Doxxing and What You Can Legally Do About It
It came as no surprise that Twitter CEO’s had admitted that the company “sucks at dealing with abuse and trolls on the platform, and we’ve sucked at it for years” in a leaked internal memo. Admitting their failures in dealing with harassment and abuse, it’s a slow reaction to the all too common occurrence of abusive tweeting, Trolling and Cyberbullying people encounter via the platform.The ease with which people can be intimidated and humiliated online has lead to certain “trends” and mass attacks on individuals – such as the recent onslaught of doxxing in what’s been known as #Gamergate.
For those unfamiliar with the term, doxxing or doxing (“dropping box”) is traditionally the online practice of researching and broadcasting personally identifiable information about an individual.Related to cyber vigilantism, Hacktivism and cyber bullying, it involves searching publicly available databases and social media websites, hacking and using the information found for a variety of purposes.
Social media platforms provide high levels of self disclosure but low levels of security
It’s no surprise with the mass amount of information available on the internet and the instant communication resources of social media, that finding, harvesting, distributing and exploiting this personal information is becoming easier, faster and unfortunately more common.
But with these advances providing for negative antics, blurred lines are also beginning to appear within the concept. Typically cyber hacktivism, with examples of abusive and threatening acts, it has undergone a non-pejorative interpretation by journalists, with the New York Times stating “doxxing is the new name for reporting”.
This is after the mixed reactions to Newsweek’s Leah McGrath’s investigative report revealing Satoshi Nakamoto as the supposed creator of Bitcoin– by utilising information found on the internet.
As The Economist asks; “Was it tenacious reporting or needless exposure – good doxxing or bad?”
Journalistic ethics aside, other examples of this “vigilante justice” has also occurred to aid law enforcement, business analysis, extortion, coercion and more.
The group Anonymous brought the term mainstream in the early 2000s. Activists and Hacktivists that describe themselves as an “internet gathering” with “a very loose and decentralized command structure that operates on ideas rather than directives” are infamous for their well-publicized publicity stunts DDoS attacks on government, religious, and corporate websites.
Their choice of “attacks” vary from Government agencies (supporting WikiLeaks), child pornography sites, the Westboro Baptist Church and many more and encouraged other groups such as LulzSec and Operation AntiSec. Named as one “100 most influential people” by Time in 2012, their use of doxxing has named them both “digital Robin Hoods” and “cyber terrorists”.
Recently, acts of doxxing connected to the group met mixed reactions from the public, media and authorities alike, as in the wake of the fatal shooting of teenager Michael Brown, members of Anonymous tweeted what they claimed to be the identity of the police officer responsible. Authorities claimed they had the wrong person and Twitter subsequently suspended the Twitter account.
Declaring Cyber War
Anonymous subsequently “declared cyber war” on the Ku Klux Klan (KKK) after the group made death threat in the wake of the “Ferguson riots”. The group hacked the KKK’s Twitter account, attacked servers hosting KKK and started to release personal information about the identity of members.
#Gamergate has brought the concept of doxxing, its negative connotations and potential for damage and harassment back into the media in the last 12 months, with the viral attacks and sexist harassment of female video gamers on social media platforms such as Twitter and Reddit. Social media and video game press are ignoring internet ethics and following a distinctive sexist attitude within the gaming industry and journalism and engaging in mass-attacks of humiliation.
A strong backlash against this form of online behaviour has spurred projects such as Crash Override by victim Zoe Quinn and Alex Lifschitz. to support and advise victims of doxxing, but a need to monitor and report these cyberbullies is most definitely needed.
In the case of Christopher Chaney, he took information available from the internet, hacked into a number of celebrities personal online accounts, distributing content – and was subsequently jailed for 10 years – pleading guilty to nine felony counts including identity theft, wiretapping and unauthorised access and damage to a protected computer.
Whether out of activism, reporting, boredom or spite – doxxing is an internet downfall everyone should be aware with a strong stigma and uncertainty attached. Even as recently as November 2014, an Uber executive suggested employing doxxing techniques for the public smearing of critics, and plans to spend “a million dollars” to hire opposition researchers and journalists to investigate members of the press, to go after “[your]” personal lives, your families.”
Security on the internet is a trade off between safety and functionality
Doxxing is, technically, legal if you are only finding and sharing publically available information. The illegal element comes to light when you “stalk” someone via social media , threaten, harass, steal someone’s identity, infiltrate e-mails or attempt to publicly defame them. Hackers support this when done within “ethical standards”. But quite a subjective set of ethics seems to apply.
47 USCS § 230 (a) provides for the protection for private blocking and screening of offensive material. Congress also declared that the “policy of the United States” is to, among other things:
- Promote the continued development of the Internet and other interactive computer services and other interactive media,
- Preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation,
- Encourage the development of technologies which maximize user control over what information is received by individuals, families, and schools who use the Internet and other interactive computer services.
Whilst the act of doxxing is not technically illegal – harassment, defamation, identity theft, fraud and many more crimes exist by extension of this and so hackers, cyber-terrorists and cyber-bullies should be held accountable for. Yet as many of these attacks take place on websites and social media and courts are reluctant to accept mere printouts as this data is easily edited, deleted or falsely created, people engaging in litigation and eDiscovery of this content need a strong eDiscovery tool to capture, store and monitor this abuse and to present it as admissible evidence in court.
Tags: #Doxxing #Doxing #SocialMedia #CyberCrime #Gamergate #Hacktivism #CommunicationsDecencyAct #eGovernance #CyberSecurity #Exploitation #CrashOverride
WebPreserver is an innovative, archiving resource for litigators, legal enforcement officials and digital forensic experts. With the installation of a simple plugin you can capture snapshots of content from websites, blogs and social media. Keep these snapshots in our cloud or download when you need them. All content is authenticated for use as evidence in litigation by a secure time stamp and e-signature.
How WebPreserver can be of use to your firm.
WebPreserver provides a tool for both sides of litigation to preserve evidence to support and protect (future or current) cases and to archive content in the likelihood of edits, tampering or deletion.
This technology takes the onerous, costly responsibility out of monitoring and social media content as part of eDiscovery proceedings, whilst also enabling you with the additional ability to store, organize and share files securely with clients and colleagues.