Doxing (from dox, abbreviation of documents) or doxxing is the Internet-based practice of researching and broadcasting private or identifying information (especially personally identifying information) about an individual or organization.
The methods employed to acquire this information include searching publicly available databases and social media websites (like Facebook), hacking, and social engineering. It is closely related to Internet vigilantism and hacktivism.
Doxing may be carried out for various reasons, including to aid law enforcement, business analysis, risk analytics, extortion, coercion, inflicting harm, harassment, online shaming, and vigilante justice.
"Doxing" is a neologism that has evolved over its brief history. It comes from a spelling alteration of the abbreviation "docs" (for "documents") and refers to "compiling and releasing a dossier of personal information on someone". Essentially, doxing is revealing and publicizing records of an individual, which were previously private or difficult to obtain.
The term dox derives from the slang "dropping dox" which, according to Wired writer Mat Honan, was "an old-school revenge tactic that emerged from hacker culture in 1990s". Hackers operating outside the law in that era used the breach of an opponent's anonymity as a means to expose opponents to harassment or legal repercussions.
Consequently, doxing often comes with a negative connotation, because it can be a vehicle for revenge via the violation of privacy.
Doxware is a cryptovirology attack invented by Adam Young and further developed with Moti Yung that carries out doxing extortion via malware. It was first presented at West Point in 2003. The attack is rooted in game theory and was originally dubbed "non-zero sum games and survivable malware".
The attack is summarized in the book Malicious Cryptography as follows:
The attack differs from the extortion attack in the following way. In the extortion attack, the victim is denied access to its own valuable information and has to pay to get it back, where in the attack that is presented here the victim retains access to the information but its disclosure is at the discretion of the computer virus.
Doxware is the converse of ransomware. In a ransomware attack (originally called cryptoviral extortion), the malware encrypts the victim's data and demands payment to provide the needed decryption key. In the doxware cryptovirology attack, the attacker or malware steals the victim's data and threatens to publish it unless a fee is paid.
Anyone can harvest information from the Internet about individuals. There is no particular structure in place for doxing, meaning someone may seek out any kind of information related to the target.
A basic Web search can yield results. Social media platforms like Facebook, Twitter, MySpace, and Linkedin offer a wealth of private information, because many users have high levels of self-disclosure (i.e. sharing their photos, place of employment, phone number, email address), but low levels of security. It is also possible to derive a person's name and home address from a cell-phone number, through such services as reverse phone lookup. Social engineering has been used to extract information from government sources or phone companies.
In addition to these tactics, a doxxer may use other methods to harvest information. These include information search by domain name and location searching based on an individual's IP address.
Once people have been exposed through doxing, they may be targeted for harassment through methods such as harassment in person, fake signups for mail and pizza deliveries, or through swatting (dispatching armed police to their house through spoofed tips).
A hacker may obtain an individual's dox without making the information public. A hacker may look for this information in order to extort or coerce a known or unknown target. Also, a hacker may harvest a victim's information in order to break into their Internet accounts, or to take over their social media accounts.
The victim may also be shown their details as proof that they have been doxed in order to intimidate. The perpetrator may use this fear and intimidation to gain power over the victim in order to extort or coerce. Doxing is therefore a standard tactic of online harassment and has been used by people associated with 4chan and in the Gamergate and vaccine controversies.
The ethics of doxing by journalists, on matters that they assert are issues of public interest, is an area of much controversy. Many authors have argued that doxing in journalism blurs the line between revealing information in the interest of the public and releasing information about an individual's private life against their wishes.
The following events are sorted in chronological order.
Hit lists of abortion providersEdit
In the 1990s anti-abortion activists secured abortion providers' personal information, such as their home addresses, phone numbers, and photographs, and posted them as a hit list, ruled by the courts to be an immediate incitement to violence. The site's legend explained: "Black font (working); Greyed-out Name (wounded); Strikethrough (fatality)." The website included blood-dripping graphics, celebrated providers' deaths and incited others to kill or injure the remaining providers on the list. Between 1993 and 2016, eight abortion providers were killed by anti-abortion terrorists.
Human flesh search engineEdit
Starting in March 2006, the Chinese Internet phenomenon of the "Human flesh search engine"（人肉搜索）shares much in common with doxing. Specifically, it refers to distributed, sometimes deliberately crowdsourced searches for similar kinds of information through use of digital media.
The term "dox" entered mainstream public awareness through media attention attracted by Anonymous, the Internet-based group of hacktivists and pranksters who make frequent use of doxing, as well as related groups like AntiSec and LulzSec. The Washington Post has described the consequences for innocent people incorrectly accused of wrongdoing and doxed as "nightmarish".
In December 2011, Anonymous exposed detailed information of 7,000 members of law enforcement in response to investigations into hacking activities.
In November 2014, Anonymous began releasing the identities of members of the Ku Klux Klan. This was in relation to local Klan members in Ferguson, Missouri making threats to shoot anyone who provoked them while protesting the shooting of Michael Brown. Anonymous also hijacked the group's Twitter page, and this resulted in veiled threats of violence against members of Anonymous. In November 2015, a major release of information about the KKK was planned. Discredited information was released prematurely and Anonymous denied involvement. On November 5, 2015 (Guy Fawkes Night), Anonymous released an official list of supposed but currently unverified KKK members and sympathizers.
Following the 2013 Boston Marathon bombing, vigilantes on Reddit wrongly identified a number of people as suspects. Notable among misidentified bombing suspects was Sunil Tripathi, a student reported missing before the bombings took place. A body reported to be Tripathi's was found in Rhode Island's Providence River on April 25, 2013, as reported by the Rhode Island Health Department. The cause of death was not immediately known, but authorities said they did not suspect foul play. The family later confirmed Tripathi's death was a result of suicide. Reddit general manager Erik Martin later issued an apology for this behavior, criticizing the "online witch hunts and dangerous speculation" that took place on the website.
Newsweek came under fire when writer Leah McGrath Goodman claimed to have revealed the identity of the anonymous creator of Bitcoin, Satoshi Nakamoto. Though the source of her sleuthing was primarily the public record, she was heavily criticized for her doxing by users on Reddit.
The Satoshi Nakamoto case brought doxing to greater attention, particularly on platforms such as Twitter, where users questioned the ethics of doxing in journalism. Many Twitter users condemned doxing in journalism, wherein they argued that the practice was seemingly acceptable for professional journalists but wrong for anyone else. Other users discussed the effect the popularization that the concept of doxing could have on journalism in public interest, raising questions over journalism concerning public and private figures. Many users have argued that doxing in journalism blurs the line between revealing information in the interest of the public and releasing information about an individual's private life against their wishes.
In March 2015, former Major League Baseball (MLB) pitcher Curt Schilling used doxing to identify several people responsible for "Twitter troll" posts with obscene, sexually explicit comments about his teenaged daughter. One person was suspended from his community college, and another lost a part-time job with the New York Yankees.
In December 2015, Minneapolis city councilwoman Alondra Cano used her Twitter account to publish private cellphone numbers and e-mail addresses of critics who wrote about her involvement in a Black Lives Matter rally.
In 2016, Fox Business news anchor Lou Dobbs revealed the address and phone number of Jessica Leeds, one of the women who accused American presidential candidate Donald Trump of inappropriate sexual advances; Dobbs later apologized.
In July 2016, WikiLeaks released 300,000 e-mails called the Erdoğan emails, initially thought to be damaging to Turkish President Recep Tayyip Erdoğan. Included in the leak was Michael Best, who uploaded Turkish citizens' personal information databases that WikiLeaks promoted, who came forward to say that doing so was a mistake after the site where he uploaded the information took it down. The files were removed due to privacy concerns, as they included spreadsheets of private, sensitive information of what appears to be every female voter in 79 out of 81 provinces in Turkey, including their home addresses and other private information, sometimes including their cellphone numbers.
U.S. Presidential Advisory Commission on Election IntegrityEdit
In July 2017, the United States' Presidential Advisory Commission on Election Integrity, which was established in May 2017 by U.S. President Donald Trump to investigate his controversial allegation of voter fraud, published a 112-page document of unredacted emails of public comment on its work, which included both critics and some supporters of the Commission. The Commission included the personal details of those critics, such as names, emails, phone numbers and home addresses. Most of the commenters who wrote to the White House expressed concern about publication of their personal information, with one person writing, "DO NOT RELEASE ANY OF MY VOTER DATA PERIOD." Despite this, that person's name and email address were published by the commission.
This act drew criticism from Theresa Lee, a staff attorney for the American Civil Liberties Union's Voting Rights Project, who stated, "This cavalier attitude toward the public's personal information is especially concerning given the commission's request for sensitive data on every registered voter in the country." The White House defended the publication of the personal information, noting that everyone was warned that might happen. However, former Deputy Secretary of Labor Chris Lu stated that regardless of the legality, the White House has a moral obligation to protect sensitive data, saying, "Whether or not it's legal to disclose this personal information, it's clearly improper, and no responsible White House would do this."
Federal agencies often solicit and release public comments on proposed legislation. Regulations.gov, which is designated for public comments, includes a detailed set of guidelines explaining how to submit comments, what type of personal information is collected and how that information may be used, stating, "Some agencies may require that you include personal information, such as your name and email address, on the comment form. The Securities and Exchange Commission, for instance, warns commenters to 'submit only information that you wish to make available publicly.'" Another agency, the Federal Trade Commission, tells commenters that "published comments include the commenter's last name and state/country as well as the entire text of the comment. Please do not include any sensitive or confidential information." However, The White House does not appear to have issued any such public guidelines or warnings before many of the emails were sent. Marc Lotter, Press Secretary to Mike Pence, stated, "These are public comments, similar to individuals appearing before commission to make comments and providing name before making comments. The Commission’s Federal Register notice asking for public comments and its website make clear that information 'including names and contact information' sent to this email address may be released."
Democratic U.S. House of Representatives internEdit
On October 3, 2018, Jackson Cosko, a House fellow for the Democratic party, was arrested by the U.S. Capitol Police (USCP). He allegedly posted private, identifying information of several Senators to Wikipedia. According to the USCP, the personal information of Republican Senators Lindsey Graham, Mike Lee and Orrin Hatch was anonymously posted to Wikipedia the week before on Thursday September 27, 2018. The information included home addresses and phone numbers. All three lawmakers are with the Senate Judiciary Committee. The alleged doxing occurred during the hearing of Supreme Court nominee Judge Brett Kavanaugh. Cosko was initially charged with witness tampering, threats in interstate communications, unauthorized access of a government computer, identity theft, second degree burglary and unlawful entry. Cosko was fired after his arrest. He worked with Democratic Rep. Sheila Jackson Lee (D-TX), Sen. Dianne Feinstein (D-Calif), Sen. Maggie Hassan (D-N.H.), and former Sen. Barbara Boxer (D-Calif). If convicted of all six charges Cosko faces up to 20 years in prison. In June 2019, he was sentenced by Judge Thomas F. Hogan to four years in prison.
- "Definition of dox in English". Oxforddictionaries.com. Retrieved 2016-01-05.
- "The Problem With "Doxxing" – On The Media". onthemedia.org. Retrieved 2016-01-05.
- S-W, C. "What doxxing is, and why it matters". The Economist, UK. Retrieved 2016-01-05.
- Schneier, Bruce (2016-07-29). "The Security of Our Election Systems". Retrieved 2016-08-06.
- Ryan Goodrich (2 April 2013). "What is Doxing?". TechNewsDaily.com. Retrieved 24 October 2013.
- James Wray and Ulf Stabe (2011-12-19). "The FBI's warning about doxing was too little too late". Thetechherald.com. Retrieved 2012-10-23.
- Zurcher, Anthony. "Duke freshman reveals porn identity". BBC, United Kingdom. Retrieved 9 April 2014.
- Levin, Sam. "Anti-fascists say police post mugshots on Twitter to 'intimidate and silence' Doxing arrested protesters has become common, and can have lasting consequences even after the charges are dropped". The Guardian. Retrieved 16 August 2018.
- Bright, Peter (2012-03-07). "Doxed: how Sabu was outed by former Anons long before his arrest". Ars Technica. Retrieved 2012-10-23.
- Clark Estes, Adam (2011-07-28). "Did LulzSec Trick Police Into Arresting the Wrong Guy? – Technology". The Atlantic Wire. Retrieved 2012-10-23.
- Honan, Mat (2014-03-06). "What Is Doxing?". Wired. Retrieved 2014-12-10.
- Garber, Megan (2014-03-06). "Doxing: An Etymology". The Atlantic. Retrieved 2014-12-10.
- Young, A. (2003). Non-Zero Sum Games and Survivable Malware. IEEE Systems, Man and Cybernetics Society Information Assurance Workshop. pp. 24–29.
- A. Young, M. Yung (2004). Malicious Cryptography: Exposing Cryptovirology. Wiley. ISBN 0-7645-4975-8.
- Ramesh, Srikanth. "What is Doxing and How it is Done?". GoHacking. Retrieved 2014-12-10.
- Fagone, Jason. "The Serial Swatter". New York Times. Retrieved 25 November 2015.
- "Guide to doxing: Tracking identities across the web | Blog | Blechschmidt.Saarland". blog.blechschmidt.saarland. Retrieved 2015-11-30.
- "What Is Doxing?". WIRED. Retrieved 2015-11-30.
- Mix (2017-10-16). "Someone is blackmailing dark web users to pay up or get doxxed". The Next Web. Retrieved 2017-12-06.
- Hern, Alex. "Gamergate hits new low with attempts to send Swat teams to critics". The Guardian. Retrieved 2 July 2015.
- Mulvaney, Nicole. "Recent wave of swatting nationwide fits definition of terrorism, Princeton police chief says". NJ.com. Retrieved 3 July 2015.
- Liebl, Lance. "The dangers and ramifications of doxxing and swatting". Gamezone.
- Diresta & Lotan. "How antivaxxers influence legislation". Wired. Conde Nast. Retrieved 3 July 2015.
- "Newsweek, Bitcoin and the ethics of 'doxxing'". america.aljazeera.com. Retrieved 2015-12-01.
- "Rethinking the ethics of doxing • Background Probability". Background Probability. Retrieved 2015-12-01.
- Ingram, Mathew (2014-03-06). "Of Bitcoin and doxxing: Is revealing Satoshi Nakamoto's identity okay because it was Newsweek and not Reddit?". Retrieved 2015-12-01.
- Shouler, Kenneth (2007). "Fans Behaving Badly". Cigar Aficionado. Retrieved 8 March 2010.
- How Abortion Providers Are 'Living in the Crosshairs' By Tara Murtha, Rolling Stone, May 18, 2015
- Strikethrough (Fatality); The origins of online stalking of abortion providers. By David S. Cohen and Krysten Connon, Slate, May 21, 2015
- Fletcher, Hannah (June 25, 2008). "Human flesh search engines: Chinese vigilantes that hunt victims on the web". The Times.
- Branigan, Tania (March 24, 2010). "How China's internet generation broke the silence". The Guardian.
- "Anonymous's Operation Hiroshima: Inside the Doxing Coup the Media Ignored (VIDEO)". Ibtimes.com. 2012-01-01. Retrieved 2012-10-23.
- Ohlheiser, Abby (5 November 2015). "What you need to know about Anonymous's big anti-KKK operation". Retrieved 15 June 2016 – via washingtonpost.com.
- "Hacker-activist group Anonymous seizes KKK Twitter accounts; reveals identities". Fox 2 Now. Retrieved 21 November 2014.
- "Ferguson KKK Doubles Down By Threatening To Shoot People Wearing Anonymous Guy Fawkes Masks". If Only You News. Retrieved 21 November 2014.
- Woolf, Nicky; Stafford, Zach (3 November 2015). "Anonymous denies releasing incorrect Ku Klux Klan member information". Retrieved 15 June 2016.
- "Anonymous posts Ku Klux Klan alleged sympathisers list". Retrieved 15 June 2016.
- "Innocents accused in online manhunt". 3 News NZ. April 22, 2013.
- Buncombe, Andrew. "Family of Sunil Tripathi - missing student wrongly linked to Boston marathon bombing - thank well-wishers for messages of support". The Independent. Archived from the original on 17 January 2015. Retrieved 17 January 2015.
The cause of the student's death has still be determined but the medical examiner said no foul play was suspected.
- Nark, Jason. "The Boston bombing's forgotten victim". Philadelphia Daily News. Archived from the original on 31 October 2014. Retrieved 31 October 2014.
Akhil spent the most time with Sunny before his suicide, weekends at Brown where he tried to help his youngest child foresee a future.
- Martin, Erik. "Reflections on the Recent Boston Crisis". Reddit.com. Retrieved May 3, 2013.
- Alfonso, Fernando (26 December 2012). "Lawyer doxes 50 journalists who doxed gun owners". The Daily Dot.
- Machkovech, Sam (3 March 2015). "Former MLB pitcher, 38 Studios founder doxes his daughter's online abusers". ArsTechnica.
- "Minneapolis City Council Member Alondra Cano under fire for posting phone numbers, e-mail addresses of constituents". Star Tribune. Retrieved 2015-12-26.
- Steph Solis, USA TODAY, October 13, 2016, Lou Dobbs apologizes for sharing Trump accuser's address, number, Retrieved October 14, 2016, "... Dobbs apologized for sharing the personal information on Thursday of a woman who alleged Donald Trump sexually assaulted her...."
- Zeynep Tufekci (25 July 2016). "WikiLeaks Put Women in Turkey in Danger, for No Reason (UPDATE)". The Huffington Post.
- "Politico editor resigns after sharing addresses of white nationalist on Facebook". CNBC. 22 November 2016. Retrieved 23 November 2016.
- Chasmar, Jessica (22 November 2016). "Politico editor resigns after sharing home addresses of alt-right leader Richard Spencer". The Washington Times. Retrieved 23 November 2016.
- Trump, Donald (May 11, 2017). "Presidential Executive Order on the Establishment of Presidential Advisory Commission on Election Integrity". White House.
- Koerth-Baker, Maggie (July 7, 2017). "Trump's Voter Fraud Commission Is Facing A Tough Data Challenge". FiveThirtyEight.
- Lowry, Brian (May 11, 2017). "Civil rights groups fume about Trump's choice of Kris Kobach for voter fraud panel". The Kansas City Star.
- Neuman, Scott (July 14, 2017). "Vote Fraud Commission Releases Public Comments, Email Addresses And All". "The Two-Way". National Public Radio.
- Politi, Daniel (July 15, 2017). "White House Publishes Names, Emails, Phone Numbers, Home Addresses of Critics". Slate.
- Ingraham, Christopher (July 14, 2017). "White House releases sensitive personal information of voters worried about their sensitive personal information". The Washington Post.
- Shaw, Adam (2018-10-04). "Cops probe doxxing of GOP senators, as left-wing escalates confrontational tactics". Fox News. Retrieved 2018-10-04.
- Folley, Aris (2018-10-04). "Ex-House intern charged with 'doxing' GOP senators during Kavanaugh hearing". The Hill. Retrieved 2018-10-04.
- "Former Senate staffer arrested for allegedly doxing senator". CBS/Associated Press. 2018-10-04. Retrieved 2018-10-04.
- Spencer S., Hsu (2018-10-04). "Democratic ex-staffer contests charges he posted personal data on GOP senators, threatened witness in doxing". Washington Post. Retrieved 2018-10-05.
- Gerstein, Josh (2019-06-19). "Ex-Hassan aide sentenced to 4 years for doxing senators". Politico. Retrieved 2019-06-20.
- The dictionary definition of dox at Wiktionary