Doxxing: The Sequel
On March 19, 2015, I published a post about doxxing, generally known as one party’s publishing on the internet documents containing personal information about another party. In my first post, I noted that the term “doxxing” appears to cover a variety of circumstances, from the vengefully-motivated compiling and publishing of previously unpublished (likely hacked and possibly falsified) personal information, to the documenting of identities as a means of confronting and ending the abuse of those using aliases to victimize others on social media, to the linking of publicly-available documents containing personal information as a means of providing evidence regarding conflicts of interest in the dealings of public officials.
According to Curiousmatic.com writer Jennifer Markert, the term “doxxing” emerged on Google Trends in 2012, and it has its origins in the publishing of previously unpublished, personal information for destructive purposes. Markert’s description does not include a person’s choosing to include personal information on documents known by the person to be publicly available.
Regarding avoiding the publishing of personally identifiable information that an individual does not choose to reveal on sources known to be publicly available, Markert wryly offers the following advice:
A number of services, both free and paid, collect data profiles of Internet users and aggregate data from social media and public records. …
Most services have opt out forms that can be filled out and processed fairly quickly. …
Unfortunately, many of these services continually update their data profiles and will continue to collect user information even after they’ve opted out.
Other tips to avoid being doxxed include being homeless, ditching your cell phone, not being part of the KKK, not being a woman, and not upsetting large groups of vindictive Internet users.
The March 10, 2014, Economist captures both the evolving nature of the term, including the usage of the term (and the practice) as being “non-pejorative”:
The term “dox” (also spelt “doxx”, and short for “[dropping] documents”) first came into vogue as a verb around a decade ago, referring to malicious hackers’ habit of collecting personal and private information, including home addresses and national identity numbers. The data are often released publicly against a person’s wishes. It is a practice frowned upon by users of Reddit, a popular online forum, and many others.
More recently journalists have co-opted the phrase. It is now used by some, in a non-pejorative sense, to mean deep investigative reporting. This has blurred the distinction between nefarious digital intrusion and noble journalism.
What is implied in the Economist discourse on doxxing is that information “doxxed” has not been previously released in a public forum by the “doxxed” individual. This assumption aligns with the Urban Dictionary, which defines doxxing as “publicly exposing someone’s real name or address on the Internet who has taken pains to keep them secret.”
Based upon the current usage of the word “doxxing” (as I have observed in researching the word and experiencing its usage), the term is now being applied to investigative research/reporting that involves linking to personally identifiable information that an individual has included as a matter of public record and that an individual knows is a matter of public record.
Thus, the term “doxxing” is now being liberally applied and has moved quite the distance from its negatively-connoted understanding as involving malicious hacking. However, what complicates the issue is that current usage of the term “doxxing” still most certainly includes malicious hacking.
As a result of my first post on doxxing, a few issues emerged that I would like to examine in the remainder of this post. The first concerns distinguishing between negatively-connoted doxxing (e.g., the “dropping” of “docs” that is generally perceived as self-serving and harmful to another) and reasonably-documented research. The second concerns testing companies’ monitoring social media. And the third involves the unique position of those in the public eye and the connection between their “newsworthiness” and reasonable-research doxxing. For this last section, I focus on my experience as one in the public eye for my public education advocacy.
I am a researcher of issues related to the privatization of public education. Certain individuals and organizations are benefiting financially from converting American public education into “American test-score-driven, privatized education running on both privatized money and public funds.” Many of these individuals and organizations are involved in conflicts of interest such that they are in positions of power that allow them to direct public funding in a questionable, self-serving or otherwise biased manner. They might also be accepting private funding that reasonably compromises the likelihood of unbiased decision making toward some less-influential third party.
I investigate these questionable alliances and the financial incentives behind them.
I often support my research with information from public documents. In my case, the most utilized tends to be nonprofit tax forms. I also sometimes reference resumes and election funding reports. Each of these types of public documents could include personal addresses. Resumes might also include home or personal cellular phone numbers.
My work qualifies as “deep investigative reporting.” However, to distinguish my investigations from those discussed in the Economist article referenced above, let me clearly state that I do not ferret out previously undisclosed personal addresses and phone numbers for the sake of publishing such information (and especially for the sake of publishing such information without the consent of the individual, should an unusual circumstance present itself).
Social Media Monitoring
I have been challenged to explain how it is that I can engage in using public documents to investigate others even as I take issue with testing companies and school administrators’ monitoring students on social media. First of all, the individuals I investigate are adults, not children. Second, I take issue with the testing companies and school administrators for not clearly communicating to students the intent to monitor social media before doing so. If the testing company goal is really one of test security, it seems much more efficient to tell students ahead of time that social media will be monitored. Being direct with students about upcoming monitoring would better prevent test security breaches from happening at all– as opposed to the course that testing companies and school administrators chose of either saying nothing or (as was documented for the Smarter Balanced consortium) encouraging students to sign on school social media accounts with the known intent to monitor student activity.
I do not approve of entities with power improving their power edge via such sneaking. It bespeaks some unstated, ulterior motive.
Third, the position that anyone should be allowed to monitor another on social media without any declared intent does not carry into other public venues. The street in front of my house is a public street, but that does not mean that a person can decide to stand in that street and watch for hours in order to monitor my activity even in that public street without risking being investigated for suspicious activity. Authorities would seek information on intent, as well they should.
Even personal restraining orders commonly apply to public places.
Once forced by discontent expressed on the very social media they were monitoring, the PARCC testing consortium came forth with a statement on behalf of Pearson about monitoring for “test security.” Given that standardized test sales increased more than 3,000 percent from 1955 to 1997– even prior to Bush’s test-centered No Child Left Behind (NCLB) in 2002– it seems that “test security” doubles as a euphemism for “protecting the profits.”
Pearson’s 2015 contract for PARCC is estimated as at least $138 million. In 1955, US standardized test sales equaled roughly $10 million (adjusted for 2015 dollars). Sixty years later, the US dependence upon standardized testing has grown so much that a single testing company is making almost 14 times as much in test sales on a test that covers only two subjects– and in only roughly a dozen states.
In monitoring social media, testing companies are arguably chiefly motivated to protect their multi-million-dollar profits.
If the amount of testing is cut, then the testing company profits are cut, and the impetus to monitor social media will also be reduced.
In the Public Eye
When I decided in March 2012 to become actively involved in the fight against the privatization of public education, I realized that my activism would move me into the public eye. I remember reckoning with the idea. In connection with rather strong commentary criticizing rushed 2012 legislation promoting the use of student test scores to grade teachers– legislation designed to blindside classroom teachers not only via its content but also in its speedy passage– I was about to publish my email address in a public forum.
I realized that in doing so, I was placing myself (my job, my personal privacy) in a precarious position. But I also knew such was the cost of becoming a public advocate.
Since that time, I have started this blog, written two books, and engaged in public speaking. For these reasons, I consider myself a public figure.
Established advocates are public figures. So are elected officials and other titled public servants.
And as a public figure, I expect to be investigated. Sure enough, I have learned of specific instances of individuals combing the internet in search of my history. They will likely locate public documents that include personally identifiable information about me. I own property, and I have published resumes.
And note that I have zero expectation that those researching me should refrain linking to publicly available information on me because I am a woman.
I do not expect to escape investigation because I am female, and I refuse to engage in accusations of sexist activity simply because someone links to my publicly-available documentation as part of legitimate investigation.
Such investigation comes with my being in the public eye.
Bringing It Home
I contend that as a researcher, I have a right to document my work via information that is part of legitimate public record. What makes the public record legitimate is that any personally identifiable information has been legitimately obtained, either voluntarily from an individual or as a matter of public mandate, in which case the inclusion of the personally identifiable information, such as home address and phone number, is known to the individual.
I expect the same when others research me.