With the advent of technology – and the pervasive invasion of social media – the concept of privacy has been reduced to a ‘necessary’ illusion.
‘Necessary’, for the information we yield consensually to the public domain – mostly to tech giants and data aggregators – affords us certain comforts and luxuries (home delivery of almost everything under the sun to endless media access, online jobs etc).
But the endless barrage of incoming data is not without peril. There is so much personal data available online that one’s digital footprint can betray more information than what we are willing or comfortable to part with.
Twitter on 30 November expanded the scope of its privacy policy to media shared without the consent of the person who features in it. It also includes media that reveals a person's private information without their permission. The social media giant said that such information can be used to harass or intimidate individuals.
While we do sign off on trusting giant tech conglomerates with information about your location history, your preferences, your spending patterns and even your thoughts, the same information can be exploited by individual users as well.
This is where Doxxing comes in. A process of collecting and publishing of someone’s private information online, usually with the intent of inciting harassment in real life.
While not technically illegal, it’s still considered to be harassment by most people.
Betraying Privacy: What is Doxxing and Why is it Harassment?
1. What is Doxxing?
Doxxing involves looking up the details of people’s lives, usually by digging through their social media profiles, publicly available data, government records and even comments across old and defunct message boards.
While snippets of this information might be irrelevant individually, put together, they can cause real harm.
For example, a deep Google search of a person can often yield social media profiles, email IDs, electoral roll listings (that holds address, phone number, father’s name etc), property listings, court case records, product and service reviews left by the user, mark-sheets, admit cards among countless other things.
Expand2. What Is The Purpose of Doxxing?
The purpose or intent of this exercise is usually to harass someone publicly, dig up dirt on a person to expose them to legal prosecution, to draw criticism towards that person, or, as in some cases, to cause them physical harm.
Countless people’s lives have been ruined by doxxing – with viral campaigns dedicated to public shaming, considered to be the online equivalent of mob lynching.
TAKING AWAY CONTROL
As pointed out in this Conversation piece, “When someone connects these digital traces, and shares them with other people – often strangers, or even the wider public – they take away their target’s control over private data.”
These people, the report adds, often seek to hold the person who is doxxed accountable for their actions, whether that’s perpetuating or opposing online hate, or failed romantic relationships.
Expand3. How Can You Protect Yourself?
While there is no exact reason as to why one might find themselves at the receiving end of a doxx attack, there are certain practices that can help safeguard against the same.
A large majority of doxx attacks involve people with a malicious intent collecting your personal information via social media sites.
And while there are no perfect solutions for avoiding doxx attacks – short of erasing your digital footprint completely, or air-gapping all your technology off the internet – here is how you can make it harder to be targeted:
Doxx Yourself: Use the Google search engine to go through all the information available online in your name. Focus on documents, forms and public records. After you have identified the scope and potential impact of a doxx attack, retrieve and delete information in your control. Failing this, sites like justdelete.me can aid in purging the redundant information.
Password Check: Refresh all your passwords regularly and DO NOT use the same password across multiple platforms. Use a password manager service if remembering different passwords is a hassle – LastPass, KeePass etc.
Review Privacy Settings on Social Media: The privacy settings on social media websites might not be on the most secure setting by default. You can improve the privacy rating of your account by reducing publicly available information and tweaking the ad preferences and app permissions. Also avoid posting addresses, personal phone numbers etc.
VPN: You can obscure and thus secure your internet activity by investing in a VPN service.
Enable OTP/Two-step Verification: While a bit of a hassle, logging into accounts using two-step OTP-based verification makes safeguarding your accounts much easier.
Burner Email: Create a burner or junk email to use for all websites that require an email to sign up. Ensure that no relevant information – like bank account information, personal IDs etc – are registered on this email.
Check If Your Email is Compromised: A quick search on ‘Have I Been Pwned?’ website will tell you if your email has been compromised in a data leak.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)
Expand
What is Doxxing?
Doxxing involves looking up the details of people’s lives, usually by digging through their social media profiles, publicly available data, government records and even comments across old and defunct message boards.
While snippets of this information might be irrelevant individually, put together, they can cause real harm.
For example, a deep Google search of a person can often yield social media profiles, email IDs, electoral roll listings (that holds address, phone number, father’s name etc), property listings, court case records, product and service reviews left by the user, mark-sheets, admit cards among countless other things.
What Is The Purpose of Doxxing?
The purpose or intent of this exercise is usually to harass someone publicly, dig up dirt on a person to expose them to legal prosecution, to draw criticism towards that person, or, as in some cases, to cause them physical harm.
Countless people’s lives have been ruined by doxxing – with viral campaigns dedicated to public shaming, considered to be the online equivalent of mob lynching.
TAKING AWAY CONTROL
As pointed out in this Conversation piece, “When someone connects these digital traces, and shares them with other people – often strangers, or even the wider public – they take away their target’s control over private data.”
These people, the report adds, often seek to hold the person who is doxxed accountable for their actions, whether that’s perpetuating or opposing online hate, or failed romantic relationships.
How Can You Protect Yourself?
While there is no exact reason as to why one might find themselves at the receiving end of a doxx attack, there are certain practices that can help safeguard against the same.
A large majority of doxx attacks involve people with a malicious intent collecting your personal information via social media sites.
And while there are no perfect solutions for avoiding doxx attacks – short of erasing your digital footprint completely, or air-gapping all your technology off the internet – here is how you can make it harder to be targeted:
Doxx Yourself: Use the Google search engine to go through all the information available online in your name. Focus on documents, forms and public records. After you have identified the scope and potential impact of a doxx attack, retrieve and delete information in your control. Failing this, sites like justdelete.me can aid in purging the redundant information.
Password Check: Refresh all your passwords regularly and DO NOT use the same password across multiple platforms. Use a password manager service if remembering different passwords is a hassle – LastPass, KeePass etc.
Review Privacy Settings on Social Media: The privacy settings on social media websites might not be on the most secure setting by default. You can improve the privacy rating of your account by reducing publicly available information and tweaking the ad preferences and app permissions. Also avoid posting addresses, personal phone numbers etc.
VPN: You can obscure and thus secure your internet activity by investing in a VPN service.
Enable OTP/Two-step Verification: While a bit of a hassle, logging into accounts using two-step OTP-based verification makes safeguarding your accounts much easier.
Burner Email: Create a burner or junk email to use for all websites that require an email to sign up. Ensure that no relevant information – like bank account information, personal IDs etc – are registered on this email.
Check If Your Email is Compromised: A quick search on ‘Have I Been Pwned?’ website will tell you if your email has been compromised in a data leak.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)