Dear reader, this is my first blog in this section and as anything that has a start it was supposed to be very light and provide few simple but efficient tips to start thinking about data privacy and security.
Irrespective if you are a business or you are an individual, you are using online services. You cannot run away from it, it became a way of living.
You are offered the best deals and at usually great discounts if you use online services versus brick-and-mortar (some are rushing to call them “old-style”), I will refer to them as “traditional” business.
Most of the discounts are available because of reduced cost of business. The sellers save by not renting a space on High Street any longer, therefore they share those savings with you – their customer. Seems ideal to me, and that is how most of the businesses work …
One would ask – “what is the catch with this blog?”.
Not everything comes for free in this world, unfortunately. I was shopping in a mall in London a couple of months ago. Usual day, usual shopping, but one rather interesting thing caught my eye. There was a promotion in one of the shops – you can get a 20% discount if you share your name and email address with these guys when you pay for those goods in store. That’s a really good discount, people where eager to share their details and leave happily with quite an interesting saving.
The question is “why would they give me back 20 quid on my 100 quid purchase?”
When somebody sells something at a good discount there must be something that they get back from you, this time they went for personal details. I trust their intention to do a good job to stay close to you – their customer. They need you, they need to share their success with you, ask your feedback and from time to time they can share news with you and available promotions. At the end of the day you are part of their business, they care about you and if you leave for their competitors they might experience tough times.
The real challenge and a bit of discomfort is when you start receiving “unwanted” promotional materials form companies you have never heard of, or you find it difficult to remember when exactly you made the mistake of expressing you interest and consent to receive promotional materials from them. You find it particularly hard to recall you sharing your details with them.
The reality is that when you gave away your email and name for 20% discount, you might have accidentally expressed you consent for them to share your details with other parties or, which is worse, somebody has got unauthorised access to their database and your personal data (name, email address, phone number) have been compromised and became available for sale among fraudsters. All that info about you and your location, in combination with your other details like spending, preferences and habits, time becomes increasingly more valuable, because now they know who you are and what you do and they can target you with more customised propositions. In the industry terms aggregating the data about and individual habit is referred to as “profiling”. But if it goes beyond just identifying your spending habits and if in wrong hands that can create big harm and even turn your live upside-down if they managed to use your data to impersonate you and get access to your finance or make a decision on your behalf.
It’s just now when it became scary …
How to protect yourself and your data?
Well, there is no silver bullet solution for that, but definitely you can apply few very simple practices to keep yourself on the safe side.
First, be suspicious when somebody asks for your details and you think they are not relevant for that particular case. Challenge them whether they really need all your details to complete the transaction. Is it really relevant for them to know your post code and house number?
Second, you might wand to keep a separate set of contact details specifically for promotions and online marketing. just make sure you do not use same credentials for your most sensitive services (access to your email or bank account).
Third, when shopping online, make sure the site is genuine and the parties follow the best practices to secure your data. As a minimum they need to use a secured connection (HTTPS) and a valid digital certificates issued by a Certificate Authority for that domain.
Remember, although you cannot control how these guys collect and process your data, you still have a choice what data to share with them and whether it is worth doing so.
If you are unhappy, or you suspect something is wrong or seems wrong, most probably it is. Don’t rush.. make an informed decision !