In case you don’t know, we are in the middle of a digital identity crisis. Who we are in real life is being blurred by how we are perceived online thanks to a world that devours our personal data, interprets it, and then uses (or sells) it to influence us financially, socially, politically, and more.  

Our personal data is being used against us 

Our personal data, old and new, is being used against us, holding up a distorted mirror that impacts how we perceive ourselves and the actions that we take while putting our safety and security at risk. Very few people know that one piece of data—a telephone number—has the power to unleash a firestorm of negative consequences. In the wrong hands, it can be the key to taking over our identity and creating a trail of mayhem that costs us hundreds of hours and thousands, if not millions, of dollars to repair. 

With the uptick of artificial intelligence and biometric integrations into new technologies, individuals are giving even more of their personal information away—and with it, trusting others to keep it safe. Yet this year alone there have been at least 20 major breaches with millions of people impacted, and more reported daily. In the recent AT&T breach, for example, “records of calls and texts of nearly all of AT&T’s cellular customers” impacted more than 110 million wireless subscribers.

Do these organizations we trust with our data have security best practices, sufficient technologies, or the moral compass to keep our best interests at heart? More often than not, I’d argue that they don’t. 

Taking  back control  

This is why if we want to shift from this state of crisis—in which our digital identities are being created and controlled by outside forces—to one where we’re in control, individuals and organizations have to change how we approach data.  

These steps can help. 

Take responsibility, act responsibly: It’s time to take responsibility for our personal information—those of us sharing it and collecting it. As individuals, we shouldn’t have to hide, but we should be thoughtful in what details we share and with whom we share them. This means minimizing the information we provide, masking our true data with trusted tools, and implementing best practices around things like password management.  

Companies need to reconsider how much data they collect and what they do with it. Overcollection of personal information puts companies and individuals at unnecessary risk. Bad actors are becoming more sophisticated and the price of breaches is growing, costing businesses an average of $4.45 million per breach. Companies must invest in better technologies and security teams while implementing stronger privacy policies that are easy for users to understand.  

Shift from who to how: Committing to anonymization and disintermediation of data by the tools individuals use and the type of data collected by organizations has the power to further transform the crisis we’re facing. By focusing on the behaviors of individuals and how they operate versus who they are, we can start to create a pivotal shift in how we approach data.  

This method requires fewer pieces of personal information, creates a more accurate digital identity, minimizes security risk, and helps build long-term trust—providing added value for consumers and potentially faster growth for organizations. It can also help focus future innovation on privacy-first principles that put protecting personal identities front and center.      

Educate and advocate: Understanding the impact of our always-on digital lives can be overwhelming. We’ve been programmed for decades to share freely. Yet we’re seeing devastating financial repercussions as scammers take money from the unsuspecting, as well as life-and-death outcomes due to doxxing. With all of this, there is still a limited appetite to change how we interact in the digital world, with older generations taking minimal steps to protect their privacy.  

To get ahead, we need to execute proactive and reactive solutions that speak to individuals at different life stages and levels of privacy experience. We must help educate youth by having open conversations about the consequences of oversharing, talking to strangers online, and what resources exist for support, such as the Family Online Safety Institute. For others, we need to raise awareness about the continual and growing threat of data brokers and bad actors, and then deliver simple, easy-to-implement solutions.         

Poison the data: The good news is that it’s never too late to start taking control of our data. Here’s why: To be relevant to trackers, data brokers, and bad actors, our online digital identities need to be consistently updated with fresh data points that link back to what they already know about us.

If we start serving less “relevant” information like unique, virtual phone numbers, emails, or IP addresses that don’t match up, we can break the links and poison the existing data—making it confusing when aggregated and, ultimately, indecipherable. These actions remove the value of existing information and instantly begin to protect our original identities.  

There are simple ways to poison data today. Say no to cookies. Use password managers and VPNs. Mask personal details or identifiers with new, untraceable alternatives. Remove existing data from public spaces. When we take steps like these, we can start to own our data and control our online digital identity in a way that empowers us—and protects us. 

A privacy-first future 

We know that data is big business. But the threat of how this data is being used to interpret and control our digital identities is now tantamount. It is a crisis that we have not figured out how to control fully—yet. However, a critical first step is acknowledging that there are actions we can take today to jump-start a safer, more secure digital reality.  

We have the power to create a new dynamic by taking control of what we share and how we share, making us safer. We can improve security by forcing changes in how data is collected, used, and stored, advocating for new approaches to innovation that don’t look at protecting personal information as an afterthought but as a forethought. And we can move forward together with the understanding that our future relies on a fundamental right to protect our personal data.