data privacy articles

The FYI on PII, Personally Identifiable Information

By Kelle O'Neal

Data management professionals create policies and standards for governing data, including personally identifiable information (PII). While it’s easy to think we own this data, we are just its stewards. It’s ultimately owned by our customers, and we should make decisions from the eye of the customer — not from ours.

There are laws and regulations in every country articulating what is considered “private data.” PII is defined as “information that can be used to distinguish or trace an individual’s identity (e.g., name, Social Security number, biometric records) alone or combined with other personal or identifying information linked or linkable to a specific individual, such as date and place of birth or mother’s maiden name.”

PII has strict requirements in how it should be managed and shared and who can (or can’t) see it. Although the laws and regulations may lag technology’s capability, they still need to be followed.

But what about the “creep” factor of using PII?

Data governance professionals are just stewards of data we collect and manage, including PII.Click To Tweet

“In the Information Age, everybody leaves a digital trail,” states a Wikihow article. “And if the person doesn’t have one, well, let’s look harder. With Google, Facebook, Tumblr, LinkedIn and countless other social media sites, whoever you’re looking for is bound to have some of their personal information online. Although sometimes creepy, it’s easy to follow this trail all the way back to the person you’ve been looking for.”

That goes well beyond creepy to downright scary.

I know many people who happily share a lot of information that I’d consider personal and private on Facebook, Tumblr and Pinterest, and via Twitter, Instagram and Snapchat. They thoroughly enjoy the reach and actively look to distribute that information far and wide.

Users must look a little harder at what they are sharing and really decide whether sharing information that can lead to the identification of yourself, your children, your home address, your car and the last place you visited on holiday is worth the “likes” you may receive.

Ultimately, this is what digital ethics is all about. Information that is private to one person is happily shared by another. We are (hopefully) moving into “self-managed” or “self-governed” personal data. There are few guidelines available beyond the laws and regulations to direct how a company or a person treats information that is outside the scope of the law, so it leaves the individual to be accountable to share or manage their own data based on their individual preferences.

The challenge is that we are not always clear when we are providing information that is going to be used in a manner in which we may not approve. When we provide credit card information to be saved within a website, we understand the risk of that site getting hacked. Cookies, tags and pixel trackers can follow you around the internet and track what sites and pages you visit most commonly, and therefore deduce what we like, what we buy, where we go, and other behavioral information that we don’t explicitly provide.

Continue reading What to Consider Before You Use Personally Identifiable Information with a free or paid MarketingProfs account. Register here for your free account.)

— Originally written for MarketingProfs by Kelle O’Neal July 16, 2016

You have Successfully Subscribed!