July 12, 2018

5 Ways Data Mongers Harvest Your Information

According to Part IV[1]of the Personal Data Protection Act (PDPA), organisations need to obtain consent from individuals to collect, use or disclose their personal data. However, personal data collected by organisations can be obtained and used by data mongers for illegal activities like selling them as telemarketing leads[2]. Individuals can report to the Personal Data Protection Commission (PDPC) should their data be used without their consent.

Here are 5 ways data mongers harvest your information that you should be wary of:

1. Sharing your personal data freely  

If organisations fail to guard the personal information we share with them, it can easily land in the wrong hands. The first line of defence against data mongers, rests with the individual. Only disclose your personal data if you understand what it will be used for. Individuals can guard themselves against persons who use their personal information for a purpose they did not consent[3] to.

2. Dumpster diving   

Companies may discard documents without destroying them completely, making it easier for data mongers to dig into the rubbish bin and get their hands on your personal information. Organisations can adopt a Shred-it All Policy where all documents are fully and securely destroyed on a regular basis before being disposed of.

3. Using untrustworthy document destruction services

While outsourcing your document destruction saves time, it is crucial to choose a service provider you can trust. For instance, service providers may accidentally lose confidential documents that are en-route to an off-site destruction centre. With Shred-it, documents can be safely shredded within minutes at the organisation’s premises. A Certificate of Destruction is provided once shredding is complete, proving that the organisation has done its part to protect customer data. 

4. Leaving your hard drive undestroyed

Hard drive and other external storage devices like memory cards house copious amounts of customer and employee data. Although organisations may usually erase data from the storage devices after the data no longer serves its purpose, it may still be possible to retrieve data from these devices. Data mongers can then harvest this data for illegitimate purposes. Using hard drive destruction services, such as those provided by Shred-it, guarantees that hard drive data is fully destroyed.

5. Employees underestimate how dangerous data mongers can be

With tight deadlines to meet, employees may not prioritise data security. As such, documents containing personal data may be left carelessly on their desks, in scanners or printers. Adopting a Clean Desk Policy can help protect information whenever you leave your desk, ensuring that personal data is kept safely away from data mongers.

Safeguard Your Information Against Data Mongers

To learn more about how Shred-it can protect your documents and hard drives from landing in the hands of data mongers, please contact us for a free quote and security risk assessment.

[1]Singapore Statutes Online. 2012. PERSONAL DATA PROTECTION ACT 2012. [online] Available at: https://sso.agc.gov.sg/Act/PDPA2012#pr11-. [Accessed 12 February 2018]

[2]Tham, I (2018). 'Data monger' fined $6k by privacy watchdog for selling personal data without notification or consent. [online] The Straits Times. Available at http://www.straitstimes.com/singapore/singapore-privacy-watchdog-takes-first-data-monger-to-task [Accessed 12 February 2018]

[3]Richard, S (2018). Professional details used for marketing purposes. [online] The Straits Times. Available at http://www.straitstimes.com/forum/letters-in-print/professional-details-used-for-marketing-purposes [Accessed 14 February 2018]