Get started

Get the app

Scan with your mobile device to download the goConfirm app.



Personally Identifiable Information (PII) Data

The digital age has brought with it many benefits, such as easier access to information and online services. However, one thing users must be wary of, especially buyers and sellers on peer-to-peer marketplaces, is the danger of unauthorized access and misuse of Personally Identifiable Information (PII).

More than your name and address, PII includes sensitive details like your social security number. Cybercriminals getting access to this information can bring about significant damage to your life.

In this article, we’ll guide you through what PII is, how companies collect and use your information, and the issues or risks that come with it.

What is personally identifiable information?

Personally Identifiable Information refers to any data that can pinpoint a person’s identity. This includes a wide range of information.

For instance, your name, address, and email are all pieces of PII because they link directly back to you.PII isn’t limited to one type of data or another. Instead, it encompasses anything that can identify a specific individual.Sensitive vs Non-Sensitive Data

We can categorize PII into two categories: sensitive and non-sensitive.

Sensitive PII is information that, when disclosed, could result in harm to the individual to whom it belongs. Social insurance numbers, driver’s license numbers, and bank account details are all considered sensitive data. These need more protection because, when they fall into the wrong hands, they can cause financial loss and significant damage to an individual.

On the other hand, your full name, email address, phone number, and home address fall under the category of non-sensitive PII.

While it may appear less risky, unauthorized access to non-sensitive PII can also be problematic. With goConfirm, you can securely and temporarily share this type of information with your buyer or seller and reduce your risk of unintended complications.

The difference between PII and personal data

Personally Identifiable Information (PII) is a specific category of personal data that can directly or indirectly identify an individual. This type of information can pinpoint a specific person, and is especially risky when combined with other data.

On the other hand, personal data is a broader term that encompasses any information related to an identifiable person. While all PII is personal, not all personal data qualifies as PII. As a broader category, personal data might include information like demographic details and online identifiers.

How companies use PII

Every company has its own policies and practices when it comes to collecting and using your PII. Often, these are used to tailor ads and improve user experience. Here are three ways companies use your PII:

Personalized marketing

Companies leverage PII to tailor their marketing efforts to meet buyers where they’re at. They analyze your preferences and habits so that they can create content that matches your interests.

For example, if you often shop for books online, you’re more likely to see ads for bookstores or new releases than someone who often looks for electronics online. Your PII lets companies present you with relevant products or services based on your behavior and preferences.

Customer service enhancement

Aside from trying to market their products and services, your PII is used by some businesses to provide personalized customer service. This data includes your past interactions and preferences, which, in turn, makes their service feel more tailored to you.

If you’ve ever tried contacting a help desk and they already know your purchase history, you know how valuable it is to receive a personalized response. It typically speeds up the resolution process and improves satisfaction by reducing the number of questions an agent must ask a customer.

Fraud prevention

PII is also an integral factor for risk assessment and fraud prevention, whether you’re a buyer or seller. Your data can help verify your identity during transactions and detect discrepancies in payment details.

With goConfirm, you’re asked to verify your identity through government-issued IDs. Our partner, Persona, takes a few minutes to confirm your data is yours (this is only required once!) and then you can safely create and share transactions with your seller or buyers.

Protecting your PII

Protecting your PII starts with being aware of the data that you need to safeguard. In addition to using goConfirm for your peer-to-peer marketplace shopping, here are some ways to enhance your security when transacting online:

Use strong passwords

Create strong passwords that are hard to guess and unique for each account. Avoid common words, phrases, or sequences. Instead, use a mix of letters, numbers, and special characters.

There are also reputable password managers that allow you to store and manage your passwords securely. These tools provide an extra layer of security by encrypting your login details and generating strong passwords for you. This way, you only need to remember one master password to access all your accounts securely.

Enable multi-factor authentication (MFA)

Whenever possible, activate two-factor authentication for your online accounts. This adds an extra layer of security by requiring a second form of verification, such as a text message or an app notification, in addition to your password. 

The process requires a second form of verification, such as a text message or an app notification, in addition to your password. By setting up two-factor authentication, you reduce the risk of someone else accessing your accounts even if they have your password.

Check your connections

Public Wi-Fi networks are useful for staying connected on the go but can pose security risks. Don’t check your bank accounts or do other sensitive transactions if you’re not on a private Internet connection.

If you’re traveling and you really need to check your bank accounts or buy something online, use a virtual private network (VPN) for added security. A VPN encrypts your internet connection, protecting your data from potential eavesdroppers on public networks.

Stay on top of your accounts

Check your bank statements, credit card reports, and online accounts for any unauthorized transactions or changes. By doing so, you can spot suspicious activity earlier and prevent further damage.

Stay aware of phishing scams

Phishing scams are attempts by scammers to trick you into giving out your sensitive PII, such as your passwords or credit card numbers. Be skeptical of emails or messages that ask for personal information or direct you to a website to input your details.

Limit your exposure

Adjust your privacy settings on social media platforms to control who sees your information. Be mindful of what you share online, as hackers can use the details you post to guess your passwords or answer your security questions.

Secure personal documents

Keep sensitive documents, such as your SIN card, passport, and birth certificate, in a safe place such as a locked drawer or safe. 

Avoid bringing these documents around unless necessary, and never leave them unattended in public areas. Additionally, shred any old documents that contain personal information before disposing of them.

Data breaches impact businesses and individuals

Data breaches can have severe consequences, not just for businesses but also for individuals. When Personally Identifiable Information (PII) is compromised, it affects more than just the numbers; it impacts real people’s lives and a company’s foundation of trust with its customers.

How data breaches affect businesses

We’ve all heard of major corporations that have suffered from data breaches. Early this year, Canada’s global affairs department admitted to a data breach, with additional reports saying it happened between December 20 and January 24. The department had to shut down parts of their network during that period. 

How data breaches affect individuals

The consequences of a data breach can be long-lasting for individuals. If your PII gets exposed, it could take months, years, or longer to regain control and you could remain at risk indefinitely.

If you fall victim to this, you could experience years of checking your statements for unauthorized transactions and have to work very hard to repair your credit score.

Protect yourself online

Your online security isn’t something you should take lightly. It’s a fundamental aspect of your digital life. That’s why you should pay attention to it and know how to protect your PII.

Take proactive steps like using strong passwords and two-factor authentication to strengthen your defenses against potential cyber threats. Being vigilant and staying updated about the latest cybersecurity practices can also help you stay safe in the digital world.

Keep your peer-to-peer marketplace (Facebook Marketplace, Kijiji, Craigslist, Karrot) transactions extra safe by protecting your personal information with goConfirm. Simply sign up and verify your identity once, and we’ll take care of the rest. Sign up with goConfirm to protect yourself and enjoy your online interactions.


Is a fingerprint considered PII?

Yes, a fingerprint is considered PII because it’s unique to each person and can be used to identify a specific person. Other biometric data like facial recognition patterns and even voiceprints are sensitive elements of PII, as they carry inherent personal identifiers that are almost impossible to change or disguise once exposed.

Who is responsible for PII data?

PII management typically falls on the organization that collects, stores or processes the information. This can include businesses, government agencies, or any group that handles personal data.

They must uphold PII’s confidentiality, integrity, and availability by implementing appropriate security measures. They should also follow data protection laws and respect individuals’ privacy rights.

These entities should protect PII from unauthorized access and disclosures at all costs. They do this by implementing encryption, access controls, and security audits.