I remember back when I was a venture capitalist, this company Fortalice, which I know you're familiar with, was raising money and they offered to run some reports on people in the investing group to show off their product. And they ran this report and I was like, "Wow." It's not that I didn't know there was information about me online, right?

There's family tree websites, there's white page websites, there's my social media. But when someone pulls all that information together into one place, and you see a list of every address you've ever lived at, every job you've had, all of your phone numbers, all of your email addresses, and then the exact same set of information for your spouse, your siblings, your parents, and they put it all together, you're just a little bit taken aback.

And it made me think, "Gosh, should I be getting rid of this?" Is there a way that consumers can just get a lot of this information off the internet? Or what goes into trying to mitigate this risk and minimize the risk in getting stuff taken away? Well, I could give you my favorite George Carlin line, which it's a mystery, but the truth is that there are things that can be done, but it is a long and arduous and time consuming process, because you literally have to go from data broker to data broker, and there are procedures you can use, and each one explains it to you.

And of course, the CFPB, Consumer Financial Protection Bureau, has advice on exactly how to do all of that. But just like when LifeLock started, and someone said, "Well, isn't it true that a lot of this stuff people can do themselves?" And the answer, which I thought was a very interesting answer, and I've been a fan of LifeLock, is they said, "Well, sure, you can also change your own oil, and if you want, you could maybe even change your own muffler.

Do you want to?" So it really has to do with how much time you're willing to dedicate to it. Some people, it's a crusade, and they will do it because they don't want to pay anyone else to do it, and they will do it. Others will find companies like reputation.com, which is where they will work to get negative information about you offline, or companies like Abine, where they will work with you to actually delete information from the online world.

And now that there is a right to forget in the GDPR, which is the General Data Protection Regulation in Europe, and it's incorporated to some extent in the California Consumer Protection Act, and it is hoped that maybe it will be also incorporated in the American Data Protection Act, which is kind of wending its way through Congress, assuming it can actually find its way through Congress, which is very difficult for us.

As we've seen in the past years, it's very difficult for stuff to get through Congress with all the interests involved, but it still is a process. Now, you can contact Google, for instance, and ask them to remove certain information about you, which they're willing to do, but it's a process.

And even if, you know, this is just like with a credit report, when people would go to credit repair companies, and some of them are good, and some of them are really, really not good, and they would say, "Okay, we will get this information off," and they do, but unfortunately, it was legitimate information, and as a result, when the particular subscribing retailer does an update, the information finds itself back onto your credit report again.

So, you know, think of all of the millions of websites that are out there, and how, unfortunately, over the years, there's been this wholesale sharing of information, or selling information, or lending information, depending upon what the relationship was between these organizations, and it's going to be out there. And yeah, can you get it off, maybe, for a period of time?

Can you get it everywhere? It may take you forever to find out where everywhere is, and there's a new part of everywhere that shows up every day. So that's why you have to say to yourself, "Look, the world I live in, it's a surveillance economy." It just is. We are surrounded by billions of Internet of Things devices, tracking, listening, sending data back to manufacturers, data then being shared, that information also being hacked by hackers.

So that's why you need to really consider the three Ms, and among the things you should be doing, assuming that your data is out there, even despite your best efforts to get it off the online world, is everything from long and strong passwords, not shared among websites or password managers, using two-factor authentication, which makes it, again, more difficult for someone to represent that they are you, because they do have to go through that extra layer of whether a code is sent to a cell phone or you use biotech, not biotech, but you're using thumbprints, eye scans, depending upon the particular device you're using.

I'm a particular fan of thumbprints. They also, multi-factor authentication, can involve voice prints. Of course, the issue is what if, God forbid, someone steals a database of a company where they have your voice prints, that could be a problem too, but again, any layer of additional authentication you can add is important.

It also means you don't click on every link you see. You don't open every attachment, even if you think it's coming from someone you know. I mean, a perfect example, it's a buzzkill, but anytime I get an e-card from someone, the first thing I do is I call that person and say, "I know this is a buzzkill, but did you just send...

You don't have to tell me what it says. I'll go do it, provided you confirm you really did it," but again, with the malware that's out there and the ransomware attacks that are going on, you always run the risk that someone you know receives something that they opened that they thought was hysterically funny and terrific, and they're sending it to you, but they didn't realize that it had malware on it, and all they've done is they've shared the love and the hack with you, so you do run that risk.

That's why it's really important to be very careful where you click, what you open. That means, as we talked about earlier, you lie like a superhero when you're sending up questions and answers. That means that you freeze your credit, which is, as we talked about, is free and you can do it.

That means that even the humble shredder, and I don't mean a ribbon-cut shredder because for those of us who saw Argo, as an example, what happens is you can get kids or people hopped up on drugs who will sit there and meticulously tape back up things that have been cut by a ribbon-cut shredder.

That's why you need a confetti-cut shredder or a cross-cut shredder, which turns this into little useless pieces of confetti that no one can put back together again. These are some of the things that you need to think about doing, or as we also talked about earlier, that's where the third M comes in and it's so important, and that is to contact your insurance agent, your financial services rep, or the HR department where you work and say, "If I become a victim of an identity incident or if I'm worried about it or I find out that an organization that I've had a relationship with has been hacked, are you going to help me through the incident?" And that's where it's really important.

And a lot of these programs are free, deeply discounted, and worth you signing up for. I'll share a couple others that I've learned in the past, I don't know how many years, but some I've employed, some I plan to. I actually have multiple email addresses. So I have an email address that I just used for financial institutions.

I have never shared that email with anyone. Only financial institutions know it. I've been recommended, though I haven't, to use a separate one for social media profiles. Yes. That was another recommendation, is to just have different email addresses. Look, if you don't have a password manager, I can only imagine how hard that is.

So we're going to go back to your original recommendation, which is everyone needs a password manager. Everyone should be using two-factor authentication everywhere they can. Well, yeah. And you can use Google Authenticator. You can use some of the more, the hardware-oriented. When we talked earlier, you had mentioned one of them when we talked prior to that.

Yeah. I'm a fan of all of my two-factor being one-time passwords that you can put in Google Authenticator or Authy or even 1Password, though I had historically been putting all of my one-time passwords in 1Password. I am now realizing, as convenient as it is for them to copy and paste them, the fact that I'm storing my password in the exact same place I'm storing my two-factor auth inherently makes it no longer two-factor because they're in the same place.

So that's... That's like 1A factor. Yeah. So it's, yeah, I got two types of single factor. So I'll probably actually be changing that.