Is there enough information about you on the web for someone to steal your identity? Very possibly.
Is there enough information available by phoning around or going through your bins. Definitely.
A blog post on the social networks, security, privacy and identity theft by New Statesman journalist Jason Stamper is well worth a read. Jason carried out his own experiment, using publicly available Foursquare and social network information to build up a profile of a stranger.
By way of illustration, I searched Foursquare for people who had “checked in” their home address — telling the world exactly where they live and also displaying it on a handy map. I soon found an attractive 20-something year-old advertising agency executive, who had posted the address of her London flat. She had also “checked in” at her workplace, so I also knew where she worked and for whom.
He goes on to discuss issues around ID theft…
It’s no laughing matter: identity theft is on the rise. It costs the British economy an estimated £1.7bn a year, with the number of Brits falling victim to identity theft jumping 23 per cent in the first quarter of this year alone, according to fraud prevention service CIFAS.
“There is a huge disconnect between the privacy we crave and the information we give away on social networks. It’s hardly surprising that identity fraudsters have been cashing in.”
That disconnect is a result of the difficult balancing act most people are attempting when they use the social web. We are benefitting from having a public identity and being able to connect with others, but in doing so we have to make ourselves, and our personal data, a little more public.
Before we get too nervous, it is worth remembering that identity theft pre-dates the mainstream use of social networks like Facebook. Identity thieves, private investigators and for that matter journalists have always found ways to elicit personal information by hacking voicemail accounts, or pretending to be other people and calling up banks and utility firms to get the information they need or just .
Some of the approaches and advice from Me and My Web Shadow is relevant for people worried about this:
- Draw a line between public and private: We all need to be clear about what information we are and aren’t happy to share. Some are happy to share almost everything about themselves, others just the bare minimum of professional information. It helps if we have thought through and almost have our personal policy in place.
- Remember that you are always on the record: Posting your personal information on social networks even when you think or feel you are in a private space isn’t a good idea. Some people I know even avoid posting their phone numbers in the private direct messages on Twitter in case this becomes public.
- Audit / review your personal online presence: Especially if you have a large number of connections online on services like Facebook, it is easy to lose track of who has access to what information. It pays, I think, it have a regular review every six months of who can see what, how contacts are grouped when you share information etc.
- Use a credit scoring alerts service: The main concern for most people regarding identity theft is that people will commit fraud using their name. to check when someone might be using your identity to apply for credit – Experian’s own CreditExpert is very good in the UK and equivalent services are available in most countries.
Bottom line – we need to be careful online just as we are offline with our personal information. It is worth thinking about how much information we share online carefully, just as we need to think about how we get rid of paper bank statements or who might hear or see our PIN number.
Don’t panic. But don’t be too laid back about your personal information online either.