Protecting personal information

Personal information is any information or combination of information that enables an individual to be identified. Personal information is used by many businesses for legitimate communication. However this is not always the case and some personal information can be misused by criminals or inappropriately by marketers.

What is my personal information?

Your personal information may include your:

  • full name
  • address
  • phone numbers
  • school
  • date of birth
  • email address
  • username and password
  • bank details.
raising logo and URL

Disclosing personal information online

Many online services require users to provide some personal information in order to use their service. Prior to providing personal information, you should think about what can be done with your personal information and assess whether you are still happy to pass on these details. In addition to inappropriate or illegal use of information, disclosing personal information online can impact your digital reputation.

There are several online activities that you should be aware of that may require a level of disclosure of personal information. These include:
  • Shopping: to verify the identity of the purchaser, to process payments or for the delivery of goods.
  • Subscribing or registering: a screen name or ID and an email address are often minimum requirements but other requested information may include: age, gender, address, photo and personal likes or dislikes (a red asterisk (*) generally identifies mandatory fields that are needed to register).
  • Competitions, prizes and rewards: often require users to provide extensive personal data, including personal interests and demographic details—these are often used by marketers to promote products and services.
  • Online games and virtual worlds: these may require users to register before they can begin to play.

What might happen if I share my personal information online?

Spam, scams, identity theft and fraud are just some of the more serious issues that you might face if you are sharing personal information online.

What is spam?

Spam is a generic term used to describe electronic 'junk mail'—unwanted messages sent to your email account or mobile phone. The content of spam messages can vary from promoting products or services to offensive or fraudulent material. Some can also spread computer viruses.
You can reduce the amount of spam that you receive by:

  • limiting how often you're sharing your email addresses and mobile numbers
  • using spam filtering software
  • checking terms and conditions when you purchase products, enter competitions or register for services or email newsletters online
  • not agreeing to receive marketing materials
  • boosting your online security to limit spam.

More information about spam and how to make a complaint is provided by the Australian Communications and Media Authority (ACMA).

What are cookies?

Cookies are a web browser tool that store information about browsing activity and report this back to the website. Cookies allow websites to remember users and save personal settings. Personal information may be collected and shared using the cookie. To help protect your information, it’s good practice to delete your cookies on a regular basis.

What is fraud?

Internet-based fraud is when the internet is used to steal information and resources for financial gain. Simple fraud scams can seek money or personal details, while others seek personal information that will be misused to obtain money, resources or information by deceptive means.

What is identity theft?

Identity theft is a type of fraud that involves stealing money or gaining benefit by one person pretending to be someone else. It can have terrible consequences, both financially and emotionally.
Fraud can occur in many ways—from somebody using credit card details illegally to shop online, to having a person’s identity assumed by another to open bank accounts, take out loans and do business illegally, under that name.
Sophisticated information gathering tools such as malware and spyware enable fraudsters to gather personal information about the person they target.

What are scams?

Scams are often sent via email but can also be sent by instant messaging and SMS. According to the Australian Competition and Consumer Commission’s (ACCC) SCAMwatch website anyone can fall victim to a scam. Scams succeed because they look like the real thing and scammers manipulate people into responding. Scams can appear to come from authoritative sources, like a well-known bank or mobile phone provider. They may make people fearful that they will miss out on a special offer, or feel ashamed of themselves for refusing to help a person or group in need.

If in doubt about the legitimacy of a website, call the organisation it claims to represent. The SCAMwatch website provides further advice on how to identify and report potential scams.

How can I protect my personal information?

It’s important to understand how personal information is used online and how to protect your information and digital reputation.

The following tips are a great basis for protecting your personal information online:
  • Only disclose financial information on secure websites. Look for an address beginning with https:// and a ‘locked’ padlock symbol in the bottom of the screen, which indicates that data is being encrypted.
  • If in doubt about the legitimacy of a website, call the organisation it claims to represent. The SCAMwatch website provides further advice on how to identify and report potential scams.
  • Banking institutions will never email individuals asking for their user name or password. If you receive an email by an organisation claiming to represent a banking institution report the email to the bank and SCAMwatch. Do not respond and do not click on any links provided.
  • Read user agreements and privacy policies. Many organisations use information for marketing purposes and may sell it to other marketing firms. If information is posted on websites that do sell information to marketers, individuals may receive promotional spam emails which can be difficult to stop.
  • Understand that information shared online can be permanent—users may not have control over who sees or accesses their personal information. This includes teachers, parents and prospective employers.
  • Select passwords carefully. When creating passwords there are some definite dos and don’ts, these include:
  • Do
    • use eight characters or more
    • use a combination of words that aren't predictable
    • use two-factor authentication on accounts containing personal information.


    • use pet names, birthdates, family or friends’ names 
    • use a predictable combination of words (eg. 'ilovehiking'), a context specific word (eg. 'google') or repeated sequential characters (eg. 'aaaaaa' or '123456')
    • share passwords with others, even with friends
    • store them on your device, unless it's via a password manager which stores them in an encrypted database.

Sign up for eSafety News

Stay up to date with online
issues, new resources, and the latest research.