Home Advice & How-ToIdentity How Secure Is Your Online Identity? The Answer Might Alarm You
Home Advice & How-ToIdentity How Secure Is Your Online Identity? The Answer Might Alarm You

How Secure Is Your Online Identity? The Answer Might Alarm You

by Fred Decker

“Who am I, really?” is a question philosophers have wrestled with for thousands of years.  In a practical way it’s also a very modern question:  Your electronic presence and activities add up to an entire online identity, or “digital footprint.”  That online identity isn’t exactly the same person you are, but everyone from giant tech corporations to shady scam artists will try to leverage it in ways that affect your real-world well-being. 

You could think of your online identity as being like a shadow.  It’s a (somewhat) distorted representation that follows you around, which tells observers enough real things about you to be useful.  Keeping your online identity safe from ill-intentioned eyes requires some work and vigilance on your part, but you can (and arguably should) keep your digital “shadow” as small and well-guarded as possible. 

How Your Online Identity Is Constructed

Here’s an exercise to try:  Open your browser history right now, and look at how many sites you’ve visited in the last week (the shortcut is Ctrl-H in Chrome or Ctrl-Shift-H in Firefox, or use the browser menu in Android or iOS).  It probably runs into the hundreds, and that’s not counting the interactions you’ve had with the various apps on your devices. 

Every one of those sites, and every one of those interactions, creates a record.  That’s actually an understatement; if you click through the Cookie Policy and Privacy Statement links on most sites you’ll see that they may share their visitors’ data with hundreds of partners.  Now imagine you’ve made a purchase through a “marketplace seller” on Amazon:  The vendor sees your name and address; Amazon sees the same; your bank or credit card provider sees a transaction; the delivery company gets your name and address; and all of that is recorded somewhere. 

So are more traditional records, from property ownership to births and deaths, marriages and divorces.  Those are digitized now and kept on electronic databases, where some information requires secure (or paid) access, but some is publicly visible.  Taken together, these commonplace pieces of information can create a surprisingly detailed picture of your life and habits. 

Some Deeper Contributors to Your Online Identity

As the late-night infomercials are fond of saying, “But wait!  There’s more!”  Most of us carry a phone everywhere we go, and many of us wear a smartwatch or fitness band as well.  Those devices are filled with sensors including altimeters, accelerometers and GPS, which monitor where you are and what you’re doing in real time.  Phones are always in contact with cellular towers and exchange “handshaking” data with any wireless networks that come within range. 

Taken together, that information can help identify you and pinpoint your location even if it has been “anonymized” to meet privacy standards.  Your phone carrier has access to much of that information; Google and Apple see it through your phone’s operating system; and the developers of your apps may have access to a lot of it as well (have you checked the permissions on all of your installed apps?  No?  Didn’t think so…). 

These are less obvious contributors to your online identity, though in some ways they’re more revealing than the ones you’d normally think of.  Remember, these are just the details you generate through normal day-to-day life.  We haven’t even gotten to the dicey parts, yet. 

The Information You Volunteer

Now think about the information you share voluntarily on social media or special-interest forums.  How long would it take for someone following you on social media to figure out your mom’s maiden name, your birth date, your first pet’s name or answers to any of the other common identity verification questions?  If you’ve mostly nodded and shrugged up to this point, that question should make you stop and think. 

The photos you post tell a lot about you, too.  Unless you tweak your settings and tell it not to, your phone (and some stand-alone cameras) will embed a timestamp and GPS location as part of the data in every picture.  They’ll tell anyone who’s interested not just what you (and your kids, your parents and your pets) look like, but exactly where you were and when you were there.  You don’t need to be especially paranoid to find that disconcerting and worrisome. 

Finally, every place you set up a “free account” or “free membership” to access content or make purchases asks for some of your personal information, whether or not you subsequently use the site or buy from them.  All of these information sources — taken together — say a lot about you, and sometimes that information can be misconstrued or misused to your detriment.

The Algorithmic “Black Box”

There’s a popular joke that says, “To err is human…to really screw up requires a computer.”  It’s true, to an extent:  At root, it’s still human error, because computers are only as good as the humans creating and programming them.  From a cynic’s perspective, computers just help us make bigger mistakes and do it more quickly.  That’s alarming when you realize that computers aren’t just collecting and collating our data — increasingly they’re making decisions about us based on the data they’ve collected. 

Machine learning and AI in general are among the hottest priorities in the business world right now.  Companies are beginning to use these tools to decide who gets hired, who gets health coverage, who qualifies for a loan, and many other things that used to be decided by humans.  The problem is that the algorithms can create unexpected and undesirable results because of errors or unconscious biases coded into them.  Amazon experimented with an algorithm to remove bias from the hiring process, for example, which famously backfired and increased it.  Similar flaws have turned up in algorithms for facial recognition and loans, among others.  If you’ve been told recently that you “don’t fit the profile we’re looking for,” this might be why.

…And so far, we’ve only talked about the legitimate collection and use of your data. 

If Your Online Identity Is Compromised

At home you have locks on your doors, blinds over your windows and possibly an alarm system or “smart” internet-connected cameras to record intruders.  You may have a hiding place for your checkbook and your good jewelry, and perhaps lock away valuables in a safe or safe deposit box.  You probably screen your phone calls as well, and exercise some degree of control over who enters your home or your yard.  Yet many people don’t have nearly the same concern for their online security, on the basis that, “I have nothing to hide.” 

The truth is that keeping your online identity safe is much, much more important than locking your doors.  Most TVs, phones or computers could be replaced for $1,000 or less, but someone stealing your identity online could max out your credit, or take your entire life’s savings, in a relative heartbeat. 

Want a sobering reality check?  Spend a few minutes reading the FTC’s consumer fraud blog or browsing the Better Business Bureau’s Scam Tracker database or the FBI’s annual Internet Crime Report.  It’s best not to do this during your work week, because you might not sleep very well for the next few nights. 

Signs To Watch For

There are literally thousands of ways your identity might be compromised, from a hack (or just plain bad security) at a website to phishing attacks or phone scams and more.  However it happens, there are a number of fairly consistent signs that can tell you you’ve got a problem. 

Most of them aren’t exactly rocket science:  Unexplained charges on your credit card or bank statements, weird fluctuations in your credit score, credit applications or insurance claims being inexplicably refused and so on.  As with cancer, early detection is critical to minimize the damage from identity theft.  Keeping a diligent eye on your accounts certainly helps. 

You can also proactively take steps to protect your online identity.  One is by making use of the dark web monitoring that’s included with select Spokeo subscriptions.  The so-called dark web is the sketchy side of the internet where stolen identities are bought and sold, so knowing that your information is for sale—- before it’s misused by scammers — is a priceless heads-up. 

How To Protect Your Online Identity

There are several other common-sense steps you can take to protect your online identity and reduce your digital footprint.  A logical starting point is using Spokeo’s people search tools to search your own name, address, phone number and email, to get a feel for exactly how much information you have exposed.  Doing this can guide your next steps. 

Start by closing out your forgotten accounts at services you seldom use or have outgrown, including (and especially) your old social media platforms.  Download or screenshot anything that’s still meaningful, delete the rest and close your accounts.  Set your remaining social media accounts to be viewable only by friends or followers, to the extent it’s practical for you.  Set your phone camera to not tag your pictures with date and time data (the U.S. military’s Special Operations Command, which takes security pretty seriously, has an excellent guide). 

If there’s even a chance that your information is already circulating “in the wild,” you should also consider placing a credit freeze or fraud alert at each of the credit reporting agencies, and perhaps set up an identity protection PIN with the IRS. 

Establishing Security-Conscious Habits

Ultimately your best defense is simply to develop a security-conscious mindset.  When you visit a site, take a moment to view the cookie policy and opt out, whenever possible.  Use your browser’s “Private” or “Incognito” mode, or tweak the browser’s settings (or add extensions) to block trackers and restrict cookie use.  Use strong passwords, and don’t use your browser to store them (there are lots of good password management apps out there).  Instead of using texts to authorize two-factor logins, use your phone’s biometric scanners (or better yet, a third-party hardware key). 

Take the time to secure your home network as well, so you’re not a sitting duck for any scammer that happens to pass through your neighborhood.  If you’ve got the skills, or have someone in your home that does, you might also consider keeping your online life private by using a VPN.  

Is Your Online Identity Safe?

If you’re concerned that your online identity is at risk, there are several ways to safeguard against threats. Change your social privacy settings, use strong passwords and regularly create new ones, among other helpful tips.