Electronic communication and data storage have become integral to almost every aspect of our business and personal lives. Email communication, content streaming, social media, online commerce and a host of other services—along with the associated data collection and sharing—are so much a part of modern life that we often forget that the underlying digital infrastructure even exists, at least until it fails.

But that ubiquity comes with some associated risk. Each interconnected service we use increases our digital “footprint”—the trove of information about us (accurate or not) that is available online. In some cases we may explicitly agree to share that information, in others it may be collected without our knowledge, but absent extraordinary measures, information about us is constantly being collected, stored, indexed and shared. This includes not only personally identifiable information (PII) such as names, addresses, dates of birth and Social Security numbers, but also associated demographic and preference profiles, built up through the tracking of web activity, online commerce, or even geolocation. While PII is often explicitly protected by laws or regulations, the associated profile data generally is not, and that information is often freely shared among connected services. This may be unsettling, but it is not illegal—it’s simply part of the bargain we have made as an online society.