Watch Out for These Everyday Privacy Risks

Every little bit of information you give out about yourself has the potential to result in identity theft. While most of us are too smart to give our debit card PIN numbers to a stranger on the other end of the phone, we still give away a lot of personal information in the course of a regular day.

"Your name, address, credit card number and spending habits are all information of great value to somebody, whether that’s a legitimate marketer or an identity thief," advises Canada’s Privacy Commissioner. Canada’s Office of Consumer Affairs has created Privacytown, an online guide to protecting your privacy in everyday life. The risks they include in their list may surprise you:

1.    At the pharmacy

The pharmaceutical industry is a competitive, multi-billion-dollar field. They are very interested in who you are, what medicines you’re taking, and who’s prescribing them for you. And your trusted local or chain pharmacy may be telling them. Pharmacies are taking their consumers’ privacy more seriously, but some will still sell your prescription history to a pharmaceutical company or health information database.

2.    Donating to charity

When the nice charity canvasser came to your door or called you on the phone, you gave them $20 plus your name, address and phone number. Now you’re receiving calls and letters from all kinds of charities. How did they find out how generous you are and where you live?

"To save money, many charities sell or share their donor lists," writes Privacytown. "A group of charities may also hire a single service bureau to solicit contributions by telephone on behalf of the group." These practices not only risk your privacy, but can leave a sour taste in your mouth about your good deed.

3.    Entering contests

You filled out your information on the ballot and…you won! Not the prize, of course, but lots of telemarketer calls and junk mail from other companies. Contests are a great way of gathering consumer information, and there are many companies willing to pay for personal data on potential customers.

Not identity theft, but still a problem: data mining and secondary uses of information

Sure it’s annoying that these other companies want to sell you stuff, but they’re not opening up credit cards or mortgages in your name. So what’s the problem? For one, the more places your personal information is stored, the more chances an identity thief has to nab it. And combining all the different bits of personal information out there can result in a database that gives more information away about you than you’d like.

Secondary uses of information, when a company uses your personal information after buying it from someone else, pose a clear risk – you never know who will buy your information next. It may be a legitimate company, it may be someone with bad intentions. No company is completely safe from hacks or internal information theft either. It’s one thing to trust a few institutions with your information, but when multiple companies have bought your personal data, you’re at a higher risk to lose it to a thief.

What you can do to protect yourself - PIPEDA

Since 2004, Canadian businesses have been required to follow the Personal Information Protection and Electronic Documents Act (PIPEDA). Under this act, companies must tell you what information they are gathering and exactly what they will use it for. They cannot collect or use it without your consent.

They must also protect your information and destroy it when it is no longer needed. You have the right to see what information they have on you, and the right to correct it if it’s wrong. If a company has failed to live up to its PIPEDA responsibilities, you have the right to complain to the company’s privacy officer. If that doesn’t work, you can lodge a complaint with Canada’s Privacy Commissioner.

Protect yourself from privacy risks by speaking up

Even easier than writing letters to a privacy officer or Canada’s privacy commissioner is to just speak up. Does the local electronics store want to know your postal code and birthday? "Ask how they will use it - and if you don't get a satisfactory answer, just say no," advises Privacytown. Ask your pharmacist or the charity canvasser what their privacy policies are. Think carefully before you enter contests too – a shot at a Hawaiian vacation isn’t worth giving your personal data away.

If you want to make sure you aren't already a victim of identity theft, check your credit reports carefully for unauthorized account inquiries and openings, and make sure there are no fraudulent transactions on your monthly credit card or bank statements.