Data Privacy Guide

This page provides information and resources regarding personal data.

Your personal data includes, but is not limited to:

• Identifying (identifiable) Information: your personal identifying number(s), social security number, birthday, birth place, legal status (Are you a citizen? A documented or undocumented immigrant?), health information (Who is your primary care doctor? What is your insurance information? Your pharmacy information?), etc. 
• Contact Information: your home address, email address, phone number, or any other information that would allow others to contact you.
• Social Information: your current physical location, your coworkers, your employer, your school, your clubs, your friends and family, your favorite shops, your activities.
• Passwords: passwords to your computer(s), email account(s), social media account(s), bank account(s), or other websites or apps.
• Metadata: this is data about data. In relation to you, it is information about information that is about you. This can include things like:
  • Browsers or Operating System data -- Information about what your device's operating system is and can include what type and version of a browser you are using to access the internet. This information is passively gathered when accessing websites.
    • Check out this site to see what your browser already knows about you: What every Browser knows about you.
  • IP address -- the Internet Protocol address. Also known as the internet address of your device. This can be used to determine your location (see geolocation below) and/or to track back to a specific device when accessing a website or sending an email.
  • Social Media Posts metatdata: Timestamp, location, file size, editing history of a photo (or any media) you upload onto social media.
  • Geolocation data (also called geodata) --  information about where you are. This can include data encoded into your GPS-enabled device, metadata embedded into a photo, metadata embedded into your cell phone as you call or text.

How could your data be misused or abused? Some examples include, but are not limited to:

• Identity theft: "also called identity fraud, use of an individual’s personally identifying information by someone else (often a stranger) without that individual’s permission or knowledge. This form of impersonation is often used to commit fraud, generally resulting in financial harm to the individual and financial gain to the impersonator" (from Britannica Academic: identity theft).
• Doxing: "also spelled doxxing, the act of exposing private or identifying information on the Internet about an individual or group without the person’s or group’s consent, usually with malicious intent. It derives from the phrase 'dropping dox,' a term for disclosing another person’s 'documents' or personal information." (from Britannica Academic: doxing).
• Spam: "unsolicited commercial electronic messages" (from Britannica Academic: spam).
• Phishing: "act of sending an email that purports to be from a reputable source, such as the recipient’s bank or credit card provider, and that seeks to acquire personal or financial information. The name derives from the idea of 'fishing' for information" (from Britannica Academic: phishing)
• Database marketing: "is the process of building, maintaining, and using a company's own customer database and other database (products, suppliers, resellers) for the purpose of contacting and transacting with customers" (from Credo Reference: database marketing).
• Predictive analytics: "involves the use of algorithms based on statistical and machine learning principles to predict the probability of something happening in the future" (from Credo Reference: predictive analytics).
  • Andrew Pole is a particularly important figure related to predictive analytics. You can read about him in Charles Duhigg's book, the Power of Habit.
• Search engines: Search results may be significantly limited or artificially "customized" based on your prior searches, your physical location, or other data about you that has been collected and stored by a search engine or browser.
• Electronic eavesdropping: "the act of electronically intercepting conversations without the knowledge or consent of at least one of the participants" (from Britannica Academic: electronic eavesdropping).
  • Surveillance by law enforcement including determining your immigration status.
  • Surveillance during litigation proceedings.

Many of the above activities are considered cybercrimes.