< Back to listing

Posted 10 septembre 2020

Between the ages of 7 and 77, the perception of “cyber-security” may differ from one generation to the next. Whether you are a Xennial,[1] a Millenial,[2] a gen-Z[3] or an Alpha,[4] your awareness of data protection issues, your consumption of social media and your online behavior vary, putting you more or less at risk. A few precautions, most of them simple in practice will enable you to avoid having your personal and professional data being exploited or sold for profit. Deciphering the risks involved…


Millennials are missing out on cyber-security

While Millenials appear to be experts in social media management, their level of knowledge of cyber-risks does not follow the same trend. According to a survey conducted by Specops,[5] Millenials are considered to be the most “ignorant”[6] when it comes to cyber-security. This is a cautionary observation considering they will account for 75 %[7] of the world’s working population by 2025. The study focused particularly on their level of knowledge in the field of IT security: firewall (82% of respondents don’t know this word), malware (76%), phishing (67%), VPN (73%). As CESIN’s Corporate Cyber Security Barometer[8] reminds us, these attacks are considered to be the most prevalent in organizations.

An ultra-connected generation that can quickly become a prime target for hackers. It should be noted that 67% of Millenials have already been hacked, and for those who were lucky enough to notice, 61% did not know how to deal with it, worse, 73% did not change their behavior afterwards! This is a risk not to be ruled out for CIOs and CISOs who must constantly ensure the security of their organization’s data in all circumstances and for all audiences. Faced with this observation, it is essential to define and secure new practices arising from new working methods, such as BYOD (Bring Your Own Device) among others, which jeopardizes the security of professional data hosted in these devices.


Is our personal and professional information shared on social media really private?

We produce data all the time and everywhere! In order to provide all the services for which mobile applications were designed, some of them may collect personal data from their users upon registration. Personal data is defined as “any information that directly identifies a person”. Information related to age, behavior, location and interest should normally be subject to a significant legislative framework to ensure the privacy of Internet users. However, as we know that Facebook can collect and exploit, directly or indirectly, data on more than 2.6 billion users,[9] the notion of privacy becomes blurred.

Have you ever tried to find out what kind of information your applications store about you? If you haven’t been curious, take a look at all your data saved on Google Maps, for example. If you want to find your way back to your vacation in France in 2015, Google will give you the exact address again, without any memory problems!

But Google is not alone in gathering our data with so much detail and history, other well-known consumer applications are full of valuable personal information that can be misused against non-savy internet users. True People Search has recently published an infographics listing all of the data collected by these applications. Did you know that LinkedIn knows your name, first name, age, phone number, calendar of events, visited websites, photos uploaded, videos watched and a lot more? On a more personal matter, TikTok also collects information from your address book, with your permission! The most interesting part of all this is the compilation of all our data collected by every application in order to know us better than we do.


What are the risks associated with publishing content on social media?

Whether it is Google, Uber Eats, Facebook or LinkedIn, none of these applications are exempt from the GDPR, introduced in May 2018, which governs the collection and processing of personal data on European territory. Data that can arouse the interest of hackers. Data leaks now account for 55%[10] of malicious attacks. In August 2020, Comparitech security researchers discovered that cyber-criminals were selling personal data from more than 235 million Instagram, TikTok and YouTube users on the Dark Web. This massive leak is apparently linked to an “unsecured database”! To reassure European leaders, TikTok has announced the opening of its first datacenter in Ireland, operational by 2022. With 1.5 billion users, TikTok guarantees that “as soon as this new datacenter is operational, European user data will be stored there”.[11]

From a user perspective, the danger lies with content published online (photos, videos, personal information…) that can be exploited against your will. If you thought you were the sole owner of your image rights on Instagram, think again. Indicated clearly in their TOS, the platform grants itself the right to a license to use your content (user name, profile picture, actions related to accounts…). Similarly, if you wanted to delete specific photos or posts on Facebook, you will be forced to permanently delete your account so that this data published on your profile is removed from the platform and Facebook servers.

But there are other risks for users which may be related to:

  • Identity theft due to the items we share
  • Theft of images published online
  • Cyber-bullying
  • Damage to one’s e-reputation
  • Prosecution for publishing information about third parties without prior consent
  • Burglaries made possible through information about your home and your movements outside your home


What are the cyber-behaviors you should adopt on social media to protect your data?

6 simple steps to control and protect your data on social media:

  • Control and limit content and information shared in your profiles (photos, location, contacts…)
  • Only fill in the required fields when registering.[12] Registration forms have many optional fields and sometimes ask for sensitive information.
  • Authorize access to your microphone, camera, contact list, and location, only if necessary for the application’s use.
  • Use pseudonyms when registering your accounts and a non-nominative address. Your personal data will be less compromised in the event of a data leak.[13]
  • Find out about the privacy policies of each social media.
  • Empty your internet cache to delete your history.


Everybody should be aware of the importance and confidentiality of digital identities. From the work environment to the personal environment, risks are measurable and unfortunately, without precaution, no one can protect themselves from them. The evolution of our digital usage should make us more responsible about the type of information disclosed. A commitment that is entirely up to us.


[1]Xennials (or Generation X) refer to people born between 1977 and 1983.

[2]Millenials (or Generation Y) refer to people born between 1984 and 1996.

[3]Generation Z refers to people born between 1997 and 2010.

[4]Alpha refers to people born between 2010 and 2025.

[5] https://specopssoft.com/blog/tech-savvy-millennials-how-many-tech-terms-do-they-know/

[6] https://www.lemondeinformatique.fr/actualites/lire-les-millenials-ont-une-faible-culture-de-la-cybersecurite-79200.html

[7] Source: INSEE

[8] https://www.cesin.fr/uploads/files/BJ20433%20-%20Barom%C3%A8tre%20du%20CESIN%20vague%205%20-Vdef.pdf

[9] https://policyreview.info/articles/analysis/what-if-facebook-goes-down-ethical-and-legal-considerations-demise-big-tech

[10]“Cost of a data breach,” IBM, August 2020

[11] https://www.zdnet.fr/actualites/tiktok-annonce-la-construction-de-son-premier-data-center-en-europe-39907847.htm

[12] https://www.cnil.fr/fr/4-reflexes-pour-mieux-proteger-votre-identite-en-ligne

[13] https://www.cnil.fr/fr/4-reflexes-pour-mieux-proteger-votre-identite-en-ligne