Taking a screenshot of a private message and sharing it with others is as easy as a single click. This, however, does not grant them a free pass to the consequences of doxing.
The escalating incidence of doxing has sparked significant concern among digital rights and safety advocates, given the heightened vulnerability individuals face such as scams, online gender-based violence and identity fraud.
A 2021 survey conducted by cybersecurity company Kaspersky revealed that one in six users had experienced doxing globally while using online dating platforms. In Asia Pacific alone, the survey found that 22% of the respondents had fallen victim to doxing while engaging in online dating.
While doxing often involves users with malicious intent, there are also users who have a more profound motive behind sharing private information online, such as victim-survivors of online gender-based violence.
Advocates emphasize educating diverse communities about the significance of safeguarding against doxing and the crucial role they play in protecting others.
By prioritizing education, digital rights and safety organizations empower individuals with the necessary tools and information to navigate the internet safely and mitigate the risks associated with doxing.
What is doxing?
Derived from the word “documents,” Kaspersky defined doxing as the act of leaking private or personal information about an individual online without their consent. This is often done with malicious intent with the aim of intimidating or threatening individuals.
Common examples of doxing are when online users share screenshots of private conversations on social media platforms. These are often observed on Facebook, Twitter, Messenger and Telegram, a 2019 study of The Hong Kong Polytechnic University found.
Doxing often exposes a person’s name, social details, and private information, including contact numbers, email addresses, intimate photos or videos and private conversations.
The 2021 study of Kaspersky discovered that nearly half of the Asia Pacific respondents either have or had online partners who leaked their intimate photos, disseminated screenshots of their conversations online, threatened them with personal information or stalked them in real life.
Victims of violence turn to doxing
While doxing often involves users with malicious intent, there are also users who have a more profound motive behind sharing private information online, such as victim-survivors of online gender-based violence.
Driven by their personal experiences, they expose the identities of their perpetrators to warn others of the potential risks of interacting with them. At the same time, victim-survivors unintentionally commit doxing hoping to hold their perpetrators accountable.
In the Philippines, no law details how cases like this should be treated by the justice system. Similarly, no law has defined the term doxing.
However, existing laws have been implemented that stipulate the concept of doxing as a digital safety issue. Among these are the Data Privacy Act of 2012 (DPA) and the Cybercrime Prevention Act of 2012 (CPA).
The DPA states in Chapter VIII, Section 32 that an individual who discloses personal information to a third party without the consent of the data subject should be penalized with one to three years of imprisonment and a fine ranging from P500,000 to P1 million.
How do you protect yourself and others from doxing?
Filipino users may file a complaint to the National Privacy Commission for digital safety violations.
For instance, Jover Laurio (Pinoy Ako Blog) filed a civil complaint against Rey Joseph Nieto (Thinking Pinoy) in 2018 for revealing Laurio as the author of Pinoy Ako Blog in one of Thinking Pinoy’s entries, including their full name and school.
In a decision on March 31, Laurio won their data privacy case against Nieto, who now has to pay the blogger a total of P300,000 in damages and P50,000 in attorney’s fees and litigation expenses.
Besides pressing charges, tweaking privacy settings and carefully selecting followers on social media can also limit the number of people who may have access to information posts.
Advocates also suggest establishing distinct email accounts and usernames for different platforms and refraining from using one’s complete name when creating online accounts.
Combating digital safety issues like doxing will only be effective when users value their data and respect that of others.
Using multi-factor authentication is another security measure that prevents others from accessing an account with just an email address and a password. It will require a user to either input a code randomly generated by the social media platform or a one-time pin (OTP) usually sent through text.
Cybersecurity firms also suggest utilizing a virtual private network (VPN) to protect IP addresses – which describes one’s location – from being exposed, allowing users to browse the internet anonymously.
Most of all, combating digital safety issues like doxing will only be effective when users value their data and respect that of others.
Digital Rights and Safety Trainings
Media organizations regularly conduct workshops and trainings on digital rights and safety for various sectors in society. They seek to not only raise awareness on these issues, but also to equip them with the necessary knowledge and tools to become more resistant to that of doxing.
EngageMedia, a nonprofit organization advocating for digital rights and safety, organized the three-day Asia Pacific Digital Rights Forum in 2023, aiming to “further discuss and collaborate on solutions” for each region’s pressing digital safety issues.
Out of The Box Media Literacy Initiative (OOTB) has also conducted such trainings for college students and mothers in early 2023. To improve their campaigns for the latter half of 2023, they held a digital rights and safety co-learning session with civil society organizations.
Diving deeper into the digital issues of doxing and data mining, OOTB will be conducting “Training on Digital Rights and Security”, a workshop under its Take Ctrl ⇧ Shift Habits campaign on July 11 at the Polytechnic University of the Philippines.
Out of The Box is a non-profit organization in the Philippines promoting media literacy practices with educational resources, campaigns and workshops.
Published originally in PhilStar.com on July 7, 2023 at https://www.philstar.com/business/technology/2023/07/07/2279352/how-safeguard-your-personal-information-doxing
