Protect Information About You

Protect your personal information to reduce the opportunity for people to target you.

Last Updated 15 April 2024

Introduction

Personal data plays an integral role in our daily lives, permeating almost every aspect of our personal and business lives. From online transactions and social media interactions to healthcare records and financial activities, personal data is constantly exchanged, used and stored. These actions may create significant risks regarding security and privacy. As a high-risk individual, the misuse or release of such data may have a significantly detrimental impact on you and your family. 

Therefore, protecting information about you is paramount to:

  • ensure the safety and security of you and your family
  • maintain the effective use of these digital capabilities in your everyday life.

The following sections provide a high-level summary of a range of measures you can take to mitigate risks and protect your data.

Understanding your digital footprint

There are three simple rules in relation to understanding your digital footprint:

  • Own it – know what your footprint looks like
  • Shape it – shape it into something you are happy with
  • Monitor it – monitor it regularly

These are included in the NPSA guidance “My Digital Footprint”, which provides  guidance on the associated risks. Remember that as you research your digital footprint, others can see what you can see, and it may be available to see for a very long time.

Protect your devices

Our daily lives involve the increasing use of Information Technology (IT) including using a range of “devices” that consist of Personal Computers (PCs), laptops, tablets, mobile phones and many other smart devices. Some will remain at home and others will go with you on your travels. All need to be protected.

You should take measures to improve your online cyber resilience by following NCSC’s guidance for high-risk individuals on protecting your accounts and devices. Below, we outline some important considerations to help you to stay on top of your digital footprint:

Criminals, scammers and others with malicious intent rely on people having poor digital skills, for example unwittingly downloading malware onto their devices. Where possible, you should: 

  • Enable security updates promptly to protect against cyber attacks. Avoid using devices no longer supported with security updates.
  • Frequently check your device’s settings and turn off or delete any apps or services you no longer need.
  • Use strong passwords. The NCSC recommends using a sequence of three random words. Alternatively, use a password manager.
  • Keep an eye on your location services and Bluetooth settings and turn them off if you aren’t using them.
  • Only download apps from within your device’s official App Store and carefully monitor the permissions you are granting.
  • Avoid “storing your life” on your device in case it is stolen and you have not backed up your data.
  • Be careful using free/public Wi-Fi services or free charging points, as these can be used to download malware onto your device and capture your information.
  • Ensure your home Wi-Fi router has a robust password (it will typically come with a factory setting password which should be changed).
  • Consider changing your device if you believe it has been compromised, as well as the passwords of any email/other accounts you access.
  • Know how to permanently erase data if a device is no longer used or passed to another person.

Your internet searches are tracked and used by search engines (for example to target advertising). Where possible you should consider using a search engine that allows you to look at the web privately, without storing your searches. Within your privacy settings, it is also possible to disable Ad ID tracking to reduce the tracking of your activity.

Make sure you know all your contacts.  If you think you are being targeted: do not engage, keep a record and decide what action to take.  For further information we recommend:

Where possible, you should keep information and accounts separate on your work and personal devices, including any telephone numbers and email addresses.

Modern encrypted messaging apps generally provide a higher level of security than traditional text messages and mobile phone calls. Ensure you use a reputable provider and avoid sensitive conversations using your device where possible.

Consider using disappearing messages. Are you sure who you are messaging? Avoid accepting requests from unknown accounts.

Avoid connecting to public Wi-Fi. Not all publicly accessible Wi-Fi is secure.

Enable two-step verification(2SV). 2SV makes accounts much more secure. Even if an attacker knows your password, this will make it significantly harder to access your account.

Online banking and financial apps are extremely convenient and many use two-step verification. Always use a different password with each service you use. Consider having a separate debit card or pre-paid card for internet shopping (don’t use the one associated with your main bank account in case of a compromise). Also consider using a separate email account for internet shopping (not your personal email account).

You should think carefully before passing on your personal data to individuals or companies. Data leaks and thefts do occur, and your data could end up in the wrong hands. Always shred any documents with your name and address on them using a “cross-cutting” shredder. For information on shredders for use either at home or at work go to Secure Destruction - Equipment. Specialist companies are also available to manage secure destruction of sensitive waste.

Social media accounts can present valuable information that can be exploited by anyone wishing to target you. Consider what you post, your privacy/security settings and what others are posting about you. Be aware that the underlying meta-data of a posting can also be exploited.

Understand who can access the information you share and carefully consider the detail you disclose online. Is it necessary? Does it reveal information about you or your activities and routines that could be valuable to an adversary? It can be hard to remove a digital footprint so you must assume that once it’s out, it’s out – and the impact of this could be now or in the future.  For more information see NPSA’s web pages on My Digital Footprint.

Modern vehicles are now highly connected, and many include cameras. If hiring a vehicle, be very careful about connecting your devices to them – you may inadvertently transfer contacts or details you can’t remove. Avoid using the vehicle’s mapping system as it can create records of your journeys and destinations.

Be aware of what devices you are bringing into your home. Many products these days are connected to the internet, including home appliances, and they may collect information you don’t expect. Consider what these devices may learn about you and whether you’re happy for this information to be shared with the manufacturer (and wider).

Finally, you should keep a continuous eye on your digital space (including reviewing your privacy settings). Criminals, fraudsters and others with malicious intent are continually changing their approach in response to evolving security mitigations, or people just becoming wiser. If something doesn’t look/feel right, then you should take appropriate action

Protecting your information held by others

A considerable amount of your personal information is held by both UK Government and private organisations and is available to everyone to search for. This section provides guidance on how to protect your information that is held by others. This may be:

Personal information you provide to HMG:

  • Companies House – Your role may mean you are registered as a director of a company and your home address may also be publicly available on their website. You can apply to protect your personal details if you are at serious risk of violence or intimidation.  For more information go to apply to protect your details on the Companies House Register.
  • The electoral roll –There are two versions of the electoral roll. You may opt out of having your information shown on  the open version of the electoral roll. You can also register to vote anonymously. For more information, go to opt out of the open register.
  • HM Land Registry – You can apply to have information held by Land Registry redacted. For more information go to HM Land Registry exempting documents.
  • Planning applications and objections. Making planning applications to build or improve your home requires you to provide information about you and your home that may be better kept private. For more information see security considerations in the planning process. In addition, if you wish to object to a neighbour's planning application consider how this can be done without releasing your sensitive information. Objections can be made through a planning consultant or solicitor.

Protecting information supplied to others in person and online

Your sensitive information may be posted online without your knowledge. This may be posted into a wide range of webpages, social media and other online applications. Examples could be where:

  • Wiki entries contain your sensitive information that is posted by others.
  • Google Maps contains images of your premises and link to you.
  • Friends and family have inadvertently published images of you, your family or your home on their social media that are now publicly accessible. The risk of this is exacerbated when the images contain metadata which can be accessed and used by others.

To prevent such releases of information the starting point is to make certain that sensitive information about you, your family and your home is not placed into the public domain.

You should carefully consider the information you provide to individual contacts and organisations as you conduct all aspects of your life. Control what you share by:

  • Keeping personal information private during professional communications. Separate your business and private emails.
  • Limit the sharing of personal details, images, location, and travel plans. Avoid advertising your home address and if you work from home.
  • Review your privacy settings regularly on all applications you use.
  • Protect your identity by limiting the biographical details you release. Only using your first name or refrain from including a photograph of yourself on your digital profile.
  • Make sure you know what information and images your friends and family share that are linked to you and where they are shared.
  • Remove metadata from images you do share.

Detailed guidance is available in relation to a security minded approach to open and shared data.

Did you find this page useful? Yes No

Related Pages