According to GDPR, personal data or sensitive personal data or Personal identity information is a set of data or information collected together which can directly or indirectly identify a natural person.
Introduction:
Are you aware what your personal data, sensitive personal data and personal identity information are? Hacker’s close eyes is on these three highly responsive data. Hackers want to access these data which can benefit them in many ways. They want to trace, locate and identify us by our personal data. But as we are unaware about what really our personal data is, the significance of our personal data and what hackers do with our personal data, we are showing our utmost negligence in sharing our valuable personal data. In a recent research we found that many of us have partial awareness on what really our personal data is? Many says our email, phone number is our personal data. And many say our name, date of birth and age is our personal data. But in corporeality personal data is a very deep concept about which everyone must be aware. So let’s discuss in particular, the concept of personal data. But before that just have a brief idea on personal Identity as the concept of personal data comes from personal identity.
What is Personal Identity?
Personal identity which at a time identify an individual and at the same time it distinguish one individual from other individuals. Personal identity of an individual person evolves from time of birth to death which solely single out a person from the huge global population. Personal identity includes our
Naming identity
Gender identity
Parental identity
Residential identity
Contact identity
Educational identity
Job identity
Financial identity
Government identity
National Identity
Religious identity
Political identity
Social identity
Racial identity
Behavioral identity and etc.
Note:
With the evolution of digitized computer world, information’s are stored in the form of Data in computer. In computing, Data is the formal, precise and accurate information on any specific phenomenon which can be easily stored, managed and transmitted. For ex. when students information are collected and stored is called as student Data. Similar examples are Employee Data, Patient Data, Customer Data, Personal Data and etc. To know more about data.please read our article " The Emerging Data World, know your Data,its importance and Data crime".
What is Personal Data?
Personal data is a set of data or information collected together which can directly or indirectly identify a natural person or we can say personal data means any information relating to an identified or identifiable natural person.
Examples of Personal Data:
Name
Gender
Contact Data (Address, Email ,phone, Fax number and etc)
Parent Data
Educational Data
Job Data
Biometric Data
Bank, Finance and Insurance Data.
Nationality
Religion
Race
Government Identity Data
Health & Medical Data
Genetic Data
Social Data
Location data (for example the location data function on a mobile phone)
An Internet Protocol (IP) address Data
A cookie ID*
Advertising identifier of mobile phone
Behavioral Data and so on.
As per European Union,"General Data Protection Regulation (GDPR)", ‘Personal data’ means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Since the GDPR definition of Personal Data includes “any information”, which also consider less explicit information such as recordings of work times which include information about the time when an employee begins and ends his work day, as well as breaks or times which do not fall in work time, also considered as personal data. Similarly, written answers from a candidate during a test and any remarks from the examiner regarding these answers are also “personal data” if the candidate can be theoretically identified. The same also applies to IP addresses. Subjective information such as opinions, judgments or estimates can be personal data.
What is Sensitive Personal Data?
Sensitive Personal Data is a special category of personal data which are highly relevant and subject to higher level of protection. According to European Union General Data Protection Regulation, sensitive personal data include genetic, biometric and health data, as well as personal data revealing racial and ethnic origin, political opinions, religious or ideological convictions or trade union membership. Sensitive personal data must be handled with extra security and privacy.
‘Genetic data’ should be defined as personal data relating to the inherited or acquired genetic characteristics of a natural person which result from the analysis of a biological sample from the natural person in question, in particular chromosomal, (DNA) or (RNA) analysis, or from the analysis of another element enabling equivalent information to be obtained.
‘Biometric data’ means personal data resulting from specific technical processing relating to the physical, physiological or behavioral characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or fingerprint data.
‘Health data’ means personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.
According to India’s Draft on “Personal Data Protection Bill, 2018”, Sensitive Personal Data includes personal data related to following information.
Passwords
Financial data
Health data
Official identifier
Sex life
Sexual Orientation
Biometric data
Genetic data
Transgender status
Intersex status
Caste or tribe
Religious or political belief or affiliation or
Any other category of data specified by the Authority under section 22.
Financial Data: “Financial data “means any number or other personal data used to identify an account opened by, or card or payment instrument issued by a financial institution to a data principal or any personal data regarding the relationship between a financial institution and a data principal including financial status and credit history.
Official Identifier: “Official identifier” means any number, code, or other identifier, including Aadhaar number, assigned to a data principal under a law made by Parliament or any State Legislature which may be used for the purpose of verifying the identity of a data principal.
Note: Data Principal is the natural person to whom the personal data referred.
What is Personal Identity Information?
Personal identity information is a special combination of personal data which can potentially be used to identify a specific individual. By the individual name only it is difficult to identify a person as in the same name thousand people stays in a country. Personal identity information is a set of personal information which can be used to distinguish or trace an individual identity.
For example individual’s first name and last name, in combination with any one or more of the following:
Social Security number (SSN).
Drivers license number or State-issued Identification Card number.
Financial account number, credit card number*, or debit card number in combination with any required security code, access code, or password such as expiration date or mother’s maiden name that could permit access to an individual’s financial account.
Medical information (any information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional)
Health insurance information (an individual’s health insurance policy number or subscriber identification number, any unique identifier used by a health insurer to identify the individual, or any information in an individual’s application and claims history, including any appeals records)
Conclusion:
Now a day’s Personal data is the most important asset of every individual or you can say personal data is wealth of every individual. With the huge rise in internet all over the globe, hackers are gathering personal data and reselling it with huge profit value. Personal information is exploited greatly by cyber criminal in activities such as identity theft, financial fraud, advance fee scam, spying and many other such cyber crimes. Looking at the increase rate of identity theft, data breach, financial hacking the European Parliament has enacted a series of legislation such as the General Data Protection Regulation (GDPR) to limit the distribution and accessibility of PII. Also many website privacy policies specifically address the gathering of Personal data and Personal Identity information. Though many regulations came up for individual data privacy and protection but the real data protection can only be achieved when every individual will be aware about their personal data, importance of the personal data and what hackers do with their data.
Comments