When it comes to managing personal information online, most people are their own worst enemies. Many of us fail to adequately protect our personal data before it gets online, but once information makes its way to the Internet, it can be quickly replicated and is often difficult, if not impossible, to remove.
For example, in four weeks of on-and-off reporting and online searches using publicly available online records and tools, I was able to find my current and past addresses and phone numbers, date of birth, Social Security number, employment history, identifying photographs, a digital image of my signature and much more. See "What the Web knows about you" for all the gory details.
You can take an active role in managing data about you, whether it resides in marketing lists, government databases, telephone directories or credit reports. Here are some tips.
1. Think before you disclose personal information about yourself online on business networking sites such as LinkedIn, job listing sites such as Monster.com, and social networking sites such as MySpace and Twitter.
How much do you want to disclose about your employment history, likes and dislikes, and where you are at any given time? Do you really want everyone to know when you're not at home, how long you'll be out and when you'll be back?
2. Don't give out your Social Security number — anywhere — unless absolutely required.
3. Don't use real information about yourself for authentication, recommends private investigator Steve Rambam. Instead, he suggests making up answers to commonly asked security questions such as a mother's maiden name.
4. Know what's out there about you. Do a search online using search engines, government Web sites and other resources cited in "What the Web knows about you" to get an idea of what information about you is available online today. If your Social Security number appears in a public records database, ask the agency in charge of the database if they will redact it from the record on your behalf. You can also ask Web site owners to have sensitive information redacted and any potentially damaging inaccuracies corrected.
5. Keep up with new data about you as it is published on the Web. Alert services such as Google Alerts are designed to continuously search the Web to track topics you're interested in, but you can also use them to find out what information about you is being published on the Web. Configure the service to search the Web for instances of personally identifying information such as your name, address, phone number, Social Security number, and so on. When Google finds matches, it will send you an e-mail with links.
6. Consider requesting a fraud alert from one of the three major credit reporting agencies, Experian fraud alert, TransUnion fraud alert or Equifax fraud alert if you discover sensitive data such as your Social Security number on a public Web site or service. If you request a fraud alert with any of the three agencies, it will notify the others on your behalf.
7. Also consider requesting a security freeze, which takes a fraud alert one step further. It means that no one can access your credit report without your explicit consent, which makes it difficult for fraudsters to open up new accounts in your name.
This is a new option that has only become broadly available in the past year. A freeze must be placed with each of the three major credit reporting agencies, and you must unlock access to your credit report (for a fee) when a lender, insurance company or other party requests the information.