News & Events

Data Privacy Day 2019: Protecting your Personal Information Online

" "

What is data privacy, why does it matter, and what can you do to safeguard your own information?

January 28 marks the 11th annual Data Privacy Day, an effort by the National Cyber Security Alliance to raise awareness about protecting users’ online data. In conjunction with global events recognizing the day, we’d like to share some information to help our members understand why their own data privacy is so important and what they can do to safeguard it.

What is data privacy about?

Privacy isn’t about hiding information; privacy is about protecting information. We all have information that we’d like to protect and keep private. Would you give your bank account information to anyone? Do you want all your search and browsing history made public, so anyone can see it? Of course not. Think of commonplace scenarios in which privacy is crucial and desirable, like intimate conversations, medical procedures, and voting.

Privacy is key to avoiding unfortunate common threats like identity theft, manipulation through ads, discrimination based on your personal information, harassment, and many other real harms that arise from invasions of privacy.

It’s critical to remember that privacy isn’t just about protecting a single and seemingly insignificant piece of personal data. Small pieces of personal data are increasingly combined by digital advertising platforms to form a more complete picture of who you are, what you do, where you go, and with whom you spend time. Those large data profiles can then lead much more easily to significant privacy harms.

Why is data valuable?

You’ve likely heard of large social media companies selling users’ data without their knowledge. This an ongoing concern for many as it’s a serious case of data privacy violations.

Online companies are after your data because it’s a major source of income which they sell to third parties to better understand their targeted demographics. Whether it’s social networking sites, search engines, or internet service providers (ISPs), the more data they receive the better. Using and selling your data is how many online companies make money.

The same goes with free apps offered on your phone. The apps are free in order to collect as much of your data as possible and then sell it to advertisers. For instance, when a sporting company wants to advertise online, a social media app can tell them exactly which of their users are active athletes. They can do this with data they’ve acquired through the social media app, where you have demonstrated your wants, needs, and opinions by clicking on various websites.

What can you do to protect your data privacy?

Here are seven effective ways to safeguard your information.

  1. Don’t provide personal information on your social media profile. People who need your email address, birthdate, and phone number already have them. The more information you share online, the easier it is for someone to steal it.
  2. Be very careful who you share your Social Security number with—even the last four digits. Only share your number with your bank, a credit bureau, a company that needs to do a background check, or other entities that report to the Internal Revenue Service. Your Social Security number can be combined with your birthdate to commit identity theft. Also, the last four digits of your Social Security number are used by your bank and credit card companies to reset your passwords, so guard it as well.
  3. Lock down your hardware. Set up your phone or PC to require a password to unlock. You might trust your roommates, but think of what may happen if the devices get stolen. Also, make sure you’ve installed anti-malware apps and software to prevent criminals from infecting your computer and stealing your data.
  4. Use two-factor authentication. You can set up your online accounts to require that you enter a code that has been texted to you. If your password is stolen, a criminal will not be able to access your account without the code.
  5. Don’t give out your ZIP code when making credit card purchases. Your ZIP code can be matched with your name to mine for more information like your address, phone number, and email address.
  6. Be picky about the security questions you choose. Common questions like “What is your mother’s maiden name?” or “In what city were you born?” are meant to keep your account safe from intruders, but they don’t offer much security. The answer to these questions can be found in many online locations. Select questions only you would know how to answer, such as “What was the name of your first crush?” or, better yet, create a fib—only you need to know the answer you are giving.
  7. Read privacy policies. Don’t assume that a privacy policy means a company will keep your information safe. Make sure you understand how your information will be used, stored, and shared before you click “agree.”

We at CalPERS do all we can to keep your data private and secure, including using sophisticated cybersecurity systems and following industry best practices. Make sure you’re doing all you can to protect yourself by updating security settings—including enabling the two-factor authentication feature we mentioned above—in your my|CalPERS account. Once you log in, you can access your security settings by hovering over the Profile tab at the top of the page. You can find other tips and information about my|CalPERS on our website.