Your digital identity is a set of data that represents you online: name, email, phone number, photos, browsing habits, financial data. Its compromise can have serious consequences: bank fraud, identity theft, harassment, reputational damage. Here's how to protect it effectively.
What Is Digital Identity?
Your digital identity is made up of several layers:
Declared identity: information you voluntarily provide (name, age, address on Facebook, email, phone number on forms).
Calculated identity: data inferred from your online behavior (purchasing habits, inferred political opinions, interests, estimated income).
Traced identity: data collected without your direct consent (cookies, advertising trackers, server log files).
Biometric identity: fingerprint, facial recognition, voice (increasingly collected by connected devices).
The Most Common Threats
Identity Theft
A criminal uses your personal information to open bank accounts, take out loans, or commit fraud in your name. Victims of identity theft can spend months resolving the situation.
Common sources: website data breaches, phishing, theft of postal mail, email account hacking.
Account Takeover
An attacker takes control of your email, social media, or banking account. From a compromised email account, they can access all your other accounts via password reset.
Doxxing
The malicious online publication of your personal information (address, phone, workplace) to expose you to harassment.
Shadow Profiling
Companies (often data brokers) compile detailed profiles about you from public and purchased data, and sell them to advertisers or worse.
Essential Protection Measures
1. Limit Your Exposure Surface
Reduce the information you share online: your full date of birth, address, phone number, and workplace don't need to appear on your public profiles.
Use aliases for registrations on unimportant sites: a secondary email address, a different name for non-critical accounts.
Request removal from data brokers: services like DeleteMe (paid) or Incogni help remove your data from major data brokers.
2. Secure Your Critical Accounts
A compromised email account is a disaster. Protect it with:
- A strong, unique password (not used elsewhere)
- Two-factor authentication (preferably via a TOTP app)
- A separate, also-secured recovery email
3. Monitor Your Digital Identity
Google Alerts: create alerts on your name to be notified when it appears on new web pages.
Have I Been Pwned (haveibeenpwned.com): check if your email has been exposed in a known data breach.
Bank statements: regularly check your statement to detect unauthorized transactions.
4. Use a VPN on Public Networks
A VPN encrypts your connection and masks your IP address. Particularly useful on public WiFi (airports, cafés, hotels) where interception risk is high.
Note: a VPN doesn't make you anonymous and doesn't protect against website trackers.
5. Browse More Anonymously
Use Firefox instead of Chrome: Firefox offers better tracking protection by default.
Install uBlock Origin: the best ad and tracker blocker.
Use DuckDuckGo as your default search engine: it doesn't track your searches.
Enable HTTPS-Only mode in your browser to force encrypted connections.
Digital Identity and Succession
Protecting your digital identity doesn't stop at death. Criminals can impersonate deceased people (called "ghosting") using their personal information, still present online.
For your loved ones, having quick access to your accounts after your death allows them to close them and prevent posthumous impersonation. This is another reason to prepare a digital will with EchoPass.