How to Protect Your Personal Data from Internet Villains Step-by-Step Guide with Document Samples

🔒 How to Protect Your Personal Data from Internet Villains: Step-by-Step Guide with Document Samples

📌 Introduction
The Internet is a powerful communication tool, but for many, it has become a weapon for harassment and blackmail. Publishing someone’s name, photos, workplace, family details, diplomas, or private correspondence without consent is not freedom of speech — it is a direct violation of the law.

Good news: Russia has a clear legal mechanism that allows you to:

1. Stop the spread of personal data.
2. Force the site administration to delete the information.
3. Hold the perpetrators accountable.

Bad news: Roskomnadzor does not always act immediately — you first need to go through the mandatory step of contacting the site administration. Without this, your complaint will likely be returned.

⚖️ Legal Basis

The main laws that protect you are:

• Federal Law No. 152-FZ of 27.07.2006 “On Personal Data” — the basic law prohibiting the processing of personal data without consent.
• Article 10.1 of FZ-152 — regulates the procedure for withdrawing consent for the dissemination of personal data.
• Administrative Code of the Russian Federation, Art. 13.11 — administrative liability (fines up to 100,000 RUB).
• Civil Code of the Russian Federation, Art. 152.2 — protection of images and personal data in civil proceedings.
• Criminal Code of the Russian Federation, Art. 137 — criminal liability for violating privacy.

🚀 Action Algorithm

Step 1. Document the violation

1. Take screenshots of the page (with date and time).
2. Save an HTML copy of the page (Ctrl+S in your browser).
3. Record the data via a notary or services like web.archive.org — this strengthens your evidence.

Step 2. Send a demand to the site owner
This is a key step. Without a preliminary demand to the operator (site admin), Roskomnadzor will refuse to check — this is explicitly stated in the law and official letters.

What the demand should include:

• Full name, date of birth (provided when sending, but not in the sample).
• Contact information (phone, email, postal address).
• Link to the page with the violation.
• List of illegally processed data.
• Direct demand to stop the dissemination.
• Reference to Part 12, Art. 10.1 of FZ-152 (obligation to delete data within 3 working days).

📄 Universal Sample Demand:

DEMAND
to cease the dissemination of personal data
(in accordance with Part 12, Art. 10.1 of Federal Law No. 152-FZ of 27.07.2006 “On Personal Data”)

From: _______________________
(Full name, phone, e-mail — to be provided when sending)

To the site owner: _______________________
E-mail: _______________________

I demand the immediate cessation of dissemination of my personal data published on the following pages of your website:

🔗 Page link: _______________________

Illegally published data include:

• Full name
• Photographs
• Professional activity details
• Other information that can identify me

This violates Part 1, Art. 9 and Para. 1, Art. 3 of Federal Law No. 152-FZ, as processing and dissemination are carried out without my consent.

In accordance with Part 12, Art. 10.1 FZ-152, you are obliged to cease dissemination, provision, and access to my personal data within three working days from receipt of this demand.

In case of non-compliance, I reserve the right to:

• Contact Roskomnadzor with proof of the violation.
• File a lawsuit to protect my personal data and claim moral damages.
• Demand administrative liability for your company under Art. 13.11 of the Administrative Code.

Attachments:

1. Screenshots of the page with illegal data.
2. Document confirming my identity (with series and number optionally masked).

Date: “_” ____________ 20__
Signature: _______________________

Sending Methods:

• By email to the site owner.
• Via the site’s contact form.
• By registered mail with an inventory of enclosures (to document sending).

Step 3. Wait 3 working days

• If the data are removed — document the result and save correspondence.
• If there is no response — proceed to the next step.

Step 4. Complaint to Roskomnadzor

Once the operator ignores your demand, you have a legal basis for an unscheduled inspection.

📌 In the complaint to RKN:

• Indicate that you sent a demand to the operator, but it was ignored.
• Attach a copy of the demand and proof of sending.
• Add screenshots of the page with the violation.

📍 Online: https://pd.rkn.gov.ru

(Section “Violations”)
📍 By mail: 109992, Moscow, Kitaygorodsky proezd, 7, bld. 2

Step 5. Parallel pressure measures

• Prosecutor’s office — especially if the data are accompanied by defamation or threats.
• Police — if there are criminal elements (defamation, blackmail, Art. 137 CC RF).
• Hosting provider — often reacts faster than the site admin.
• Search engines (Google, Yandex) — you can request removal of links from search results under privacy protection rules.

🔥 Tips to avoid your case being “swept under the rug”

1. Document everything — correspondence, dates, screenshots, delivery receipts.
2. Cite specific laws in complaints and demands — this shows legal preparedness.
3. Use simultaneous pressure — site + hosting + Roskomnadzor + prosecutor.
4. Don’t write “please delete” — write “I DEMAND cessation of processing in accordance with Part 12, Art. 10.1 FZ-152.”
5. If the site is foreign — add a reference to Art. 12 FZ-152 (cross-border data transfer) and demand blocking via Roskomnadzor.

💥 Conclusion

If your personal data end up in the hands of internet villains:

• Do not stay silent.
• Act according to the law.
• Start with a demand to the operator.
• Document violations and send complaints.
• Follow through to the end — up to court and resource blocking.

📢 Remember: a correctly drafted request + evidence = removal of information in 90% of cases. The remaining 10% can be enforced through Roskomnadzor and court.