Your cart is currently empty!
Basic definition
Personally Identifiable Information (PII) is data which can be traced to your real-life identity.
Examples of PII
Phone number, email address, credit card number, residential address, fingerprints, handwriting, and writing-style are all examples of information which can lead to your real-life identity being revealed.
How PII is uncovered
PII can be uncovered in several ways depending on what piece of information it is. If it’s a phone number, you can know their real name using a site like Caller ID Test.
Your bank-card number can be used to identify the bank you frequent, which can be used to further profile you.
Your email address can be looked up on sites like HaveIBeenPwned to search for your passwords contained in breached databases, potentially leading to your real identity.
If you’ve sent a handwritten letter, your typography can be analyzed & profiled based on letter-strokes.
Your writing-style can be traced back to you by the choice of words you use, grammar, the placement of your commas, and structure. For example, the infamous unabomber, Theodore Kaczynski, was identified by the FBI by comparing his writings from the 1970s and his previously anonymous anti-technology manifesto.
How the smallest things can be used reveal your identity
As you move through a room, you shed small traces of yourself, like dead skin cells and hair, each carrying your unique DNA[1]. This leaves behind a distinctive mark that shows you were present. Similarly, the shoes you wear leave behind footprints wherever you go; although they might not be visible to the naked eye, special tools can reveal them[2].
Similar to shedding DNA & leaving footprints, we shed pieces of information whenever we go on the internet which can be uncovered. You may not realize this, but, whenever you visit a website and enter information using your keyboard, you may unwittingly be giving out your identity.
You might think this sounds insane at first, but, I assure you it makes perfect sense. Your typing has certain quirks to it which makes it entirely unique to you.
- The time it takes for you to get to one key to the next
- Variations in typing speed
- Pauses in typing
- The amount of time you press & release keys
Relevance & Threat Model
With unmasking techniques like keystroke profiling & writing-style identification, you might be thinking that you need to switch several things up so potential threats fail to recognize you. This is not the correct approach. The correct approach is to fully identify something called a threat-model. Basically, who are you trying to keep information from? For instance, if you’re going up against the U.S. government, you’d have to make a LOT of changes in how you protect your PII. Whereas, if you’re only trying to protect your information from someone like a stalker, it would be considerably easier since they have less resources to uncover your PII.