PERSEC stands for Personal Security. Originated alongside OPSEC in the US military as the practice of protecting personal information about service members and their families that adversaries could exploit for targeting, recruitment, harassment, or harm. The civilian usage extends to anyone whose personal life intersects with a public role: journalists, prosecutors, judges, executives, advocates, public figures.
What it means in practice
PERSEC is the OPSEC subset that covers your name, address, family, daily routine, vehicle, schedule, social media presence, and the ambient public footprint a stranger could reconstruct from a $20 search. The 1980s framework focused on what to write on a postcard from the field; the 2026 framework focuses on what data brokers, social platforms, license plate readers, and smart home networks can correlate without your knowledge. PERSEC failures rarely look like data breaches. They look like a domestic-violence survivor whose new address surfaced on Spokeo within three months of moving, a journalist whose source was identified because a coffee-shop check-in placed them in the same place at the same time, a prosecutor whose home was found by an organized crime defendant via a property-records search.
Where it shows up
Most acute for: military families during deployment (Strava heatmaps, FB tagging, school photos), domestic-violence survivors leaving an abusive household (Apple Family Sharing residue, shared cloud accounts, smart-home access not revoked), public-facing professionals after a threatening incident (judges, prosecutors, ATF agents, abortion providers), and high-net-worth individuals whose family becomes a kidnapping or extortion target. The PERSEC playbook overlaps with data-broker removal, social media hygiene, vehicle registration privacy, and the operational discipline of not posting from where you are while you are there.
What you can change today
Run your own name through Spokeo, Whitepages, BeenVerified, and Intelius from a clean browser session and screenshot what surfaces. That baseline shows what an attacker with $20 sees. Then audit social media: what does a stranger learn about your home, your kids’ school, your gym schedule, your vacation calendar from your last 30 posts and your tagged photos. Last, the often-missed step: ask a friend to do the same audit on you and report what they found, because you will miss the things you have stopped noticing about your own posting.
