Personally identifiable information, or PII, is information that can be used to identify, contact, or distinguish one unique person from another. PII can consist of non-sensitive as well as sensitive information ranging from a name, phone number, address, email address, and birthdate to Social Security, credit card or bank account numbers. PII may also include anonymous identifiers and behavioral data captured from various parties holding the data, which may constitute PII for one party but not the other. It’s important to note that even if individual pieces of information alone appear harmless, combined with other pieces of information, may compromise one’s identity.
With the rise of emerging new technologies, the collection and processing of vast amounts of information have made PII a much larger component of personal privacy as organizations may be liable should such information be inappropriately accessed, used, or disclosed. This is why laws and restrictions (such as GDPR) have cropped up, lobbying for the appropriate protection of such information.