It doesn’t have to be a major hack. Yes, customers of Uber, Yahoo, and many other online services have been vulnerable to having their personal data exposed over the past few years. When that happens, the hack gets publicized, the network apologizes, and users are urged to change their personal information on the network.
In a way, though, these major issues actually hide some of the real issues that come with everyday data harvesting. It’s almost as if we get lulled into a false sense of security if we don’t have a Yahoo or Uber account. Our personal info wasn’t hacked, so we are safe and our privacy is protected. That’s not necessarily the case.
In fact, data harvesting and selling has become a major industry. The culprits, sometimes making millions just by selling the right data, have become extremely adept at finding and exploiting the vulnerabilities of internet users.
Yes, that can mean getting another email from your long-lost cousin who also happens to be a Nigerian prince. At the same time, most modern strategies are much more subtle. Be wary of these 10 types of everyday online requests that are actually disguised data harvesting methods.
1. Product Warranty Cards and Forms
Registering for a warranty that belongs to your product is a natural step. You may do so via mail or in more modern digital/online registration systems. And when you do, you naturally enter your contact information. after all, you need the manufacturer to be able to contact you should something go wrong or a recall be needed.
Unfortunately, there’s a problem with that concept. A large variety of companies frequently use warranties to collect customer data. You may not see the small print on the terms and conditions that allow the manufacturer in question to share it. Worse, online forms can easily be hijacked for processes that are less than voluntary.
The answer is not necessarily to stay away from warranties altogether. Rather, do your research before signing up for one. This will be a common theme for all of the below: be careful what you wish for because your information (once collected) is always shareable.
2. Mail-in Rebates
Rebates are popular among many companies because they ostensibly lower the cost of a product, but rely on customer action to actually take advantage of that offer. If the new customer forgets to sign up, they paid the higher price despite being lured by the lower offer. And that’s not even the worst part.
Product marketing experts and services actively recommend leveraging the rebate tactic because of their data collection possibilities. Everytime you enter your information to knock the top off the price, that information gets collected on the backend. The brand essentially purchased your data for the amount of money you get to pay less for the product in question.
Yes, you will get notices that your data is being collected for ‘promotional purposes’ if the brand is ethical. But even that is vague and dangerous. It might simply mean more targeted messaging for you—or selling the data externally. Which of the two tends to be impossible to discern for any customer.
3. Sweepstakes and Contests
We all like winning things. But have you ever wondered why companies enjoy giving those things away for free? Whether it’s a round of sweepstakes that everyone can participate in or a more in-depth contest, there tends to be a catch. And, more often than not, that catch has to do with your data.
Consider this article title: How to Use Sweepstakes to Grow Your Database, Generate Revenue, and More. For a company, that might sound attractive. For the customer, that’s nothing short of ominous. Put simply, these types of contests are put in place specifically to collect your data. What happens after that can be impossible to figure out.
Yes, those free products are tempting. But are you willing to potentially give up your privacy in return? Just as importantly, have you considered the potential implications for your business if your email address is easily accessible and your contact information can be purchased by anyone?
4. “Free” Downloads of Content
Nothing is free in life. However, premium content hidden behind a sign-up page might come close. It tends to be more harmless than the sweepstakes mentioned above. And sometimes, it’s even beneficial. As a new business owner, you might be excited about a new whitepaper that helps you prepare for tax season or optimize your in-store displays. As a personal consumer, eBooks on your favorite hobbies are just as tempting.
Best of all, this content is typically advertised as free. When it comes to monetary cost, that’s accurate. Beyond the money, it gets murkier. Most “free” downloads require you to enter your personal information, including name and contact. And, according to The Guardian, your phone number is all a skilled hacker needs to start tracking you.
That’s not to say every free download will necessarily lead to a hack. Many companies will promise that they keep your information safe, and won’t sell it. But even if you rely on that claim, you still open yourself up to potential spam and an influx of promotional emails. Whether that’s worth it has to be your decision.
5. Free Quotes and RFI Forms
Free quotes and RFI forms have become increasingly popular across industries. Consider them the more in-depth versions of free content. Services will often offer free quotes in exchange for basic information. Similarly, many industries now rely on a simple request for information (RFI) forms to answer questions.
You’re probably familiar with the countless Contact Us pages that no longer list a phone number or email, but just this type of form. What you might not be familiar with, once again, is the reason behind this tactic.
Again, the goal is data collection. And, if you don’t know the company well yet (which is why you are requesting more information, to begin with), you don’t know what happens with that personal data once received. It might be sold or distributed to third-party vendors that you never agreed to.
6. Third-Party Login Opportunities
On their surface, third-party login services like Google and Facebook are based on convenience. Instead of having to create a new account for every website you frequent, you can use a login button that automatically pulls in your personal information. As long as you’re logged into that service, you’re good to go.
On the backend, these major digital companies offer login information because it allows them to collect more information about you. Now, they can better understand your browsing habits, and sell that information to advertisers. It’s why you might randomly start to see Facebook ads from an industry you’re involved in despite never actively mentioning that industry in your profile.
The big problems, though, start beyond the intended use of your data. CNBC detailed earlier this year that third-party services can use web trackers to follow your information without consent from either you or the service you’re using for the login. You have no way of knowing who actually collects your data, and what they plan on doing with it.
7. Product Protection Programs
Do you want to protect a product you buy online or in store with an additional plan? It’ll cost you just a little more money. Oh, and you will need to give up your contact information. That sounds like little more than the price you’re already paying until you start to consider the potential consequences.
The price of these programs tends to be so small that you hardly notice the difference. Your personal information might be a different story. Again, product protection plans offer an ostensible benefit that actually makes sense in isolation. But once you consider the loss of privacy (and its potential consequences), it’s worth thinking through before you make the choice.
8. Online Forums
Granted, online forums have become less popular in recent years. But that doesn’t mean they’ve become obsolete. In fact, according to Pew Research, 15% of active internet users around the globe still pay attention to these opportunities to exchange information. More modern services like Disqus are forums disguised as comment functions, attaching to countless websites around the world and recognizing users wherever they go.
Unfortunately, these types of outlets are also among the least secure data storage platforms. It’s incredibly easy for anyone to mine personal and contact data from the active user accounts on a given forum. Participation under your real name and active email address, therefore, could have devastating consequences.
The same is true even if you have an inactive account that hasn’t posted in a forum for years. It makes sense to take stock of the places and message boards you have been active on in the past and scrub them of your personal information to minimize the potential negative impact.
9. Public Profiles on Social Networking Platforms
You’ve probably heard about Facebook’s data collection scandal(s) earlier this year. It made clear what many of us suspected for years: when you put your personal information on a social network, it doesn’t tend to be safe. Yes, the platform itself anonymizes data before it sells it to advertisers. But that’s far from the only way in which you put your information at risk.
Facebook itself is not even confident how other companies can extract and sell the data of its users. That’s not necessarily a ringing endorsement for privacy. And of course, other social networks don’t fare much better.
That, in turn, leaves a simple solution: don’t put your personal information on a public profile if you can prevent it. Yes, the temptation is strong. But once you understand just how exposed it makes your personal data, you begin to realize that the potential risks are not worth the upside.
10. Community Volunteer Opportunities
The final hazard on this list is also the most potentially misleading. Make no mistake, nonprofits, and other organizations for which you volunteer have no intention of selling your contact information. The problem is that they also might not be able to prevent a breach from occurring.
Most community websites simply don’t have the resources to build a secure, encrypted database. That means your personal data might live on online lists that are easily accessed and harvested by automated bots with this express purpose. The organization’s lack of resources means you’re just as vulnerable as you would be through a company actively trying to exploit and sell your data.
When Personal Data Becomes a Business Hazard
We all run into the above, often on a daily basis. While the above list is not exhaustive, a simple rule of thumb to follow is that anytime you are giving up personal information, you are putting that information at risk of being exploited. Someone, somewhere, is looking for a way to monetize it.
That’s problematic on a personal level. Unfortunately, it can also have serious implications for your business. Especially owners of small businesses who mix their personal and business contact information. Access to your data then means access to your business, and the potential to ruin your reputation.
Think about the following, all-too-real scenario: you download a free whitepaper. Shortly thereafter, you get an email purporting to promote another whitepaper. But when you click on the link, you actually download malware onto your computer. Now, you might give external parties access to your website, social media pages, and financial accounts without even realizing it.
New connects from utility companies can put your business at risk. Even email addresses and phone numbers on your own website can become the target of bot harvesters. If you don’t keep your domain registration information private, you risk exposing it to the wrong parties.
Protecting your business reputation, naturally, should be among your key priorities whether you’re just starting out or have already grown your business. Data that leaks out through any of the above options will play a significant role in harming that reputation. That’s not to scare you. It just means you should prepare for strategic steps to maintain your business reputation despite a lack of data privacy.
How to Protect Your Business Reputation Through Knowledge and Action
First, knowledge is key. Simply understanding that both ethical and unethical third parties can collect your data through any of the above tactics is a great start. Conscious internet browsing alone can prevent you from entering personal data unnecessarily, and earning the consequences down the road.
Protecting your data while browsing requires a number of external and internal steps. That seems complex at first, but can be immensely beneficial. After all, you don’t want to end up in a situation where simply clicking on the wrong link for online requests or sharing information with the wrong people results in lasting damage to your personal and business reputation. Even protecting your personal data against stalkers, disgruntled employees, and upset customers can be a major advantage.
When in doubt, working with external partners can also help you become more conscious of this latent danger. We specialize in business reputation management, and data security is an important component. Contact us to learn more about our expertise on removing any exposed personal data and ensuring the best of your business is on page one of Google.