Is your staff’s information on Google? Why companies should care about removing employees’ profiles from data broker sites
Your organization’s privacy is only as secure as your employees’. Learn why businesses should include privacy protection in their benefits packages.
Businesses are better at deploying aggressive cybersecurity, but is that enough to keep their brands and employees safe? Unfortunately, Google makes private data like home addresses, emails, and phone numbers about individual team members readily available to anyone with an internet connection.
This information puts employees at risk, and even one colleague’s vulnerability can impact the entire organization. Employers that develop ways to protect their workers’ data privacy can keep their businesses safer and leverage that benefit to recruit and retain talent.
Fortunately, there are steps people can take to protect themselves and reduce their exposure, but the industry churning out personal information is aggressive and savvy – even the most technologically literate people in your organization may need extra help fighting for their privacy.
How does personal information get on Google?
The short answer is that personal information is everywhere. It’s surprisingly easy for Google to gather personal details. In fact, many people voluntarily share their information with Google and other third parties. Every time we click “accept all cookies” or agree to data usage terms when downloading a new app, we allow websites to track our data. Millions of internet users willingly share their data on various platforms, including blogs, websites, and social media.
Google stores all of that user data, but it also relies on information brokers – frighteningly unregulated players that mine public and private sources to find the most unique information about people. Whether you’re aware of it, this is a lucrative industry that sells that information to anyone who wants to know more.
What are people-search sites (aka data brokers), and where do they get their information?
The businesses dumping private data onto the internet are called data brokers (AKA people-search sites). They accumulate as many records as possible and then package them into individual profiles thus making personal data more attractive to Google and human searchers. The business model behind these privacy violation practices is simple – data brokers offer tantalizing bits of personal information to the public for free, and hide more sensitive data behind a paywall for those who are willing to buy it.
So what are the public records that data brokers tirelessly collect? Besides full names and dates of birth, they include birth, marriage and divorce records, home and work addresses, court records, property history, unsealed lawsuits or legal actions, voter registrations, government spending reports, information about relatives and more.
Data brokers also mine commercial sources like retailers, marketing lists, phone directories, crowd-sourced information, and web services and apps. They collect information on purchases and other consumer behaviors and habits, enriching their databases with information pulled from social media accounts, blogs, news articles, and publications. Here’s a vivid example: pipl.com, a people-search site data supplier, collects its information from at least 300 data sources, including Facebook, LinkedIn, Twitter, Amazon, Wikipedia, TripAdvisor, and many others.
What are the dangers of personal information exposure on people-search sites and Google?
There don’t need to be skeletons in anyone’s data for it to be worth protecting. Bad actors can cause a lot of damage with details as seemingly innocent as a phone number or a maiden name. The dangers of personal information exposure on people-search sites and Google include the following:
- Identity theft and cybercrime. Identity theft is on the rise because personally identifiable information (the kind of data people-search sites pervasively publish online) is so easy to access. Anyone with a Wi-Fi connection and a computer or phone can find the information needed to log into your accounts and steal your assets.
- Stalking, intimidation and even home attacks. If someone wants to cause you or a family member harm, they can use people-search sites to get your name, age, family members, marital and parenting status, current and past contact details, income level, education level, property ownership, employment details, links to social media profiles, and more. That’s more than enough material to find a way to hurt you.
- Harassment from marketers. Exposed data can lead to rampant spam, robocalls, and scam emails. These annoyances can escalate into severe, non-stop disruptions, forcing people to change phone numbers and email addresses.
It’s evident that these risks are problematic for individuals, but an individual’s data privacy issues can impact a business’ safety and reputation, too.
Why should your organization care about data brokers?
There are two overarching reasons to help companies remove their employees’ data from the internet: a data privacy benefit (1) protects your organization and (2) attracts and retains talent.
According to a 2021 data breach survey, 74% of data breaches impacting businesses happened because of an employee’s security mistakes. These breaches were often triggered by hackers using sensitive data to lure unsuspecting workers into phishing scams, the digital snares responsible for 91% of all cyber attacks. What does phishing have to do with personal data exposure? Cyber attackers can use your employees’ email addresses and other unique information to construct personalized phishing scams that appear legitimate.
Also, talent wants and needs privacy protections to feel safe working in today’s data-driven business world. Given overall visibility, both upper-level management and front line workers are equally exposed to targeted on- and offline attacks. We’re now witnessing a turn to privacy as people are increasingly aware of the value and vulnerability of their information. A 2019 Accenture report found that 51% of employees would consider leaving an organization that did not prioritize responsible data use, and 55% of employees wouldn’t even apply to a job that failed to take data protection seriously.
It’s in the company’s best interest to protect employees. Offering a comprehensive benefits package that provides urgently needed data privacy enhances the organization’s security and cultivates a caring corporate culture. That’s the kind of environment top-performing workers want to return to every day.
Protect your employees and your organization: remove profiles from people-search sites
Adding privacy protection to your employee benefits program is one small change that can yield enormous results. In addition to reinforcing a culture that values employee safety, a data privacy protection benefit protects your business from security breaches that begin at the individual level. Cybercriminals are tirelessly searching for corporate vulnerabilities. Get ahead of the next attack by arming employees with data privacy.
Dimitri is a tech entrepreneur and OneRep CEO. He is an avid proponent of privacy regulation framework and likes to explore cybersecurity and privacy issues as a writer and reader on various platforms.