No precaution and careful management of personal data, passwords and account will fully guarantee us against identity theft: there are many situations in which our data is kept by others and their protection is out of our control: cases of hacker attack to the servers of the major companies or public administrations have occurred in the past and will continue to occur.
It is certainly important to ensure that our exposure to the risk of identity theft is as limited as possible and that we do not offer easy opportunities to identity thieves who would never have the technical skills and organisation to a major hacking operation. It is one thing to leave the door open, another to lock, while recognising that some of the thieves are equipped to open it anyway: in the first case the opportunity of potential intruders greatly expands.
There are systems and nominal fee paying security services, in real life and on the Web: they can be useful, waiting for forms of generalised prevention to put all citizens safe from identity theft.
A necessary reflection should be made on the ease and superficiality with which sometimes we give and spread our personal information or confidential documents, initially perhaps by sharing with a limited circle of friends but then, and through them, with a potentially unlimited number of subjects and actually losing control.
Another important thing: we do not always use due suspicion and a strict precautionary principle when we are contacted by strangers, perhaps by e-mail. The phishing and other forms of fraud exploit and abuse our naivety. Many people have fallen victims of data theft online of their bank account, for example, for responding to e-mails in which, posing as the bank, the fraudster called for the inclusion of data access for alleged needs: the page where the message was obviously not put there by the bank but a fraudulent imitation.
It is therefore appropriate to grant our data only when absolutely necessary and when it is absolutely certain the identity of the persons to whom we bestow our information, taking appropriate precautions and verifying procedures in case of any doubt.