 10 – 20 questions about things you like or places you have been etc and you then share or tag someone once complete; this information is data gold for data-miners and hackers alike, as it allows more low-level detail on who you are and what you are like as a person.

If this has made you a tad paranoid, that’s fine; as a small amount of digital paranoia goes a long way to protecting the most valuable assets online: YOU!

You are the most valuable asset and you should do what it takes to protect yourself and be sensible about what data we allow online, while it’s not always possible to be 100% secure we can at least take steps to do the following:

  • Review those cookie policies and ensure we uncheck the options we do not agree with.
  • Review the privacy policy and ensure we are happy with how your data is being used and stored.
  • Use services such as paid VPN services to conduct our business online.
  • Only use trusted sources when downloading files and understand what you are actually downloading.
  • Use paid antivirus and firewalls as free ones while great, do not always offer the amount of protection a paid service offers.
  • Use privacy screens if using devices in public.
  • Use HTTPS websites not HTTP and ensure the SSL certificates have the correct padlock symbol.
  • Use trusted companies when it comes to money processing and transfer.

There are many more services and a great place to look at some steps of how to start protecting yourself is:

https://www.getsafeonline.org/protecting-yourself/

While no one person or site in the digital world is impervious to criminal gangs or rogue governments with the determination to access personal data we can all take steps to limit what happens when or if this occurs.