Your PII

PII stands for Personally Identifiable Information. While details such as your name or a birthplace are indeed personal information, each standing alone would be insufficient to accurately identify you. So, what would constitute PII?

PII is information which can be used to identify a person uniquely and reliably, including but not limited to name, social security number, address, phone number, e-mail address, mother’s maiden name, etc.

If someone had enough of these pieces of your identity, it would be possible for them to masquerade as you and, for example, open bank or credit cards accounts in your name. To protect your PII, you need to be aware of what and where it is.

The Value of Awareness

Bill Mason, author of the book Confessions of a Master Jewel Thief, offers this advice: "A building protected by nothing more than a cheap combination lock but inhabited by people who are alert and risk-aware is much safer than one with the world's most sophisticated alarm system whose tenants assume they're living in an impregnable fortress."

In other words, the key to locking up your PII is located between your two ears. Your ability to maintain a keen awareness of where your PII resides -- whether in a wallet, cache in your computer, or the tip of your fingers when prompted for it -- is the first step in guarding your privacy.

Identifying the Location of your PII

Sometimes the location of your PII is obvious, such as the information on your driver's licence, a credit card number +CVV (Card Verification Value), or your social security card.

But what about your information stored on your computer, whether in documents, email or cached? Software programs, such as Identity Finder, can search your computer to uncover and secure your sensitive information. Identity Finder is available as an enterprise-wide solution for Brown faculty and staff as well as for home use (there is a free edition for Windows)

Formulating Your Protection Plan

How is an identity stolen? There are many ways which include: physical theft, someone changing your address to redirect email to their house, dumpster diving, bogus ATM card skimmers, and phishing.

However, being aware of what information you have, where it is located, and how it might be stolen, provides an excellent base upon which to build your protection plan. The following are some suggestions:

  • Shred: When you receive mail with your personal information on it, shred it before putting it out to recycle.
  • PO Box: Don’t send bills from home address. Protect it by getting a post office box instead.
  • Credit Cards
    • Only carry the credit cards you need.
    • Watch out for phony card skimmers and shoulder surfers.
    • Keep the card in site at all times during financial transactions (such as at restaurants) if at all possible.
  • Social Security Card
    • There's no need to carry your social security card with you. Leave it locked up with your other valuable papers at home.
    • Guard the number as well! Always question it’s use. Don't put it on checks.
    • Monitor your yearly SSN benefits statements.
  • Check Your Credit: Use a credit monitoring service. You can arrange for free annual credit reports at
  • Marketing Lists
  • Prepare for an Event: Make copies of license, credit cards, etc. and create a list of emergency numbers to call.
  • Don't Get Phished!
    • Don't ever give out your ID and password.
    • Don't reply to email or pop-up messages that ask for personal or financial information.
    • Don't click on links in the message.
    • Don't cut and paste a link from the message into your Web browser.
    • Don't call the number listed in the email or pop-up.
    • Use anti-virus and anti-spyware software, as well as a firewall and a spam filter, and update them all regularly.
    • Never send personal or financial information via email.
    • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
  • Keep Your Browser Current and Secure
    • Always use the most current version.
    • Disable cookies (or at least monitor them!
    • Don't disable anti-phishing and website spoofing monitoring.
    • Block unwanted pop-ups.
    • Know your security zone and privacy settings.
  • Encrypt your most sensitive information

Tips on Identity Theft