Personal Information

Personal Information

Personally identifiable information (PII), as used in information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. The abbreviation PII is widely accepted, but the phrase it abbreviates has four common variants based on personal/personally, and identifiable/identifying. Not all are equivalent, and for legal purposes the effective definitions vary depending on the jurisdiction and the purposes for which the term is being used.

NIST Special Publication 800-122 defines PII as "any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information." So, for example, a user's IP address as used in a communication exchange is classed as PII regardless of whether it may or may not on its own be able to uniquely identify a person.

Although the concept of PII is old, it has become much more important as information technology and the Internet have made it easier to collect PII through breaches of internet security, network security and web browser security, leading to a profitable market in collecting and reselling PII. PII can also be exploited by criminals to stalk or steal the identity of a person, or to aid in the planning of criminal acts. As a response to these threats, many website privacy policies specifically address the gathering of PII, and lawmakers have enacted a series of legislations to limit the distribution and accessibility of PII.

However, PII is a legal concept, not a technical concept. Because of the versatility and power of modern re-identification algorithms, the absence of PII data does not mean that the remaining data does not identify individuals. While some attributes may be uniquely identifying on their own, any attribute can be identifying in combination with others.

Read more about Personal Information:  Examples, In Privacy Law, Forensics, Personal Safety, See Also

Other articles related to "personal information, personal, information":

Personal Information - See Also
... Anonymity De-identification Personal identifier Personal identity Pseudonymity Bundesdatenschutzgesetz ...
List Of Confidence Tricks - Online Scams - Phishing
... official organization with which the mark is doing business, in order to extract personal information which can then be used, for example, to steal money ... like email from that business, and will ask the mark to "verify" some personal information at the website, to which a link is provided, in order to "reactivate" his blocked account ... The site contains a form asking for personal information such as credit card numbers, which the mark feels compelled to give or lose all access to the service ...
Canadian Privacy Law - Evolution of Canadian Privacy Statutes - Extension To Private Sector Organizations - Federal
... The Personal Information Protection and Electronic Documents Act ("PIPEDA") governs the topic of data privacy, and how private-sector companies can collect, use and disclose personal information ... that Canadian privacy laws were strong enough to protect the personal information of citizens of other nationalities ... Model Code for the Protection of Personal Information, developed in 1995 ...
Cyworld - History - 2011 Data Leakage and Decline
... was hacked into by criminals who stole the personal information of more than 35 million users ... The information for almost all of the Cyworld/Nate members was compromised ... requires its members to submit personal information for membership, the 2011 Nate Data Leakage was quite detrimental as the hackers had the members' resident registration numbers, phone numbers, and email ...
Electronic Health Record - Governance, Privacy and Legal Issues - Privacy Concerns
... Threats to health care information can be categorized under three headings Human threats, such as employees or hackers Natural and environmental ... Therefore, one will find health information systems professionals having these particular threats in mind when discussing ways to protect the health information of patients ... European Parliament and of the Council protect the processing and free movement of personal data, including for purposes of health care ...

Famous quotes containing the words information and/or personal:

    Many more children observe attitudes, values and ways different from or in conflict with those of their families, social networks, and institutions. Yet today’s young people are no more mature or capable of handling the increased conflicting and often stimulating information they receive than were young people of the past, who received the information and had more adult control of and advice about the information they did receive.
    James P. Comer (20th century)

    Life is unnecessarily long. Moments of insight, of fine personal relation, a smile, a glance,—what ample borrowers of eternity they are!
    Ralph Waldo Emerson (1803–1882)