How Doxing Continues to Be a Threat to Online Privacy

Gavin Phillips 28-11-2016

Are you a privacy pusher? Or a serial social sharer? Privacy remains an extremely important focus for many internet users. Understandably. The level of internet education continues to rise. As such, internet users appreciate exactly how their actions are tracked, monitored, and recorded. That said, there are still a majority that either do not understand at all, or understand and choose to ignore the privacy implications.


One major implication of a disregard for privacy is finding your “real life” persona compromised online. This is known as “doxing” and can be an extremely painful experience. No-one is secure from doxing. The threads of information we leave all over the internet can Online Harassment Is Your Fault; Here's How To Fix It What happens to harassment victims who aren't good at interacting with the press, or do or say unpopular things? Read More , for the most part, be easily traced back to us. Phone numbers, email addresses, names, home addresses — you name it, and someone will be able to link it back to you.

Let’s take a look at this privacy violating term, and see what you can do about stopping it dead.

What’s a Dox?

The Oxford Dictionary defines a dox as:

[informal]: Search for and publish private or identifying information about (a particular individual) on the internet, typically with malicious intent:

‘hackers and online vigilantes routinely dox both public and private figures’

The Oxford Dictionary is spot on, as you would expect. Doxing (also written as doxxing) is the process of obtaining or deducing information about a person What Is Doxing & How Does It Affect Your Privacy? [MakeUseOf Explains] Internet privacy is a huge deal. One of the stated perks of the Internet is that you can remain anonymous behind your monitor as you browse, chat, and do whatever it is that you do.... Read More based upon a limited set of initial information. In other words, doxing is the process of snooping around the internet for someone’s personal information.

Doxing takes several forms, but most commonly involves taking a piece of information (e.g. an email address) and matching it to someone’s identity. Furthermore, doxing is used for different reasons. For instance, someone might be doxed for their political affiliation, or for an alleged wrongdoing — rightly or wrongly. Regrettably, doxing is usually a negative experience and, in some cases, has life-changing results.


More Than Privacy

Some people contend that doxing is the process of making private information public. This is vastly over-simplified, and doesn’t acknowledge the victim. Information shared online is easily dredged back-up and used against someone. It also provides ammunition to the classic doxing defence: “it was already online.”

This is how doxing has evolved. It is no longer difficult to find private information online. The vast majority of internet users make use of some form of social media (some 2.3 billion social media users. There are more than 3.2 billion internet users) and as such, post identifying information. Be that their real name, their location, their phone number, or anything else, it is a potential identifier.

The problem isn’t necessarily the information. It is how that information will be used. Furthermore, it is the intent behind sharing that information. Sociologist Katherine Cross explains:

Doxing elevates one record above the vast, indistinct catalogues of the internet and paints a bullseye on it. When you dox someone, you’re aggregating specific data from that sea of data points and putting it right in front of a hostile audience predisposed to hate the person in question.

Even if the info is, by some liberal definition, “publicly available” it is the act of elevating and organising it before a hostile crowd that completes the gesture of doxing someone.

Doxing is a loaded, weaponized action that is used to negatively impact a victim. In terms of an attack, it is an unnerving prospect. Once unleashed, the internet masses can be relentless, unabating, and disgustingly graphic in their torment.


Doxing is about power and control.

There Ought to Be Law

Let’s explore a simple question: Is doxing illegal?

In word, no. Doxing itself isn’t illegal. However, this depends on the type of personal data exposed and who is doxed.


For instance, if private information is disclosed that wasn’t previously available in the public sphere (private facts known by small groups of other private friends do not count), this could be considered a breach of privacy. There might be a civil case, depending on the severity of the intrusion, but it certainly wouldn’t be considered criminal. At least not straight away.

If the information was previously available and incites hatred, direct threats of violence, or other abusive behaviour, then it may become criminal. Similarly, if the information results in “swatting” — calling in a hoax situation that requires a SWAT team — it immediately becomes a federal crime.

Penalties for the latter are understandably increasing. In May, 2015, a 17-year-old hacker pleaded guilty to 23 charges of extortion, public mischief, false police reports, and criminal harassment. The teen utilized swatting against “mostly young female gamers” who had resisted his advances, tormenting the young women and their families in premeditated revenge actions. Other swatting incidents are easy to find.

Swatting illustrates the escalation of a doxing incident, and where the line between sharing public information and law enforcement intervention lies.


Difference Defined

Swatting aside, the line of definition is narrowing. Doxing is increasingly regarded as a form of stalking in the United States. As such, law enforcement use stalking as the foundation of the legal structure and terminology in doxing cases.

Revealing a “name” per se’ may, or may not be considered “Doxing” depending on the level of anticipated anonymity.   However, in this law, the term “restricted personal information” means, “with respect to an individual, the Social Security number, the home address, home phone number, mobile phone number, personal email, or home fax number of, and identifiable to, that individual.” This is an important distinction to remember.

The application of this law isn’t about providing definition as to the source of the information. Rather, it is applied to “acts that endanger the safety of or encourage attacks against a person or a person’s family.”

As a final aside, legislators are using the internet to their advantage, too. Acts committed on the internet spread into all states, thereby allowing victims to choose the state of filing. Consequently, attorneys are affirming representation to the state with the strongest legal position for doxing, cyber-harassment, or cyber-stalking.

Future Face Recognition

Face recognition technology isn’t utilized by many online services. That is to say, the public do not have access to services that utilize facial recognition in a meaningful way. Facebook and other services automatically detect faces in an attempt to streamline the “tagging” process, but facial recognition is usually reserved for airports, shopping malls Top 5 Ways You Are Spied On Every Day And Don't Know It The chances are you're oblivious to the ways in which you're being monitored almost daily as you go about your business. Learn how to take precautions to protect yourself against these surveillance threats. Read More , and “all of Japan.”

Facial recognition is emerging as a doxing tool. Russian website FindFace enables anyone to upload virtually any photo of a person in an attempt to match it to their profile on Russian social media network, VKontakte What Is VK? 10 Incredible Facts You Should Know About Russia's Facebook If you live in Russia, you're far more likely to think of the Russian social media website (formerly known as VKontakte) than Facebook. Here are some amazing things to know about VK. Read More .

As with most shiny new internet toys, it didn’t take long to find nefarious uses for the tool. According to Global Voices, members of the 4chan-esque Russian forum Dvach were using photos from porn sites to uncover the true identities of the models. Subsequently, the proof of concept experiment spiralled into extreme incidents of shaming and harassment. The reason for outing these women was “moral outrage,” followed up with juvenile remarks that women who work in the sex industries are “corrupt and deceptive.”

Infantile at best, and dangerously misogynistic and vacuous at worst, this is clearly an unwelcome insight into how facial recognition technology will be used to dox people in the very near future.

Staying Out of Sight

On the internet, nobody knows you’re a dog. Until you’re doxed, and they realize you’re actually a Karelian Bear Dog. And by then, it might be too late. Remaining out of sight online sounds difficult, but it really comes down to auditing the information you regularly disclose — as well as where you disclose it Start the Year Off Right with a Personal Security Audit It's time to make plans for the new year, such as ensuring your personal security is up to scratch. Here are 10 steps you should take to update everything using your PC, phone or tablet. Read More .

And although the internet is filled with anecdotes of individuals giving law enforcement officers impromptu lessons on the workings of social media, doxing is a very serious issue that is constantly gaining recognition. If you are a victim of doxing What You Should Actually Do When Harassed Online The Internet has changed bullying. Let's take a look at what has changed, and what you can do if you find yourself on the receiving end of cyber harassment. Read More , you should reach out to your local authorities. Furthermore, the Crash Override Network provide support for the victims of online abuse, no matter how trivial it seems.

Have you been doxed? What happened to you? Was it through old information you’d disclosed? Or were your accounts accessed? Let us know your experiences below!

Image Credits: gangis khan/Shutterstock

Related topics: Doxing, Online Privacy.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. George Schwarz
    May 19, 2017 at 6:54 pm

    Politicians, especially the Republicans in Congress, are shutting down their phone and fax lines. They are violating our First Amendment rights to petition the government. We have every right to dox them; and, they deserve no better.

    • Gavin Phillips
      May 19, 2017 at 10:44 pm

      Hey George. Most politicians public information is in the public domain anyway. I think the real issue lies with normal people being doxed after they appear in the news, or annoy someone online. For instance, the British security researcher who inadvertently derailed the WanaCryptor ransomware last week was doxed by several UK and US newspapers. *That* is the real issue.

  2. Colin
    May 19, 2017 at 6:25 pm

    Second time today a story I have seen/heard of mention bear dogs. Think the first one said they were extinct. A comment on facebook said to check, which I did, but could not find myself.

    • Gavin Phillips
      May 19, 2017 at 10:38 pm

      What are bear dogs? Was that a typo?

      Pipl is great (or terrifying, depending on how you look at it) for finding people. Having a forward facing public persona, I'm on it in several locations. But some interesting older accounts pop up.

      • Colin
        May 20, 2017 at 12:17 am

        It was about your line 'Karelian Bear Dog' under the line 'staying out of sight'. CBC had a story today about different breeds of dogs that are/were Canadian. Did not catch the whole story, but there was a piece about a breed name '(something?) bear dog'. Sounded like karelian on the radio.

        • Gavin Phillips
          May 20, 2017 at 12:37 am

          Haha, my bad. I totally forgot I wrote that. I should try and remember what I wrote in the recent-past. Sounds like an interesting story!