Call +1.866.888.6893 or email us PageFreezer Facebook PageFreezer Twitter PageFreezer Pinterest PageFreezer Google plus PageFreezer Linkedin

Doxxing and What You Can Legally Do About It

It came as no surprise that Twitter CEO’s had admitted that the company “sucks at dealing with abuse and trolls on the platform, and we’ve sucked at it for years” in a leaked internal memo. Admitting their failures in dealing with harassment and abuse, it’s a slow reaction to the all too common occurrence of abusive tweeting, Trolling and Cyberbullying people encounter via the platform.The ease with which people can be intimidated and humiliated online has lead to certain “trends” and mass attacks on individuals – such as the recent onslaught of doxxing in what’s been known as #Gamergate. For those unfamiliar with the term, doxxing or doxing (“dropping box”) is traditionally the online practice of researching and broadcasting personally identifiable information about an individual.Related to cyber vigilantism, Hacktivism and cyber bullying, it involves searching publicly available databases and social media websites, hacking and using the information found for a variety of purposes.

Social media platforms provide high levels of self disclosure but low levels of security

It’s no surprise with the mass amount of information available on the internet and the instant communication resources of social media, that finding, harvesting, distributing and exploiting this personal information is becoming easier, faster and unfortunately more common.
But with these advances providing for negative antics, blurred lines are also beginning to appear within the concept. Typically cyber hacktivism, with examples of abusive and threatening acts, it has undergone a non-pejorative interpretation by journalists, with the New York Times stating “doxxing is the new name for reporting”.
This is after the mixed reactions to Newsweek’s Leah McGrath’s investigative report revealing Satoshi Nakamoto as the supposed creator of Bitcoin– by utilising information found on the internet.
As The Economist asks; “Was it tenacious reporting or needless exposure – good doxxing or bad?”
Journalistic ethics aside, other examples of this “vigilante justice” has also occurred to aid law enforcement, business analysis, extortion, coercion and more.
The group Anonymous brought the term mainstream in the early 2000s. Activists and Hacktivists that describe themselves as an “internet gathering” with “a very loose and decentralized command structure that operates on ideas rather than directives” are infamous for their well-publicized publicity stunts DDoS attacks on government, religious, and corporate websites.
Their choice of “attacks” vary from Government agencies (supporting WikiLeaks), child pornography sites, the Westboro Baptist Church and many more and encouraged other groups such as LulzSec and Operation AntiSec. Named as one “100 most influential people” by Time in 2012, their use of doxxing has named them both “digital Robin Hoods” and “cyber terrorists”.
Recently, acts of doxxing connected to the group met mixed reactions from the public, media and authorities alike, as in the wake of the fatal shooting of teenager Michael Brown, members of Anonymous tweeted what they claimed to be the identity of the police officer responsible. Authorities claimed they had the wrong person and Twitter subsequently suspended the Twitter account.

Declaring Cyber War

Anonymous subsequently “declared cyber war” on the Ku Klux Klan (KKK) after the group made death threat in the wake of the “Ferguson riots”. The group hacked the KKK’s Twitter account, attacked servers hosting KKK and started to release personal information about the identity of members.
#Gamergate has brought the concept of doxxing, its negative connotations and potential for damage and harassment back into the media in the last 12 months, with the viral attacks and sexist harassment of female video gamers on social media platforms such as Twitter and Reddit. Social media and video game press are ignoring internet ethics and following a distinctive sexist attitude within the gaming industry and journalism and engaging in mass-attacks of humiliation.
A strong backlash against this form of online behaviour has spurred projects such as Crash Override by victim Zoe Quinn and Alex Lifschitz.  to support and advise victims of doxxing, but a need to monitor and report these cyberbullies is most definitely needed.

In the case of Christopher Chaney, he took information available from the internet, hacked into a number of celebrities personal online accounts, distributing content – and was subsequently jailed for 10 years – pleading guilty to nine felony counts including identity theft, wiretapping and unauthorised access and damage to a protected computer.

Whether out of activism, reporting, boredom or spite – doxxing is an internet downfall everyone should be aware with a strong stigma and uncertainty attached. Even as recently as November 2014, an Uber executive suggested employing doxxing techniques for the public smearing of critics, and plans to spend “a million dollars” to hire opposition researchers and journalists to investigate members of the press, to go after “[your]” personal lives, your families.”

Security on the internet is a trade off between safety and functionality

Doxxing is, technically, legal if you are only finding and sharing publically available information. The illegal element comes to light when you “stalk” someone via social media , threaten, harass, steal someone’s identity, infiltrate e-mails or attempt to publicly defame them. Hackers support this when done within “ethical standards”. But quite a subjective set of ethics seems to apply.

The defamation case of Internet Brands v. Jape explored the liability of a UGC website in this activity, as this is the forum where a lot of “typical” doxxing originates from. Taking note of a previous decision (bad Jones v. thedirty opinion), the court examined § 230 of the Communications Decency Act. § 230 of the CDA
“precludes plaintiffs from holding interactive computer service providers liable for the publication of information created and developed by others.  And, in that case, it recognized (like all other courts before it) that § 230 protection is broad.”
Therefore no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider, making it extremely hard to create a liability for this behaviour, with Internet Brands v. Jape arguably erring in law. The test is not whether the objectionable content was “endorsed,” but instead whether the content was “independently created or developed by third-party users”, which is rarely disputed.

47 USCS § 230 (a) provides for the protection for private blocking and screening of offensive material.  Congress also declared that the “policy of the United States” is to, among other things:

  • Promote the continued development of the Internet and other interactive computer services and other interactive media,
  • Preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation,
  • Encourage the development of technologies which maximize user control over what information is received by individuals, families, and schools who use the Internet and other interactive computer services.

Whilst the act of doxxing is not technically illegal – harassment, defamation, identity theft, fraud and many more crimes exist by extension of this and so hackers, cyber-terrorists and cyber-bullies should be held accountable for. Yet as many of these attacks take place on websites and social media and courts are reluctant to accept mere printouts as this data is easily edited, deleted or falsely created, people engaging in litigation and eDiscovery of this content need a strong eDiscovery tool to capture, store and monitor this abuse and to present it as admissible evidence in court.

Tags: #Doxxing #Doxing #SocialMedia #CyberCrime #Gamergate #Hacktivism #CommunicationsDecencyAct #eGovernance #CyberSecurity #Exploitation #CrashOverride

WebPreserver is an easy-to-use browser-based tool that captures posts like incriminating Facebook admissions, credibility destroying tweets etc. and preserves them with “evidentiary quality” for use in prosecution, litigation or administrative proceedings.

#Gamergate and the downfall of Social Media Cybersecurity

Doxxing Urban Definition

Scholarly Articles: Doxxing