Language selection


10 tips for protecting personal information

Revised: August 2023

1. Think twice

Whether it is online or in person, you are constantly being asked for your personal data. Ask why the information is needed, who will use it and how. Remember, the Internet never forgets. Once information is out there, it can be very difficult to control what happens to it. You should always consider the impact that your comments or images could have on your reputation or and on the reputation of others.

2. Ask questions

Get in the habit of reading the privacy policies of the websites and apps that you use. If there is anything that you are not sure about, ask the company to explain it. Companies should be able to answer any questions that you have about how your information will be used and protected. If they cannot, or you do not like what you hear, it should raise red flags. Remember, if you have shared personal information with a company, you have the right to withdraw your consent to its use at any time and delete your profile. You also have the right to access and correct your personal information.

3. Speak up

If you are worried about the way that your personal information is being handled by an organization, tell them. Most organizations care about their customers’ privacy concerns. In many cases, an organization will quickly and effectively address a concern that you have about how your personal information has been handled if you raise it directly with them. Positive changes to the general policies or practices of an organization are more likely when people speak up.

4. Just say no

Think about subscribing to the National Do Not Call List to avoid telemarketers. Check off the “no thanks” box on forms that ask you to provide personal information or leave a brief note stating your refusal to be contacted. You can also get your name removed from many mailing lists by subscribing to the Canadian Marketing Association’s Do Not Mail Service.

5. Safeguard your SIN

Your Social Insurance Number is important to privacy protection because it can open the door to your personal information and put you at risk of fraud and identity theft. Your SIN is confidential and organizations should only collect and use it for income reporting purposes. Just because someone asks for your SIN does not mean that you have to provide it.

6. Protect your devices

Take steps to protect your privacy online. Ensure that your computer, smartphone and other mobile devices are password protected. Only download from reputable sources. Install the latest operating system, anti-virus, anti-spam and firewall programs and keep them updated. Exercise caution when using public networks. Data is vulnerable when passing through public spaces with open wireless networks. Use a virtual private network to send and receive data on a public network to keep it secure. Disable Wi-Fi and Bluetooth if you are not using them. Do not leave mobile devices unattended.

7. Protect your passwords

One way in which you can help prevent identity theft is to ensure that your passwords are hard to guess. Avoid using short passwords and consider using longer ones. Longer passwords are more difficult to hack, but remember that as technology develops, longer passwords may not always be stronger. Use different passwords for different websites, accounts and devices. See our tips for creating and managing your passwords to learn more.

8. Adjust your privacy settings

Mobile devices, browsers, sites, apps, and other web-enabled items such as video games and cameras often have adjustable privacy settings. For devices, this may include the ability to control everything from location tracking to screen locks. For browsers, users can often control things like cookies and pop-ups, while apps and websites such as social media sites generally allow users to control what personal information others can see about them. Never rely on default settings. Review and adjust your privacy settings regularly as they can change from time to time.

9. Discard with discretion

Make sure that data stored on devices you no longer use is properly deleted before selling, recycling or throwing them away. Find our how to sanitize and dispose of electronic devices.

10. Know your rights

Date modified: