B.C.'s privacy watchdog is always on the lookout for threats to people's privacy, but some issues are harder to deal with when it comes to regulation.
As such, it's frequently an issue of people taking the initiative and learning about what threats might be and ensuring they are doing what they can to safeguard their data.
"Threats to our privacy grow every day, and some may find it surprising that our laws provide us with few remedies to address them," says B.C.'s Information and Privacy Commissioner, Michael Ecvoy. "As regulators, we are limited in what we can do to penalize bad actors — those individuals and organizations intentionally misusing people's personal information and violating their privacy rights for their own ends."
McEvoy calls the situation unacceptable and stresses it must be addressed in legislative reforms.
So, what does McEvoy's office see as the Top 10 threats to privacy people might find surprising?
1. Data matching: We often think about entering our personal information in individual instances for products or services, but we need to consider how different points of data, harmless in themselves but collected under a single corporate umbrella, could be saying more about you than you would choose to reveal.
2. "Innocuous" apps: Apps that claim to show how your face will age over time may seem like harmless fun but should be approached with caution. Biometric information – face, retina or fingerprint scans – or voice signatures are examples of personal information that could be used in identity theft.
3. Social media "quizzes": These also seem harmless – which Lord of the Rings character is your soulmate or which Disney villain matches your personality? In reality, these quizzes are often aimed at harvesting people's personal information.
4. Location tracking: Leaving on location tracking services may seem convenient but could help certain apps build a considerable profile about you.
5. Old data/devices: An old computer may contain personal information you've forgotten about – make sure to wipe devices and wipe or remove hard drives and learn how to recycle them safely.
6. "Smart" devices/outdated software: Before you purchase that smart coffee maker or another household item connected to the "Internet of Things," consider a simpler unconnected option. The firmware used by these devices may not be updated regularly and could leave the device – and everything connected to it – vulnerable to attack.
7. Access levels: Problems can occur when people have access to information they don't need to do their jobs. Set access levels to ensure that people only access the information they need to carry out their functions.
8. The unknown: Privacy threats are ever-evolving, and the data you provide today might be manipulated unexpectedly in the future – so make sharing the bare minimum of personal information your default position.
9. A form of what has been termed "surveillance capitalism": Scholar Shoshanna Zuboff coined this term to describe how companies harvest your data as raw material to monetize it and sell it to others that want to predict your future behaviour to sell you products.
10. Lack of U.S. regulation: If you're doing business in the US or with US contractors, it's important to understand that many jurisdictions have limited or no legislated privacy protections that result in limited recourse if your information is mishandled.
— With thanks to the Office of the Information and Privacy for compiling the lists at the request of Glacier Media.