Not many years ago, in Romania, the internet was perceived by a large share of middle-aged and older adults as an innovation primarily for the young—a space where they played games and communicated electronically.

Today, however, the digital landscape has changed significantly. The internet is no longer the preserve of younger generations; it has become ubiquitous and accessible to people of all ages. From children to the elderly, anyone can now navigate the online world using digital devices.

Access to the internet is no longer seen as an expensive luxury available only to a limited segment of the population. It has become a daily resource, regardless of age or social status. Retirees receive notifications when their pensions are deposited into their accounts, while children are alerted through electronic messages when they have homework to complete.

But like any major innovation, the internet comes with its own set of challenges. Like any powerful tool, it can be used for both constructive and destructive purposes. In this new digital context, online security has become a critical concern.

In this article, we approach online security from a practical perspective. We will look at the steps we can take to protect ourselves in an ever-evolving digital world. By understanding the risks and applying appropriate measures, we take an important step toward using the internet safely and responsibly.

What is personal data, and why does it matter?

The concept of personal data can be divided into two distinct categories: information we provide consciously and voluntarily, and information we share implicitly, without intending to do so.

The data we provide voluntarily includes the information we submit to various social media platforms (Facebook, Instagram, TikTok, forums, and others).

When we register to create an account, these platforms request different types of personal information, such as our first and last name, date of birth, and so on.

Some of this data is necessary to identify us to other users and to ensure our uniqueness on the platform. Most social media platforms make significant efforts to combat bots and fake accounts, which is why it is essential for them to verify that each user is authentic. 

The rest of the information we provide—such as our age, location, or gender—is used by these platforms to personalise friend suggestions, video content, and pages that might interest us. This data is also used to display advertisements for products we are likely to want.

On the other hand, there is data we provide involuntarily (implicitly). This type of information is not intentionally shared, but it can be collected from our online activity. For example, platforms can track which pages we like, who we interact with, and what other websites we visit, thereby building a detailed profile that reflects our interests. These profiles help platforms deliver content and advertisements more effectively.

It is important to understand that these profiles are often more precise than we might assume. For instance, you may never have explicitly stated that you are a football fan, yet based on your searches and online behaviour, sophisticated algorithms can determine not only that you enjoy football, but even which team you support.

It is often said that if a service is free, then you are the product. In the case of social media, this is entirely true. Companies looking to promote their products can target their audience with remarkable accuracy, significantly increasing their chances of generating sales.

At times, this level of personalisation can be beneficial—who wouldn’t want to be informed about a product they might like? However, there is also a downside. What happens when the manipulation of this data becomes a political tool, shaping the news we see and how we perceive different candidates? This is not a conspiracy theory, but a documented reality, illustrated by the Cambridge Analytica–Facebook scandal, in which the data of tens of millions of users was used to influence election outcomes.

What steps can we take to protect our personal information?

We do not always have control over the platforms that use our data, but we can decide what type of information we choose to share. At the same time, we cannot guarantee that a website we use will never be compromised or that our data will not end up in the wrong hands. These “wrong hands” often refer to the “dark web,” a hidden part of the internet where illegal transactions take place, including the trade of personal data.

So how can we protect ourselves? Here are a few basic recommendations:

  • Use an up-to-date antivirus program. It helps protect you from potentially dangerous files and websites you may not recognise. Windows already comes with a built-in solution (Microsoft Defender Antivirus), which is sufficient for most users. For MacBook users, antivirus software is generally not necessary. However, for added security, you can use tools such as Avira Free Security or AVG AntiVirus Free.
  • When you receive an email containing links or attachments, carefully check the sender’s address.
  • Be cautious with the links you click on. You should recognise the URL (website address), and any link you follow should begin with “https” or display a padlock symbol at the start of the address in your browser.
  • If an email includes an archive file as an attachment, it should not prompt you to install a program.
  • Never share your card details via email or through messages on social media.
  • When using public internet networks (for example, in cafés or hotels), avoid entering card details or other sensitive information, even if the website you are using appears trustworthy.
  • Do not leave your devices unattended or without a password.

But how can we protect our username, email address, and password?

  • https://haveibeenpwned.com – This website allows you to check whether your email address has been compromised. Simply enter your email address to find out if it has been involved in a data breach. If it has, there is no need to panic, but you should change your password to a unique one.
  • Dashlane, LastPass, 1Password – How can you use unique passwords across all websites without forgetting them? Password managers are applications that can be installed as browser extensions (Edge, Safari, Chrome, Firefox, etc.) and as mobile apps. They store and protect all your passwords using a single master password. It is essential to remember this master password, as it cannot be reset.
  • Browser password manager (Edge, Safari, Chrome, Firefox, etc.) – When you enter a password, your browser will usually ask whether you want to save it. Most browsers can now also suggest strong, unique passwords. While these are not the most secure password management solutions, they are a step forward and are free to use.
  • Multi-factor authentication (MFA) – An effective method of protection. This process uses your phone or another device to confirm your identity on a website. Authentication can be carried out via SMS, phone call, or a third-party authentication app. In practice, when you log in to a site, it will send you a code via SMS, which you then enter on the website.

You might be wondering why it is important to use unique passwords. The main reason is that if one site is compromised, your password cannot be used on other sites. If you have a card saved on a website that uses the same password, a third party could make purchases in your name or use the information obtained to steal your identity.

Even if you use unique passwords, they can still be compromised if they are weak. For a password to be considered strong, it should meet the following criteria:

  •         be at least 12 characters long;
  •         include a combination of uppercase letters, lowercase letters, numbers, and symbols;
  •         not contain dictionary words or easily recognisable names.

What should you do if you become a victim of online fraud?

If you find yourself in a situation where your identity has been stolen or you have been defrauded, you should contact the nearest police station. If you suspect that someone is using your card fraudulently, you must contact your bank immediately to block the card. You can also file a complaint with the European Anti-Fraud Office at https://fns.olaf.europa.eu/main_ro.htm.

But what are our digital rights, and what should we know about data protection laws? You have probably heard of GDPR—but do you know what it is? The General Data Protection Regulation is designed to protect personal data and clearly define how it can be processed. These regulations apply across the European Union, while the United States has a similar framework known as the CCPA.

Any entity that processes or stores personal or sensitive data must comply with these laws. In practical terms, GDPR allows us, for example, to request that our data be deleted from any website, company, or organisation.

The purpose of this article is not to instill fear, but rather to raise awareness about some of the risks present in the online environment and to inform you about the solutions available. Any additional measure you take beyond what you already do increases your level of online security. It may be difficult to implement all these recommendations at once, but it is easy to proceed step by step and remain vigilant.

Radu Anastase aims to deepen readers’ understanding of the dangers of the internet by equipping users with the necessary tools for protection.

Brimstone Creative