Doxing: A Legal Violation of Privacy
Doxing is the practice of compiling someone’s information from the internet and releasing it to cause harm. In most cases, it is (almost) perfectly legal.
Photo by Christophe Verdier (Flickr)
This article is the first in a two-part series on social media-based cyber crimes.
Anonymity on the internet is a myth. Some household names, as well as average people, are finding that their every move on the internet has been tracked, compiled, and released. “Doxing” is the process of searching the internet for information about someone, and then publishing that information in order to embarrassment or spite the target. Although doxing (often spelled “doxxing”) may seem to be an enormous invasion of privacy, it is perfectly legal.
Imagine commenting on a sports article about a football rivalry. Someone might be angered by your comment because he cheers for the opposite team, so he decides to get revenge via doxing. He might scour the internet for variations of your username to try to gather enough information on you to determine your identity. He might find your Twitter, your Facebook account, and then your LinkedIn. Soon, he is calling your employer to make baseless complaints about you simply because he disagreed with your point of view. It sounds far-fetched, but it happens frequently, and there is very little that can be done about it.
Anything posted on the internet is fair game for others to see. It does not matter if your Twitter account is set to private or your Facebook is limited to only to your family: if you put information out on the internet, you are allowing others to view and use that information. Edward Snowden brought internet privacy to light when he informed the American public that the NSA was spying on our every move on the web. Most of the government spying was purportedly done for national security purposes, but some still became fearful of just how much the government may be on a path to becoming Big Brother.
The government may have advanced methods for data mining, but any teenager with an internet connection and a vendetta can dox someone. Recently, Rolling Stone published an article about an alleged gang rape on the University of Virginia campus, and then apologized for the article, claiming that it was not completely accurate. Angered by what some saw as false rape accusations, some attempted to dox the alleged victim, “Jackie.” On Twitter, journalist Charles C. Johnson issued Jackie an ultimatum: tell the truth or your full name will be released. Jackie’s full name was released, and the doxers went wild. Some pulled information from Jackie’s Facebook account, and then went after Jackie’s mother. Any chance Jackie had at anonymity was completely destroyed. Even though what Johnson did to start the firestorm was not necessarily illegal, it may be borderline unethical.
At some point, doxing does become illegal. When protected information, such as a social security number or a pin code is released, doxing can turn into identity theft. The information might be sold on the deep web, or be posted on a public forum for anyone to use. The police or FBI may then get involved and attempt to track down the source of the leak, which could be difficult depending on the experience of the hacker. Furthermore, if doxing rises to the level of harassment, local police may be able to help. If as a result of the doxing, people are calling or actually approaching their victims in real life, harassment or stalking charges could potentially be filed.
Internet privacy has been an uphill battle, and will continue to get more difficult as multitudes of people flock to social media and conduct everyday business on the web. Although internet law continues to develop, many questions are still left unanswered. Courts should expect to see growing numbers of cases regarding cybercrime in the future.
