What is personal information?

Personal information is anything that can be used to identify you in real life. It is also the currency that criminals use to commit several types of scams. Your students might not understand the importance of personal information. However, scammers can use information on their social media accounts to steal their identity and impersonate them, or even access their bank account to steal money.

How do I teach my students about personal information?

Ask the students to name some of the things they do online. For example, playing games, posting photos on Instagram, or sending messages via WhatsApp. Write the first five activities on the board.
Explain that personal information is everything you share about yourself to do an activity online. Ask them to give one example of personal information that they share when they do each activity. For example, you share your name and email address to register for an Instagram account and share your photo when you post it.
Write the definition of personal information: All information, whether true or not, about someone who can be identified from that information.
Ask them to think about other types of information someone could find through those same activities. For example, the Instagram photo might have their location tracked.
Talk to them about social media sites such as Facebook or Instagram being able to track their locations via GPS and their Internet Protocol (IP) address, and online shopping companies being able to track their spending habits.

What are examples of personal information?

Full name
Address
Phone number
Photos
Date of birth
NRIC number
School
Email address
Passwords
Locations

When might my students share personal information?

There are several activities online which require some disclosure of personal information, including:

Registering for an online account: signing up for sites often requires a name and email address, but your student may be asked for their gender, date of birth, and more, but a red asterisk (*) often marks out the fields they must enter to register
Shopping: sites may ask for further details to verify their identity, process payments, and make deliveries

What happens if someone has my student’s personal information?

There are many consequences of sharing personal information, including:

Spam emails
Scams
Fraud
Identity theft
Damage to reputation

How do I teach my students on what happens to their personal information online?

For primary school teachers

Ask the students if they have ever squeezed toothpaste out of a tube and tried to put it back in. Then, encourage them to think about how they think this analogy might apply to sharing personal information online
Ask them to name three activities that they do online. For example, posting photos, sending messages, or playing games.
Explain that personal information is everything you share about yourself to do an activity online. For each activity they've named, ask them to give one example of the personal information that they share. For example, they might share their name and email address when registering for an online account, or share a photo when posting online.
Ask them if it is possible to ‘put the toothpaste back’ when it comes to personal information, going back to your three activities. For example, they can delete a photo or message, and delete their online gaming account.
Explain that information online is permanent. It can be copied, shared with larger and unintended audiences, and is searchable. Ask them how someone could save someone else’s message – they might surprise you with their ingenuity.
Remind them that these methods of saving people’s information apply to them too. Explain that websites, such as social media sites like WhatsApp or Snapchat, also save this content automatically on their servers.

For secondary school teachers

Divide your class into five groups.
Provide each group with one of the following scenarios:

A man posts a video of his son returning home from the dentist, woozy from anaesthesia. The video went viral and the son was recognised on the street for years after.
A boy gets into an argument with a friend and posts something rude about him on a social media site. Later, he regrets it and deletes the post. But the post has been saved and shared by several people and goes around the school.
A boy bought a birthday gift for his mom from an online store. His mom, using the same computer at home, was browsing the website and saw ‘recommended items’ based on what the boy bought – ruining his surprise.
A boy started a gossip blog where his group of friends posted rumours about people in school. When his parents found out, they made him delete it. But when people searched the school, an archived version of the blog could still be found.
A girl posted a photo of her friend at a school dance. Her friend only saw it the morning and hated the photo because of the way her hair looked. She asked the girl to take it down. Although she deleted it, another account had already reposted the photo.

Ask the group to discuss what each scenario says about the permanence of information online. Ask each group to come up with another scenario (either real or hypothetical) based on personal information that one of them has shared online.
Share this hypothetical scenario with the class.

For pre-university teachers

Watch a video on YouTube called “Amazing mind reader reveals his ‘gift’”. The video is an advertisement, but makes the point that private information is not so private after all.
Divide the students into groups of 4-5.
Ask each group to create a scenario where someone shares a piece of personal information that they would not want someone else to find. For example, a girl does not want her mother to see her photos with her secret boyfriend or a boy does not want his teachers to see a photo he took at an event he skipped school to attend.
Share this hypothetical scenario with the class.
After each example, ask the class to discuss how someone could find the information anyway (e.g., the mother uses her son’s account to spy on her daughter) and how someone could better protect their information (e.g., changing privacy settings).

What are some ways for my students to protect their personal information?

Teach them to only use secure websites when sharing personal information: look at the URL bar and check that it begins with https:// and has a ‘locked’ padlock symbol on the left, which indicates that data is encrypted
Tell them never to share their password with anyone
Remind them to use a different password for each online account, and to change them regularly
Teach them how to create a strong, unique password (at least 12 characters) comprising five different words that relate to a memory unique to them for each of the accounts they create online, such as their email, social media and e-commerce accounts. Do not use commonly used phrases or obvious patterns e.g. “Password1234”, or personal information such as their name, NRIC or birth date, or information that can be obtained easily by doing a search online. In addition, use uppercase and lowercase letters, numbers and symbols to make it even harder to crack. Learn how to create a strong passphrase at https://www.csa.gov.sg.
Encourage them to enable two-factor authentication (2FA) to access their online accounts where possible. As 2FA uses more than one type of information to identify who they are before granting them access to their online account. The first factor is usually something that they will know, such as a password. The second factor is something they have, such as a one-time password (OTP) from a physical OTP token. Another form of authentication involves biometrics which includes fingerprints and face recognition. With 2FA, even if a hacker obtains the password, the account is still protected if he is unable to get hold of a second factor.
Teach them how to install anti-virus software to their devices to scan and detect malware. Some anti-virus options can only detect and quarantine malware but may not remove viruses from the device. When searching for a suitable anti-virus app, look out for one which offers malware removal capabilities.
Remind them to update all software and apps on their devices as soon as new versions are made available. This fixes bugs and patches up security loopholes to fight new viruses and malware.

Useful links

How to Protect Your Child's Personal Information Online

Five Tips to Protect Your Child's Personal Information Online

Tips for Adults on Protecting Their Personal Information

Educators: Protect Personal Information

Resource tagged:

How useful is this resource?