You Are a Person of Interest

  • Published
  • By Rand Bethea
  • ACC Directorate of Communications
Every person has information that is unique to themselves which is used by numerous organizations both on and off base. Organizations such as banks, credit agencies and your unit all have records that contain information about you. Some of this information includes your Social Security Number (SSN), date of birth, address and phone number, account numbers, and various other elements of personally identifiable information (PII).

Protecting your PII is an important responsibility of the organizations and people that have access to it. If PII falls into the wrong hands, all kinds of bad things can happen. One big concern is identity theft: the act of using someone else's PII to gain some benefit, such as opening a bank account, establishing a credit card or applying for a loan. As you can imagine, this can lead to long-term financial and legal difficulties for individuals, especially if the thief defaults on a loan, overdraws a bank account, or accumulates debt on the credit lines without paying it off. Another concern associated with the loss of PII is spearphishing. When groups or individuals know where you work, what you do, where you live, who your supervisor is or other information, they can target you with emails that look legitimate, but are designed to get information from you or access to your computer.

Because this is such a sensitive issue, Congress enacted the Privacy Act of 1974, which details how such information is to be protected by federal agencies. Likewise, Air Force Instruction 33-332, The Air Force Privacy Act Program, outlines specifics of how Airmen are to handle PII. PII can be found in many places, including on recall rosters, alpha rosters, social rosters, performance reports, etc. In accordance with this instruction, sending PII from your military email to a commercial e-mail account (non .mil accounts such as Gmail, Hotmail, Cox, etc.) is not authorized and is a breach of the Privacy Act.

To help protect your PII, cyber professionals in 24 AF are monitoring network traffic outbound from the Air Force Network...and the news is not good. In ACC, the number of PII breaches is on the rise. Each violation requires an investigation, notification of individuals affected and potentially puts one of our Airmen at risk for identity theft or other forms of exploitation.

Be a good wingman . . . don't send PII to non .mil accounts. It's against DOD and Air Force policy. If you have questions on the Privacy Act, including whether something is PII, or how to handle specific cases, contact your Base Privacy Act Monitor.