Tip Sheet: Protecting Your Personally Identifiable Information (PII)

Tips to safeguard your personal data against unauthorized access and misuse.

Data Privacy
Cyber Security
Author
Affiliation

MMIW Project

Natives in Tech

Published

May 14, 2024

This guide provides tips on protecting your data, including using encrypted communication tools, opting out of data sharing, avoiding unnecessary online forms, using VPNs, limiting data broker access, conducting regular data audits, securing your devices, and safeguarding authentication methods. Each section provides clear reasons why these steps are necessary and how to implement them to protect your personal information effectively.

Use Encrypted Communication Tools

  • Why? To enhance privacy and security when sharing sensitive information.

  • How? Opt for encrypted messaging apps and secure email services.

    • Tools:

      • Messaging Apps: Signal, WhatsApp

      • Email Services: ProtonMail, Tutanota

Opt-out of Data Sharing

  • Why? To minimize exposure of your personal information.

  • How? Learn to navigate settings in apps and websites to disable data sharing with third parties.

    • Tools:

      • Browser Extensions: Privacy Badger, Ghostery

      • Settings: Use built-in privacy settings on social media platforms and mobile devices. Turn off location services and don’t give websites access to information unless necessary.

Avoid Unnecessary Online Forms

  • Why? To protect your information from misuse.

  • How? Avoid unnecessary forms and surveys that request sensitive information. Exercise caution even with seemingly harmless quizzes, such as those determining your Harry Potter Hogwarts House. These quizzes might not only be fun but could also inadvertently give app developers and third parties broader access to your personal data than you might expect. It may allow the app maker to access details about your device type, operating system version, and other technical information. This data can potentially be used to identify vulnerabilities in your device.

Use VPNs

  • Why? To obscure your IP address and protect your identity online.

  • How? Install and use a reliable Virtual Private Network (VPN) service.

    • Tools:

      • VPN Services: NordVPN, ProtonVPN

      • Tor: Tor Browsers can be used with a VPN. By using a VPN over Tor or Tor over VPN, users can benefit from both the anonymity offered by Tor (making it hard to trace the traffic back to you) and the encryption provided by a VPN (protecting your data from snooping, even from the Tor entry node).

Limit Data Broker Access

  • Why? To prevent data brokers from exploiting your information.

  • How? Request the removal of your data by contacting data brokers directly, possibly through cease-and-desist letters or specific opt-out forms.

    • Tools:

      • Services: DeleteMe

Regular Data Audits

  • Why? To understand and manage your digital footprint.

  • How? Periodically review and adjust the public availability of your personal information. Check settings periodically as some platforms roll out new features that reportedly opt-in users automatically.

Secure Devices

  • Why? To prevent unauthorized access to your devices.

  • How? Keep software up to date, utilize strong passwords, and install anti-virus software. Do not wait to update. They often mean a vulnerability has been identified and patched or repaired. If you wait, you will continue to be vulnerable to a known threat.

    • Tools:

      • Anti-virus Software: Bitdefender

      • Password Managers: Bitwarden

Safeguard Authentication Methods

  • Why? To protect against unauthorized system access.

  • How? Encrypt usernames and passwords; use sturdy methods like biometrics unless at risk of being compelled to unlock devices, in which case opt for passcodes.

    • Tools:

      • Two-Factor Authentication (2FA): Authy, ProtonPass

Additional Suggestions

  • Simple Tools: Consider using straightforward tools like Standard Notes for secure data storage.

  • Memory vs Security Trade-off: If a password is easy to remember, it might also be easier to hack. Use complex passwords for enhanced security.

    • Tools:

      • Password Generators: ProtonPass, Bitwarden

Choosing Security Methods

  • Passcodes vs Biometrics: If there’s a risk of legal compulsion (e.g., to unlock a device), passcodes may be better than biometrics; otherwise, biometrics can offer convenient security.

  • Rationale: The Fifth Amendment of the U.S. Constitution protects against self-incrimination, meaning you cannot be compelled to reveal something that exists only in your mind, such as a passcode. Courts have generally ruled that disclosing a passcode is testimonial because it involves revealing the contents of your mind. Therefore, you are protected from being forced to provide a passcode under the Fifth Amendment.

  • In contrast, biometric data (like fingerprints, facial recognition, or iris scans) is often treated differently. Courts have frequently ruled that biometric features are not testimonial because they are considered more like physical evidence (e.g., providing a DNA sample or a handwriting exemplar). As such, you can be compelled to unlock your device using biometrics without violating the Fifth Amendment.

  • Consider: Countries differ in how they handle this so be informed about these laws.

Citation

BibTeX citation:
@article{mmiw project2024,
  author = {MMIW Project},
  publisher = {MMIW Project},
  title = {Tip {Sheet:} {Protecting} {Your} {Personally} {Identifiable}
    {Information} {(PII)}},
  date = {2024-05-14},
  url = {https://mmiw.nativesintech.org/Posts/2024/05-14-pii-tip-sheet.html},
  langid = {en}
}
For attribution, please cite this work as:
MMIW Project. 2024. “Tip Sheet: Protecting Your Personally Identifiable Information (PII),” May. https://mmiw.nativesintech.org/Posts/2024/05-14-pii-tip-sheet.html.