Grade 11 ITC · Term 4 · Digital Security Textbook
Unit 3 · Ethics, Law & Digital Citizenship · Chapter 19

Personal Data, PII and Digital Footprint

Week 7 · Day 1 · Benchmark 11.4.2.3 Apply laws and ethics of digital citizenship
Essential question

What can strangers learn about you from what you post?

Learning objectives
  • Define personal data and PII
  • Explain digital footprint (active vs passive)
  • Audit your own recent online activity

Overview

Every time you use the internet you leave a trail — some of it on purpose (posts, uploads), most of it invisibly (cookies, location, likes). This trail is your digital footprint, and pieces of it can be linked together to identify you. Personally Identifiable Information (PII) is the subset of data that can single you out: name, ID number, address, phone, biometrics, exact location.

What Counts as PII

Direct: name, national ID, passport, phone number, email, biometric. Indirect (combined): birthday + postcode + workplace can identify a person too.

Active vs Passive Footprint

Active: posts, comments, uploads you chose to make. Passive: cookies, IP address, purchase history, GPS tracks collected without a deliberate action.

Why It Matters

Employers, universities, and criminals all search social profiles. What was fun at 15 can look reckless at 25.

Activity

Personal Footprint Audit

  1. List everything you shared online this week (posts, likes, uploads, searches).
  2. Tag each item as PII, sensitive, or neutral.
  3. Highlight anything you would not want a future employer to see.
Review questions
  1. Define PII with an example.
    Reveal answer

    Data that identifies an individual, e.g. name + ID number.

  2. Give one example of a passive footprint.
    Reveal answer

    IP address, cookies, GPS location, purchase history.

  3. Why is aggregation a risk?
    Reveal answer

    Innocent pieces of data can combine to identify or profile you.

Take it home

Search your own name in a search engine. Note anything unexpected you find.