The internet has become an integral component of our daily lives. In fact, it is not an understatement to say that a day would be absolutely ruined if online services were interrupted. Many people’s lives would be brought to a halt if this happened due to our current reliance on the internet. The web ecosystem has been suffering major changes since the 90s especially at the behavioural level having social dynamics as one of the leading drivers in the process. The transition from a dialogical perspective to an interventional angle started becoming visible in the last couple of years. This shift was accompanied by the increasing public availability of information online which ultimately constitutes, whether we want to believe it or not, a vulnerability when it comes to cyber threats (1). Doxxing is framed under this umbrella through a privacy-focused lens.
The deep historical evolution of the semantics of doxxing is a well-known phenomenon. In earlier hacker culture, doxxing meant de-anonymizing a person on the internet whereas now it assumed a much broader concept describing any action that “uses sensitive or secret information, statements, or records for the […] exploitation of targeted individuals” (2). Social media platforms brought the principle of open access to data to reality which made it easier for an individual to find and publish someone else’s personal information without permission (e.g. real name, address, criminal history, personal photos, etc.) to attack him/her either through punishment, intimidation or humiliation.
Doxxers are resourceful people. They may start with a single hint and pursue it until they’ve unravelled an individual’s online identity, and they can do so in a variety of ways. Either they scrutinize publicly available information (for example, information posted by an individual on a forum or social media platform, or file metadata), or they resort to techniques like packet sniffing, which entails intercepting internet data in order to obtain valuable personal information, or IP logging, in which the doxxer is able to discover personal IP addresses using dedicated tools (3) (4).
The motivation for this phenomenon is critical to understanding its nature. Sometimes it’s driven by an intrinsic need for power and control that, for example, can prevent a victim from leaving an abusive relationship. In the same line of thought, it is often used to harass, intimidate or coerce people out of jealousy or revenge ultimately resulting in physical harm and violence. It has also been reported that doxxed information is being used as a mechanism for money extortion (3). In 2015, Anonymous, the well-known decentralized international hacktivist collective, shared details of hundreds of alleged sympathisers of the white supremacist Ku Klux Klan (KKK) on the internet, contributing to the prevention of violent offensives towards racial minorities (5). Similarly, in 2019, The Daily Beast experienced a social media backlash after one of its correspondents was accused of doxxing a private person who reportedly made a modified video that falsely depicted House Speaker Nancy Pelosi as inebriated and uploaded it on Facebook (6). Anyway, regardless of the motivation, doxxing violates privacy and leads to unpleasant consequences such as:
- Public condemnation, ridicule and shaming for exposed actions.
- Trauma resulting from the exposure of sensitive content.
- Psychological dangers (anxiety, stress, sleep disturbances, etc.).
- Reputational harm.
For example, a mother of three was recently doxxed for using OnlyFans, an adult-oriented social networking platform, which ultimately resulted in her children being expelled from school (7). Many regular individuals face similar situations when they choose to publish information about themselves on the internet that may subsequently be used against them, even if they believe they have nothing to hide. In that regard, we must consider how we might defend ourselves against doxxing and the potentially harmful repercussions that may arise as a result of this phenomenon.
Limiting and protecting internet communications is the first step. It is undeniable that when using social media sites, we tend to disclose a lot of our personal information. However, we may greatly minimize our susceptibility by using our privacy settings or having several passwords. It’s always preferable to take precautions rather than try to correct problems after being doxxed (3). Related to that, it is also important to avoid logging in with Facebook and Google accounts on pop-up websites because the likelihood of becoming a victim of a privacy breach is much higher in these circumstances. What causes this to happen? Some of the third-party websites utilized in these processes are designed to collect and aggregate personal information that may be misused if it falls into the wrong hands (3). Another important thing to keep in mind is to stay away from data broker websites. These websites exist to collect and sell massive quantities of personal data to corporations, and many individuals are unaware of them. Aside from that, opting out of them entails lengthy and inconvenient procedures (3).
Overall, this article introduces the concept of doxxing, how it happens and most importantly, how it can be prevented. You could assume you’re secure from doxxing after reading this since you have nothing to hide but is this actually the case? We’re not suggesting that you do anything unethical or unlawful. We’re implying that everyone has elements of their lives they’d want to keep secret. Those elements may be innocuous, but they should be kept confidential. This is particularly important because there are many enraged people on the internet who use doxxing to always come on top of every argument. Any apparently benign statement you make has the potential to incite an internet mob’s wrath. As a result, take action and defend yourself against this expanding threat by adopting a defensive mindset when navigating through these web environments.
Rafael Luis Pereira Santos
References
(1) Madden M., and Smith A. (2010), “Reputation management and social media – Part 2: Concerns about the availability of personal information”, Pew Research Center.
(2) Fortinet, “Doxxing”.
(3) Atamaniuk M. (2021), “What is Doxxing and How To Avoid Getting Doxxed?”, Clario.
(4) Dascalescu A. (2021), “What is Doxxing and How to Avoid It”, Heimdal Security.
(5) BBC News (2015), “Anonymous posts Ku Klux Klan alleged sympathisers list”, BBC News.
(6) Miles F. (2019), “Daily Beast accused of ‘doxxing’ alleged creator of ‘Drunk Pelosi’ video”, Fox News.
(7) Kasperski, “What is Doxing – Definition and Explanation”, Kasperski.
