Online harassment has been around as long as the internet. However, in recent years, online harassment has been on the rise in part because of the popularity and access to social media websites. A particularly dangerous form of online harassment is doxing. Doxing is the malicious practice of revealing someone’s personal information without their consent. The phrase has its origins in hacker feuds in the early 1990s and is short for “dropping documents.” This is done to retaliate against or harass someone by outing them online – usually by exposing personal information such as home address, place of work, phone numbers, and other information that while available on the internet, one may not want exposed to the world.
The issue with doxing – like any form of harassment – is that it can range from trivial annoyance to a form of threatening that can affect someone’s emotional, economic, and even physical safety. While there are many state and federal laws that punish harassment and stalking, doxing may or may not fall within those current provisions. So, this begs the question, how should doxing be handled?
Some states have already enacted anti-doxing legislation. California Penal Code § 653.2 makes every person who intends to put another person in reasonable fear for their safety by means of an electronic communication device guilty of a misdemeanor that is punishable by up to one year in a county jail and/or by a fine of not more than $1,000. Under this statute, there is no requirement that “actual incitement or actual production of the enumerated unlawful effects” follow a doxing event, rather only requires that the messages are likely to incite third party actions.
In September of 2021, Arizona enacted House Bill 2502, which accomplishes something similar to the aforementioned California law. However, the Arizona law incorporates a provision similar to Section 230 of the Communications Decency Act. Section 230 provides that “no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” In Zeran v. America Online, Inc., the court held that the Communications Decency act was enacted to encourage internet communication and limit government interference with that communication. In passing this legislation, Congress shielded internet service providers from liability in a way that newspapers, magazines, and television stations are not (Gonzalez v. Google, Inc.). While there has been ample debate in how this affects free speech and social media’s responsibility for providing a platform for hate, it also presents interesting questions for doxing.
Effectively, Section 230 immunity for social media companies leaves it up to those companies to enforce their own rules on harassment and doxing. Twitter defines doxing as sharing someone’s private information online without their permission. This is a violation of twitter rules, but enforcement of these rules depends on what information is being shared, who is sharing the information, whether the information is available somewhere else online, why the information is being shared, and whether the information is actually private. Regardless of whether the information was public, Twitter does not consider the following information private:
- Name, birthdate, and age
- Place of education or employment
- Descriptions of physical appearance
- Gossip, rumors, accusations, and allegations
- Screenshots of text messages or messages from other platforms (where they do not also include private information)
While most of the above information is typically publicly available (or takes minimal research to find), that does not mean there cannot be serious consequences for the person at the subject of the doxing. A common way for doxers to punish or retaliate against their target is to contact their employer and demand that the target be terminated for their offline, non-work-related conduct. A famous, viral example of this was when a white woman, Amy Cooper, was caught on cellphone camera walking her dog off leash in New York City’s Central Park. She became hostile with the man recording, Christian Cooper, and called the police on him while accosting him. On the phone, she said “I’m going to tell them there’s an African American man threatening my life.” This drew rightful criticism from many on twitter, including a tweet from Eric Adams, who has since been elected Mayor of New York City. Amy Cooper was put on immediate administrative leave and was subsequently terminated from her job at Franklin Templeton as a result of her conduct.
While allegations against Ms. Cooper were immediately verifiable by video recording and her comments were racially motivated, this is not always the case. Twitter and other social media platforms with similar terms of service will not take down allegations and rumors, as they do not consider these things private. So, it is possible that allegations against someone online could be unproven and still manage to harm their reputation and economic well-being.
One recent example is the tale of West Elm Caleb. Stories of this 26-year-old man, paired with his Employer’s name (West Elm), went viral with allegations that he was a very bad dater. Most stories went the same, that Caleb would go on a few dates, act very interested, but ultimately disappear. What followed were a multitude of creators sharing TikTok videos with screenshots of his profile, regardless of whether they had actually gone on a date with him. The hashtag #WestElmCaleb got over 26 million views as of January 21, 2022. Even brands got their chance to dunk on West Elm Caleb. This targeted harassment and dox of Caleb continued despite a rule in TikTok’s terms of service that users “may not intimidate or harass another.” This is a reminder, bad dater or not, that even in places where you might expect mutual respect, everything that is shared on a dating app is public and can be shared with little consequence, especially where the only controlling body is a social media’s legal department.
Rob Harrington is an Associate Editor on the Michigan Technology Law Review.