Privacy in the Digital Age: Part IV, the Story of Doxing
In part III, we examined the definition of “Invasion of Privacy,” and the four typical metrics states use to determine whether one individual infringed another’s reasonable expectation of privacy. Despite numerous precedents and court rulings, however, the line between what is, or isn’t, invasion of privacy is often subjective.
Perhaps the most contentious battle in recent years over what constitutes invasion of privacy is the practice known as “doxing,” which weaponizes the personal or private information of an individual through public dissemination on the internet. In this article, we’re taking a look at how this tactic started and evolved throughout the years.
Cambridge dictionary defines doxing as, “the action of finding or publishing private information about someone on the internet without their permission, especially in a way that reveals their name, address, etc.” This definition, while correct, is incomplete. When an individual has been “doxxed,” it typically means that someone gathered that individual’s information through publicly available, digitally based, sources, such as their name, address, phone number, personal photographs, or workplace, and published this data with the expectation that exposure would negatively affect the person.
A Short History of Doxing
Although doxing entered the popular consciousness in recent years, the practice goes back to the 1990s, and the thriving hacker communities that populated Usenet. According to Know Your Meme, the word is derived from “docs,” short for “documents,” and used to describe various information related to new updates, cracks, or patches of pirated software.
Coincidentally, many of common internet terms used today emerged from these communities, such as “FAQ,” “trolling, “spam,” and “sockpuppet,” but doxing shares a special relationship with one of the most popular: “flaming” or, depending on the circumstance, the much-hallowed “flame war.” It was in these, often furious, arguments that the practice of gathering and posting another person’s private information evolved, and, to absolutely no one’s surprise, things got downright nasty in a hurry.
Perhaps the most notable early example of doxing occurred in 1994, when scandalous stories about legendary posters were shared in a four-part compilation. This series detailed the posters’ sockpuppet accounts’ information — primarily to reveal their activity outside of Usenet — and the practice caught on, morphing as the internet went from infant to giant in space of a decade.
In January 2007, the YouTube channel Vigilantes, which was dedicated to seeking out and publishing the personal information (doxing) of YouTubers they deemed hateful or racist, was the target of a notable doxing incident. CircaRigel, the head of the group who established Vigilantes, was the victim of the practices used by her channel when her personal information was leaked, including her name, address, and personal posts made to the newsgroup alt.sexual.abuse.recovery.
In other words, the internet was a nasty place before Facebook became king and lowered the bar for everyone. The practice of doxing, however, remained relatively unknown to the general public. That changed throughout the following years when a group of hacktivists known as Anonymous exploded onto the popular scene.
Prior to 2008, Anonymous was a decentralized online community that worked in relatively loose coordination for the purpose of entertainment. When the group launched “Project Chanology” in 2008, however, Anonymous went from a collection of people in it for the lulz to a collaborative group of hacktivists who wanted the world to stand up and take notice. Nobody was too fearsome. Project Chanology targeted the Church of Scientology, for example, and the group later targeted governments throughout the world, e.g. the US, Israel, and Tunisia, organizations and copyright services, and perhaps most disturbing to many people, financial corporations, such as MasterCard, Visa, and Paypal. Their tactics changed often, sometimes, little more than pranks, whereas others used concerted denial of service attacks, but one element remained constant throughout the years, the publication of an individual’s personal and, in later years, financial information.
Over a decade later, Anonymous has disappeared from the headlines. Not surprising considering they angered the world’s most powerful governments, corporations, and organizations, but the group’s influence continues to resonate throughout the internet.
As political polarization deepened throughout the last two decades, and social media proliferated, so did the use of doxing. Anonymous popularized the tactic, and showed the world how devastating, and relatively easy, the practice was, particularly with a resource like Google at one’s fingertips. Someone has a political opinion or posted an offensive picture you don’t like? Anonymous showed us that employers don’t always take kindly to that person’s views either. If that’s not an option, Anonymous showed us what happens when an individual’s address or phone number is posted to a massive online group who don’t like that person’s opinion either.
Doxing’s been around a long time now, and it’s turned into a weapon some claim as a legitimate tactic, and others decry as an invasion of privacy, but the one certainty is this: it’s not going away.