Archives: Doxxing Posts

It might seem counterintuitive, but the best protection against being doxxed (or “doxed” or getting “docs dropped”) is to follow a guide to doxxing yourself on the internet.

By trying to find information about yourself online, you’ll be able to see how easy it would be for someone else to do it – and then take steps to make yourself less doxxable. 

How to Dox Yourself

Follow the following seven steps to dox yourself. 

Tip: Want to learn more about doxxing in general? Read about how doxxing happens. 

1. Google yourself

Chances are, the first thing that anyone who wants to dox you will do is search for your name (or username, phone number, etc.) on Google. 

Keep in mind that you’ll need to open a private tab or go into incognito mode to avoid seeing customized results.

You might have to put your name in quotation marks or add geographical details to get an accurate result. Think about what someone who is trying to dox you may already know – your name, phone number, the city you live in. Include anything that may be public information. 

For most people, social media profiles will be the first few results that show up, but you could also see listings from data brokers (people search sites), personal websites, public records, and so on. 

You can set up Google Alerts to be notified when new information appears about you online. To do that:

1. Go to Google Alerts.
2. Type in your name (or other personal data) in the search bar.
3. Click “Show options” to change how often you get notifications, what sites you want to see, the part of the world you want information from, etc.
4. Click “Create Alert.”

To learn more, read our guide on how to remove doxxing content on Google.

2. Find yourself on social media

Open up a social media site where you have an account (such as Facebook, X, Instagram, Reddit, or LinkedIn), log out, and run a search for your name (adding in your location if needed to refine the results). 

Once you’ve found yourself, take note of what personal data is visible. Could someone see what you look like? Could they learn where you work, where you like to eat, who your family members are? Even information that might seem insignificant, like your pet’s name or the fact that you speak American English, can help someone build up an accurate picture of your life. 

If you use the same username across multiple social media platforms, forums, or apps, then anyone who has found you on one platform can easily discover every other account you have – making you vulnerable to online harassment, social engineering, death threats, and more.

Tip: Learn how to report doxxing on various different platforms, including X/Twitter (plus, here’s Twitter’s doxxing policy).

3. Look for yourself on people search sites

Data brokers and people search sites are companies that collect your personal information from a range of sources, compile this information into comprehensive profiles, and then sell these profiles to pretty much anyone who wants to buy them.  

If your search engine results include data brokers (such as Whitepages, Spokeo, PeekYou, or PeopleSmart), follow the link to see what they have on you. 

Depending on the website, data brokers can give results based on very little information. If someone knows your full name, they can start with that, but they can also do a search based on your username, phone number, home address, or email to find out more about you.

To be thorough, try doing a reverse search on all your identifying details.

Note that not all data brokers and people search sites will show up on Google Search results when you type in your name, even if they have your personal details. 

For this reason, you should go to each major data broker and people search site and type in your details into their search bar rather than relying on Google (or some other search engine, like Bing) alone. 

If you find that a data broker has your information, you can, in most cases, opt out of their database. However, this is where things get tricky. The opt-out process differs from one data broker to the next – while some data brokers let you opt out via an online form, others might request that you send them an opt-out request through email instead. 

Unfortunately, data brokers refresh their databases when they collect more data about you, so you’ll need to repeat this process.

If you’d rather not have to opt out of data brokers manually, consider using a data broker removal service like DeleteMe, where our privacy experts remove you from data broker databases on your behalf. 

4. Check what your website says about you

If you have a personal website, assess it objectively: do you overshare by including private information or contact details?

Website owners should also keep in mind that their contact info could be visible using the Whois lookup tool. Do a search on your domain and see if your name, home address, and other information is included. If it is, contact your domain registrar and enroll in private registration. 

Remember that even if you’ve deleted your website, it may still be accessible through the Internet Archive. 

If it is, you may be able to have it taken down, though the results are mixed.

5. Do a reverse photo search

Through a reverse image search, anyone with a photo of you can see where else that particular photo and similar photos appear online.

There are several ways someone might perform a reverse photo search. For instance, they may Google your name in Google Images, right-click on your image, and then select “Search the web for image” to find where else your photo shows up online. 

Or, they may upload an image of you they found somewhere else (social media account, newspaper, etc.) onto Google Lens – for example, your profile image. 

That will cause a sidebar to pop up on the right, where Google Lens will scan the internet for the photo. Click “Find Image Source” at that point to see where the photo is posted online – potentially showing all other accounts you’ve uploaded the same profile picture to.

There are also reverse image search tools like PimEyes and TinEye that can do the same function. 

I found PimEyes to be especially good. When I uploaded my own (public) photo, it returned results of where else that photo appears online – plus similar images, including a picture of me in a local newspaper from a work event years ago that I had totally forgotten existed. 

6. See if you appear in any data breaches

If your information has been involved in a data breach, there’s a good chance someone will be able to find it on the dark web. Data breaches can include a wealth of sensitive information about you, including your online account login details, social security number, and more.

You can find out if your data was part of a breach by going to the Have I Been Pwned online tool and searching for your email address. 

If it comes back positive, you should change the passwords associated with the breached accounts and any other accounts that use the same password. 

Going forward, using two-step authentication and a password manager can protect your accounts from being accessed after a breach occurs. 

7. Review your professional presence

If you’ve ever applied for work through a website or uploaded your resume to the internet, your private information may be sitting in plain view. 

To find out if your resume or CV is floating around, go to Google and type in the search string “[First Name] [Last Name]” filetype:pdf (including the quotation marks). 

That will come back with any PDFs associated with your name (if there are any). 

If it’s a PDF on a site you have access to, make sure to revise it if it has your contact information (phone number, email address, etc) on it. 

Become Undoxxable 

The less information exists about you online, the less likely it is that someone will be able to doxx you. For best results, doxx yourself continuously (use our list of doxxing tools to help you) and share as little about your life on the internet as possible.

For more information, read our guide on how to prevent doxxing.

If you’re going to dox or “drop docs” on yourself, you’ll need a list of doxxing tools to make the job easier. 

In this guide, we’ll look at some of the open source (i.e., freely accessible) tools you can use to find information about yourself before it gets into the wrong hands, including search engines, people search sites, email permutators, public records, maps, and more. 

Search Engines

Search engines such as Google are an easy first stop if you’re looking for personal information. 

Go to Google Search, Bing, DuckDuckGo, or your preferred search engine and type in your full name, account username, phone number, home address, or whichever identifying detail you’d like to look up on yourself. 

Note: You should open a private tab or incognito browsing window if you’d like to see what an anonymous user would see (rather than the customized results you typically get). 

You may need to combine some of your details, such as your name, city, or occupation. For best results, think of what someone may know about you and make that part of your search query.

If you’re using Google, you can use some simple boolean commands (just like a potential doxxer would do). Try typing in [First name]+[Last name], adding in your own name, and keeping the plus sign. Or [First name] [Last name]+[birthdate]. Or try replacing [birthdate] with your place of work, home city, home address, or the place you went to school. 

You should also try searching for your online account usernames and email addresses, either alone or in combination with your other details. 

On both Google and Bing, you can try additional search operators to see what comes up. Use a site-focusing command like site:facebook.com to search for results on a particular website. Or use the asterisk (*) to fill in a blank – such as [First name] * [workplace]. If someone knows your first name and that you work at a particular location, for example, they’ll be able to find out more using that. 

It’s important to be as creative as your potential doxxer might be.

Every site that comes up as a match for any search queries related to you could lead to more personally identifiable information, giving doxxers a trail to follow that could lead to online harassment, cyberbullying, swatting, or even in-person attacks. 

If it’s a site you can access and remove the information from, do so. 

Tip: You can set up a Google alert to be notified whenever a new result with your details turns up on Google search. To do so, visit Google Alerts, log in if needed, and make an alert for the result you’d like to be notified about (name, email address, phone number, etc.). 

Learn more in our guide on how to remove doxxing content on Google.

People Search Sites

Some of the first results you’ll get when you look up your name on a search engine are for people search sites (aka data brokers). 

These sites (such as Whitepages, Spokeo, People Finder, and so on) sell profiles on people for a minimal fee, with each profile consisting of compiled public information about you. 

If someone has your name, phone number, email, or even your username, they will be able to find your profile and request access to all the personal data the people search site has on you. 

The amount of information in a data broker profile can be quite significant and may include personal details like your employment history, education, nearest relatives, and more.

The good news is that you can opt out of people search websites, typically using a form on the website that has a profile on you or by sending them an email making it clear who you are and that you’d like to opt out. 

Because the opt-out process for each data broker is different, we’ve put together free, step-by-step guides on how you can remove yourself from major data brokers. 

The bad news is that data brokers frequently refresh their profile databases. This means that even if you opt out from a data broker once, they may re-add your profile when they collect more data about you. 

To escape this repetitive cycle, subscribe to a data broker removal service like DeleteMe that continuously handles removal requests on your behalf. 

Username Search Engines

If you use the same username on multiple websites, anyone who knows your username on one platform can also find you on other platforms. This is even easier using username search engines, which show where the same username is in use.

Here are a few username search engines to try:

• Namechk
• Namecheckr
• CheckUsernames
• Instant Username Search

Email Permutators

If someone knows your name and where you work or guesses what email host you use (such as Gmail or Yahoo), they can use an email permutation tool to figure out what your email address is (thus potentially giving them the ability to hack into your accounts, send harassing messages and malware, and more). 

One example of an email permutation tool is Email Permutator. 

Enter your details (with your place of work or your email host as the domain) and see if your email address is listed. 

Email Validators 

Using an email permutation tool will give you a long list of results, which may make you think your actual email is hidden amongst the false hits. 

However, by using an email validator such as MailboxValidator and entering in all of the potential email addresses a permutator comes back with, you can tell straightaway which emails are active.

Email validators are also an easy way to test if an email listed on a people search website is still accurate.

Hacked Database Search Engines

Some of the most common forms of cybersecurity attacks are data breaches (sometimes preceded by ransomware), which occur when hackers get into a major database (such as Equifax or LinkedIn) and acquire sensitive data such as usernames and passwords, Social Security numbers, birthdates, or even bank account or credit card details before releasing it en masse online. 

You can find out if your personal information has been part of a data breach by going to the HaveIBeenPwned online tool. There, you can enter your email address and see if it has been compromised and where. 

For any websites where you’ve been compromised, you should immediately change the password and repeat the step for any other website that uses the same password. 

Pro tip: Don’t use the same password on multiple websites for exactly this reason. Instead, consider a password manager to generate strong, unique passwords for each of your accounts, and implement two-factor authentication to ensure your accounts stay secure.

HaveIBeenPwned also allows you to set up notifications anytime your email is part of a data breach.

Other tools include DeHashed, where you can search for variables besides your email address (such as your username or phone number), Intelligence X (which goes a step further by letting you search for your Bitcoin account number in addition to even more variables), and the Ashley Madison hacked email checker, for those with an Ashley Madison account.

Social Networks

Linking out to other social media accounts on your profiles creates an easy breadcrumb for people with malicious intent to follow. 

Doxxers can easily connect your accounts to one another and find out more personal details about you.

On another note, if your personal details were shared on social media without your consent, here’s how you can report doxxing on Twitter (plus, here’s a rundown of Twitter’s doxxing policy).

Forums

Forums can be a source of personal information regardless of how much you post. If you have a forum account (such as on Reddit, a video game forum, a gardening forum, a cooking forum, etc), go to the forum, log out, and do a search using the forum’s search feature.

Most forums let you do a search using a combination of keywords. For example, you can combine your name, username, or email address with “email,” “art,” “location,” “work,” “school,” and so on. If you were doxxing yourself based on your forum account, what information could you find?

Some forum sites give you the ability to see all of the posts you’ve made. If so, review your posts and delete or edit any that include identifying information. Even seemingly harmless information like your general location (a state like New York or even America), your native language (American English, British English, Spanish, etc.), etc., can give you away. 

Remember: Avoid using the same avatar or profile picture across multiple forum accounts, as that makes them easy to tie together, especially through a reverse image search tool (more on this below). 

Public Records

State and local governments maintain their own archives of records associated with people in their jurisdictions. This might include court records, marriage licenses, property transfers or taxes, and more. 

Some government bodies and/or courthouses have online records. For example, in California, you can make a birth record request online:

Where online public record access is not possible, the public record must be accessed in person or specifically requested. However, this isn’t difficult to do – someone could contact the state you live in pretending to be you and request your marriage certificate, for instance. 

The Digital Media Project has state-specific information on accessing public records from 19 states in the US, plus the District of Columbia. 

In whatever court or government record you appear, you have the option of contacting the archiving body to request that the record be made private. 

You will need to justify why removing the record is necessary (typically for matters of demonstrable personal safety concerns), meaning you may need a statement from law enforcement or screenshots of harassment to back your request up.

Archives

Internet archive sites such as the Wayback Machine can be useful for viewing older versions of websites or finding sites that are no longer operational. 

If you used to have a website that you shared too much sensitive information on and then later deleted, you should enter the URL into the Wayback Machine to see if any versions of it were archived. 

If you find your past or present website and wish for it to be removed from the Wayback Machine, follow these steps.

Whois Records

The Whois search engine enables you to type in any website and see who the owner is. 

If you have a website, you should type the URL into the Whois Lookup tool to see how much of your private information is visible there. A typical record could include your phone number, home address, phone number, email, and IP address.

Ideally, you’ll see most, if not all, of your information removed by your domain provider – but only if you opted for private registration. If you didn’t, you should contact your registrar and update your registration as soon as possible.

Reverse Image Search

Can you dox yourself using only your face? Believe it or not, yes. Using a reverse image search tool such as Tineye, you can look for matching results across the internet to find out more information about yourself – and see how easy it would be for someone else to do the same. 

To do so, find an image of yourself (such as a social media profile picture), crop out everything but your face, and then upload the image to Tineye.

To be thorough, you should do this for each online picture you have of yourself (in the event that one connects to another or helps to unearth an old account with personal information you’d like to keep hidden).

Maps

Let’s assume you’ve uncovered your home address while doxxing yourself (a pretty easy thing to do using a people search site). 

If you went to Google Maps or Bing Maps, what would you be able to see? Using street view, can you see how many neighbors you have or what buildings are nearby?

Fortunately, you can request to remove your home from Google Maps. To do so, go to Google Maps and type in your home address. Click on the Street View icon on the lower right-hand side of your screen. Once there, at the very bottom right-hand corner, you’ll see “Report a problem.”

The next screen you’ll see will give you the option of panning the image until your home (or car, or whatever you’d like to hide) is in the center of the image. From there, scroll down and select what you’d like to have blurred and why. Click “Submit” at the bottom of the page and wait a few days for results. 

Become Undoxxable

The first step to becoming undoxxable is to dox yourself, which you’ve effectively done if you’ve followed each of these recommendations. 

Wherever you’ve found information you’d rather keep private, be sure to take any steps you can to have the data hidden, whether it includes changing your privacy settings, sending opt-out requests, or removing your old websites from the Wayback Machine. 

Each proactive step you take will reduce your digital footprint and make it much harder for someone to dox you. 

Whether you need to know now or later, learning how to report doxxing is important for your personal safety. Knowing who to report doxxing to can also help stop the flow of private information being leaked once someone starts doxxing you. 

How to Report Doxxing to Law Enforcement

If you’ve been doxxed, your first step should always be to collect evidence that the doxxing has occurred. 

Take screenshots of where your personal information was posted. If someone is sending you threatening messages online, take screenshots of that as well, and if someone is calling your home, family members, or your place of work, try to get a recording. 

Any evidence you can gather will support your claim and empower law enforcement agencies and support staff to help you.

Once you have evidence (or sooner if you are under immediate physical threat), you should contact local law enforcement. 

It’s not generally against the law to dox someone in the US, but it is illegal to harass someone – and sometimes doxxers can go well beyond simple harassment to severe physical endangerment. 

Other malicious acts that can be associated with doxxing include cyberbullying, identity theft, defamation, and social engineering scams (including phishing emails where an attacker tries to trick you into revealing data like your Social Security number or financial account details or gets you to download malware). These can be criminal acts and should be reported to your local police department. 

If necessary, you can go to the FBI Internet Crime Complaint Center to file a report with their Cyber Crimes unit. 

How to Report Doxxing to Online Platforms

Aside from law enforcement, you can contact the particular social media platform that you’ve been doxxed on to potentially have the information taken down and the doxxer prohibited from posting more. 

Report doxxing on Facebook

When someone posts your personally identifiable information on Facebook without your permission, you can flag the post as being against community standards by clicking “Report Post” under the three dots in the upper right-hand corner. Then, click “Harassment” and “Me” and submit it. 

Once you’ve reported the post for online harassment, Facebook’s team will review it and remove it if it meets their qualifications. The user who posted the information may face account suspension as a result.

Report doxxing on TikTok

TikTok maintains explicit rules against community harassment, which includes posting sensitive information without permission or with malicious intent. 

If someone posts information or media about you that you want removed, fill out TikTok’s “Report a Problem” form.

Report doxxing on X 

X allows users to report posts that contain personal data about them. To do so, find the offending post and click the three dots in the upper right-hand corner. Click “Report Post” at the bottom of the menu, then “Privacy.” From there, you can select the best fit for the situation. 

Alternatively, you can complete this form to report unauthorized information sharing on X. 

For more information, read our analysis of Twitter doxxing policy and then follow our guide on how to report doxxing on Twitter.

Report doxxing on Discord

On Discord, users who share information about other users without permission are violating community guidelines and can be suspended or banned. 

If someone is doxxing you on Discord, you can report the post by selecting it (right-clicking on desktop or holding down the message on mobile). Click “Report Message” and “Exposing private identifying information” to file the report. 

Alternatively, if the troll posted your information to a server, you can contact the server’s moderators to remove the post and possibly impose posting restrictions.

Report doxxing on Instagram 

Instagram users can report being doxxed by clicking on a post’s three horizontal dots in the upper right corner. Click “Report” at the top of the menu, then “Bullying or harassment,” “Me,” and then “Submit Report.”

A moderator will review your report and remove the offending post if it meets the requirements.

Report doxxing on Reddit

Reddit users can access a website form to report when other users have doxxed them. On the form, select “I want to report other issues” and then “It’s personal and confidential information.” 

In the next field, provide a link to the post and select what type of information (real name, phone number, email, home address, or credit card or bank account details) has been shared. Then click “Submit.”

Report doxxing on Twitch 

On Twitch, you have the option of reporting a channel, a user in a chat, or a whisper, depending on what method the person doxxing you is using. 

To report a channel, click the three vertical dots on the lower right under the video player and click “Report Live Stream.” You can also go to a specific video and report it from there.

If someone is doxxing your contact information in a chat, click the user’s name and then on the three vertical dots on the bottom right. Click “Report” and select the category that best matches what the user is doing. In the “Tell Us More” field, you can (and should) spell out why the user’s comment is damaging to you.

Lastly, to report a whisper or private message, click the cog wheel at the top right of the window and click “Report xx,” where “xx” is the name of the user who sent the whisper.

Report doxxing on YouTube  

On YouTube, you might be doxxed in video form or in the comments to a video. Depending on how you’re being doxxed, your method of reporting will vary slightly. 

To report a video, click the three dots below the video player and then click “Report.” Click “Harassment or bullying” to report someone maliciously sharing your private information.

To report a comment, click the three dots next to the comment on the right-hand side, then click “Report” and “Harassment or bullying.”

How to Report Doxxing to Google

For most people, Google Search is the main culprit when it comes to seeing unwanted personal information online. To file a request to remove unwanted results on Google’s search engine, you can use this form (otherwise, for reporting doxxing on other Google services, refer to this guide). 

Note that this will not remove the website with the information from the internet; it will only remove the search result from appearing in Google’s search results. To remove the information from the internet, you’ll need to contact the website owner directly. 

How to Prevent Doxxxing 

Rather than having to report a doxxing incident, a better alternative is to prevent doxxing from happening altogether. 

To do so, you should start by doxxing yourself using these doxxing tools (including username search engines and data breach repositories).

Then, take steps to reduce your visibility online. This might involve changing your social media account privacy settings, opting out of data brokers (or subscribing to a data broker removal service like DeleteMe), creating and using unique usernames with each online account, setting up multi-factor authentication (a great cybersecurity practice), and avoiding giving out your personal details unnecessarily.

For more tips, learn how doxxing happens and then read our guide on how to prevent doxxing.

If you live in Ohio and are concerned about your online privacy, you might be wondering: Is doxxing illegal in Ohio? 

In this guide, we’ll look at the legal ramifications of sharing Ohio residents’ information online without their permission, along with the crimes that are related to, and can stem from, doxxing. 

Is Doxxing Illegal in Ohio?

No. The act of doxxing, which refers to publishing someone’s personal information without their consent, is not illegal in Ohio. 

Doxxing Related Activities That Are Illegal In Ohio

Even though doxxing is not illegal in Ohio, the state does criminalize other activities that are related to (or can happen as a result of) doxxing.

These include menacing, menacing by stalking, telecommunications harassment, swatting, and extortion. 

Menacing

Menacing (section 2903.22 of the Ohio Revised Code) in Ohio refers to when a perpetrator causes you to believe that you, your personal property, your unborn child, or your family members are in danger of physical harm. 

Those found guilty of menacing in Ohio face a fourth-degree misdemeanor, which can result in up to 30 days in jail and a $250 fine. 

Menacing by stalking

In situations where someone is engaging in a pattern of conduct that causes you to believe that you, your family, or your household members are in danger, they can be charged with menacing by stalking in Ohio as per section 2903.211 of the Ohio Revised Code. 

Importantly, Ohio includes specific references to repeated electronic communications in its legal code, meaning if you’ve been doxxed and someone is menacing you online via chat messages or emails, it might be defined as “menacing by stalking” and, therefore, be an illegal act.

The penalty for menacing by stalking in Ohio is a first-degree misdemeanor, entailing up to a year in jail and a $500 fine. 

In some cases, like if the victim is a minor or if the offender has a history of violence towards the victim or someone else, menacing by stalking can be a felony of the fourth degree, which can result in up to 18 months of imprisonment and a fine of up to $5,000. 

Telecommunications harassment

Making phone calls to someone with the intention to “harass, intimidate, or abuse” them is a breach of Ohio’s telecommunications harassment law (section 2917.21 of the Ohio Revised Code). 

There are different subsections to the code that outline particular transgressions – such as if the perpetrator calls a person at an hour or hours inconvenient to them and in an offensive and repetitive way – but they all generally result in a first-degree misdemeanor. In Ohio, that nets up to one year’s imprisonment and a fine of up to $500. 

Subsequent offenses of this charge escalate to a fifth-degree felony, equating to imprisonment for up to a year and up to $2,500 in fines. 

Swatting

One of the most dangerous activities related to doxxing is swatting, which occurs when a perpetrator knowingly makes a false report to law enforcement about illegal activity happening in your home or workplace. 

Swatting can result in rapid and aggressive police responses, some of which have been fatal for swatting victims. 

Swatting is illegal in Ohio under section 2917.321 of the Ohio Revised Code.

In Ohio, first-time swatters are guilty of a fourth-degree felony, which comes with 6-18 months of jail time and a fine of up to $5,000. 

Extortion

In Ohio, the act of extortion (section 2905.11 of the Ohio Revised Code) refers to threatening to commit any felony or violence, threatening “any calumny against any person,” or exposing any matter that causes hatred toward someone or their business. 

Those found guilty of extortion in Ohio face a felony of the third degree, amounting to between 9-36 months in prison and a fine of up to $10,000.

Is Doxxing Illegal at the Federal Level?

As it stands, doxxing is not illegal in the United States at the federal level. 

This is, in part, due to the large amount of information that exists in the public sphere about any given individual.

That said, a growing number of states, including California, Illinois, and Arizona, are taking steps to protect their residents from doxxing. 

However, since legal action is reactive rather than proactive, you shouldn’t rely on the legal system to protect yourself. Instead, you should make yourself as undoxxable as possible. 

How to Protect Yourself Against Doxxing In Ohio (And Elsewhere)

If your goal is to make yourself undoxxable, your first step should be to dox yourself (refer to our guide to doxxing yourself and list of doxxing tools for more information). By using the same techniques as doxxers, you can preemptively see where your data vulnerabilities are. 

To protect yourself from doxxers, you’ll most likely need to:

• Change your social media profile settings from public to private to hide your biographical information. 
• Change your post settings so that only friends and people you know can see what you post.
• Opt out of data brokers. Data brokers are companies that make money by compiling publicly available information on individuals and then selling it to anyone willing to pay a minimal fee. Opting out is not a one-time process, as these companies refresh their databases when new information is identified, meaning you’ll need to repeat the opt-out process regularly. Alternatively, subscribe to a data broker removal service like DeleteMe. 
• Stop sharing personal information in public places online. 
• Use unique usernames and passwords with your online accounts to make yourself less traceable. 

Looking for more information? Read our guide on how to prevent doxxing. 

With laws against doxxing cropping up around the country, you may be wondering: Is doxxing illegal in Oregon? 

This guide illuminates what residents of the Beaver State can expect when it comes to the legality of having their information shared online without their permission, along with how Oregon’s legal system handles related activities that can arise from doxxing.  

Is Doxxing Illegal in Oregon?

No. Doxxing – the act of publishing someone else’s personal information online without their consent – is not covered by any specific laws in Oregon. 

Doxxing Related Activities That Are Illegal In Oregon

Just because doxxing itself is not illegal in Oregon doesn’t mean that other related activities aren’t. 

In Oregon, there are laws against menacing, recklessly endangering another person, harassment, telephonic harassment, stalking, and misconduct with emergency telephone calls – all of which are activities that can occur after someone exposes your personal information. 

Menacing

If someone intentionally attempts to put you in fear of imminent personal injury by verbal or physical threat in Oregon, they can be charged with menacing, as per Oregon Revised Statutes § 163.190. 

Menacing is considered a Class A misdemeanor that could result in up to one-year imprisonment and a fine of up to $6,250. The penalties increase to a felony if a dangerous weapon is involved in the threat.

Recklessly endangering another person

Under Oregon’s Revised Statutes § 163.195, reckless endangerment refers to the act of engaging in conduct that “creates a substantial risk of serious physical injury to another person.” 

It is typically charged as a Class A misdemeanor with possible charges of up to one year in prison and a maximum fine of $6,250. 

Harassment

In Oregon, harassment (Oregon Revised Statutes § 166.065) is defined in three ways:

• Harassing or annoying someone by subjecting them to unwanted physical contact or publicly insulting someone with abusive words/gestures with the goal of being incendiary.
• Conveying a false report (such as about someone’s death) to cause someone alarm.
• Communicating a threat (either verbally, by telephone, or in electronic form) to inflict serious injury on someone or their family members, which would be reasonably expected to cause alarm.

Harassment is considered a Class B misdemeanor in Oregon, with a charge of up to six months in prison and a fine of up to $2,500.

Telephonic harassment

Telephonic harassment, as the name implies, refers to harassment made using a telephone. 

Under Oregon Revised Statutes 166.090, this can include calling a person without actually wanting to speak to them or leaving text messages or voicemails even though they’ve been forbidden to do so by the owner of the phone. 

Perpetrators charged with telephonic harassment face a Class B misdemeanor with penalties of up to six months in prison and up to a $2,500 fine.

Stalking

Stalking is illegal under Oregon Revised Statutes 163.732. 

In Oregon, stalking happens if someone:

• Engages in repeated and unwanted contact with a person.
• The victim is alarmed or coerced by this contact.
• The victim feels apprehensive about their or their family’s safety.

Stalking is considered a Class A misdemeanor in Oregon, meaning perpetrators who are charged with it could face up to a year in jail and $6,250 in fines.

Those charged with stalking previously will be looking at a Class C felony, meaning they could be imprisoned for as long as five years and fined up to $125,000.

Initiating a false report

In Oregon, you can be charged with initiating a false report to law enforcement or other organizations that deal with emergencies (Oregon Revised Statutes 162.375). 

Making a false report to the police is sometimes also known as swatting. 

Perpetrators who face this charge are looking at a Class A misdemeanor, punishable by up to 364 days in jail and a fine of up to $6,250. Any convicted person will also have to repay the costs of responding and investigating the false report. 

In cases where a law enforcement special weapons and tactics (SWAT) team (or similar) responded to the report, the court can impose a term of incarceration of at least 10 days or 30 days if the deployment resulted in serious injury or death of a person. 

Is Doxxing Illegal at the Federal Level?

Despite all of the harmful behaviors that can stem from doxxing, it is not illegal at the federal level. 

However, some states, such as California, Illinois, and Arizona, have implemented anti-doxxing laws. 

Regardless of where you live, you should take preemptive measures to limit how much of your personal information is available on the internet. This will make it less likely that you will be doxxed, which in turn will make it less likely that bad actors will be able to find your contact information and engage in criminal activity with it. 

How to Protect Yourself Against Doxxing In Oregon (And Elsewhere)

To make yourself undoxxable, you should doxx yourself. This will give you a good idea of where your information is showing up online and what steps you need to take to delete it. 

To do so, follow our guide on doxxing yourself using our list of doxxing tools.

Once you’ve doxxed yourself and removed as much of the information that appears about you online as possible, consider the following:

• Changing your social media settings so that your profile information is private and your posts are only visible to friends. 
• Opting out from data brokers and people search sites to remove your profiles from their records. Data brokers are companies that collect your personal information and then sell it to more or less anyone who wants to buy it. Remember to opt out continuously as data brokers relist your data when they find more of it. Alternatively, you can sign up for DeleteMe – our privacy experts will opt you out from data brokers on your behalf. 
• Using unique usernames and passwords on each platform or app to make it harder for bad actors to track you.
• Scrubbing your personal data from Google’s search results. 
• Being very careful about what information you share online, especially in public places.

Read our guide on how to prevent doxxing to learn more. 

Pennsylvanians who want to protect their online privacy might want to know: Is doxxing illegal in Pennsylvania? 

In this guide, we’ll cover whether or not it’s legal for other people to share your information on the internet without your permission as a resident of Pennsylvania. We’ll also take a look at how the state views doxxing-adjacent crimes. 

Is Doxxing Illegal in Pennsylvania?

No. It is not illegal in Pennsylvania for someone to share your information without your consent. 

Doxxing usually relies on posting information that’s already in the public sphere, and there’s generally a significant amount of data on each person that’s publicly available. 

Doxxing Related Activities That Are Illegal In Pennsylvania

While doxxing itself may not be illegal in Pennsylvania, there are multiple crimes related to doxxing that are. These include harassment, stalking, and making false reports to law enforcement. 

Harassment

Harassment (Title 18 Section 2709(a) of the PA Crimes Code) is something of a broad catchall for bad behaviors in Pennsylvania. 

Perpetrators are charged with harassment in Pennsylvania when they have an intention to harass, annoy, or alarm the victim and then proceed to:

• Physically attack – or threaten to physically attack – the victim.
• Follow the victim through public places.
• Commit acts with no legitimate purpose.
• Subject the victim to “lewd, lascivious, threatening or obscene words, language, drawings or caricatures.” 
• Communicate anonymously with the victim.
• Communicate with the victim at “extremely inconvenient hours.”
• Communicate repeatedly in some other unspecified way.

If the victim is a child and the harassment is taking place online, there are additional considerations. 

The penalty for harassment is either a misdemeanor or a felony, depending on the conditions present in each individual case. The perpetrator can be charged with up to a year in prison and a potential fine of up to $2,500.

Stalking

An activity defined as Stalking (Title 18 Section 2709.1 of the PA Crimes Code) in Pennsylvania can happen in one of two ways. 

The first involves the perpetrator repeatedly behaving with the intent to place a person in reasonable fear of bodily injury or to cause them substantial emotional distress, such as by following them. 

The second happens when the perpetrator repeatedly communicates with the victim with the same malicious intentions. 

In other words, someone may be charged with stalking for physically menacing a person or doing it remotely (for example, through the internet).

The charge for stalking in Pennsylvania is typically a first-degree misdemeanor that can result in up to five years in prison and the potential for a fine of up to $10,000. 

However, if the perpetrator is a repeat offender or violated a restraining order to commit the crime, they can be charged with a third-degree felony and subjected to up to seven years in prison and a $15,000 fine.

False reports to law enforcement 

Making a false report (Title 18 Section 4906 of the PA Crimes Code) about someone else is considered a crime in Pennsylvania, with two distinctions regarding how penalties are applied. 

The first relates to falsely incriminating someone with the intent to implicate them in a crime. 

The second relates to knowingly reporting an incident that didn’t occur. This second version comes into play with instances of swatting, which can happen when an online troll (bad actor) finds out someone else’s contact information and sends the police to their residence or workplace under false pretenses. 

Swatting is one of the best reasons to try to keep your personal information private, as it has contributed to more than one death.

Falsely incriminating someone to law enforcement is a second-degree misdemeanor that can get perpetrators up to two years in prison and a fine of up to $5,000. Making a false report is a third-degree misdemeanor and can entail imprisonment of up to one year and a fine of up to $2,500.

Is Doxxing Illegal at the Federal Level?

There is no federal law that explicitly protects against doxxing. However, just like in Pennsylvania, there are federal laws that could come into play when doxxing-related behaviors take place. 

That said, some states, like California, Illinois, and Arizona, have made or are in the process of making doxxing illegal. 

Regardless of where you live, legal protections only come into play after you’ve been doxxed (and harassed, stalked, or swatted). For that reason, it’s important to take your online safety into your own hands and make yourself as undoxxable as possible. 

How to Protect Yourself Against Doxxing In Pennsylvania (And Elsewhere)

Making yourself undoxxable generally involves shrinking your online footprint – scrubbing all the places where your personally identifiable information is posted and then making sure it doesn’t get back out there again. 

To do so, your first step should be to dox yourself (follow our guide using our list of doxxing tools).

Once you’ve doxxed yourself, you’ll have a better idea of where your personal information is showing up. From there, you can methodically remove it and close the holes in your data security. 

Some steps you might want to take include: 

• Opting out of data brokers. Data brokers are companies that collect public information about people and sell it to third parties. They can be surprisingly thorough in their ability to find information about people, which makes it incredibly important to remove yourself from them. Note that data brokers renew their databases when they find more data about you. For this reason, you’ll need to repeat the opt-out process regularly. Alternatively, join a data broker removal service like DeleteMe – our privacy experts will continuously remove you from these companies on your behalf. 
• Change your social media settings to private, including your post settings and biographical information. 
• Stop downloading unnecessary apps that could be selling your data.
• Use unique usernames and passwords on all of the websites you visit.
• Remove your personally identifying data from Google.
• Be cautious about sharing your personal information online.

The less information there is about you online, the harder you will be to doxx. Read our guide on how to prevent doxxing to learn more. 

If you live in Massachusetts and have concerns about your personal information being posted online without your permission, you may be wondering: Is doxxing illegal in Massachusetts? 

In this guide, we’ll take a look at the state’s legal code, including behaviors related to doxxing that fall in the realm of criminal activity. 

Is Doxxing Illegal in Massachusetts?

No. The act of doxxing, or knowingly publishing personal information about someone else online without their consent, is not illegal in and of itself in Massachusetts. 

This is partly due to how much information about individuals is available in the public sphere, whether published by the owners of the information or not. 

Doxxing Related Activities That Are Illegal In Massachusetts

Even though doxxing itself is not illegal in Massachusetts, doxxing can sometimes lead to other behaviors such as harassment, making annoying phone calls or sending bothersome messages, making false reports to the police (such as swatting), and extortion – all of which are illegal in Massachusetts. 

Harassment

In Massachusetts, harassment (Massachusetts General Laws Chapter 265, Section 43A) refers to a pattern of behavior over a period of time that “seriously alarms” the victim. 

In other words, harassment is not a single instance or incident but rather a repeated action that “would cause a reasonable person to suffer substantial emotional distress.” 

The harassment can come from a variety of sources, including phone, mail, or email. 

Those who engage in harassment in Massachusetts can find themselves subject to up to two and a half years of imprisonment and a maximum fine of $1,000. Repeat offenders could find themselves in a state prison for up to 10 years.  

Stalking

To be charged with stalking in Massachusetts (Massachusetts General Laws Chapter 265, Section 43), two requirements must be met. 

The first is that the perpetrator “willfully and maliciously” commits a series of acts against the victim over a period of time that seriously alarms or annoys the victim to the point of “substantial emotional distress.”

The second is that the perpetrator makes a threat with the intent of putting the victim “in imminent fear of death or bodily injury.”

Those charged with stalking in Massachusetts could be imprisoned for up to five years and fined up to $1,000. 

If charged with stalking while in violation of a restraining order, a minimum imprisonment time of one year is mandated, with no option for parole, probation, or sentence reduction. Repeat offenders face imprisonment for between two and 10 years.

Annoying telephone calls or electronic communication

Massachusetts has a specific law pertaining to perpetrators who continuously make annoying telephone calls or send emails to their victims (Massachusetts General Laws Chapter 269, Section 14A). 

Those who do so “for the sole purpose of harassing, annoying or molesting the person or the person’s family” while using “indecent or obscene language to the person” can face up to three months in prison and a fine of up to $500. 

False reports to police officers 

One of the most dangerous practices to emerge in recent years is “swatting,” which refers to making hoax phone calls to law enforcement with the intention of sending armed police officers to the homes of unsuspecting victims. 

Swatting has led to multiple fatalities as victims are unable to handle the shock and don’t always respond well to law enforcement (who arrive expecting a threatening situation). 

This behavior is illegal in Massachusetts. Under Massachusetts General Laws Chapter 269, Section 13A, it’s illegal to make false reports of a crime to police officers. 

Doing so could lead to up to a year imprisonment and a fine of $100-$500.

Extortion

Attempted extortion in Massachusetts (Massachusetts General Laws Chapter 265, Section 25) is a serious crime warranting up to 15 years of imprisonment in a state prison and up to a $5,000 fine. 

To qualify as an act of extortion, the perpetrator must have malicious intent and either threaten to accuse another person of a crime or threaten an injury to another person unless they are given “money or any pecuniary advantage” or their victim carries out “any act” against their will.

Is Doxxing Illegal at the Federal Level?

There are no federal laws against doxxing currently. 

This is because doxxing – or posting information about other people without their permission – typically involves public information about that person. The information could come from the victims themselves (on social media, for example) or from public records (such as a courthouse). 

However, doxxing is a crime in some states, like California, Illinois, and Arizona. A growing number of states are discussing anti-doxxing laws. 

How to Protect Yourself Against Doxxing In Massachusetts (And Elsewhere)

Even though doxxing is an incredibly common practice, and there is no federal law protecting against it, that doesn’t mean you’re without options. Limiting your online footprint can effectively close the channels that bad actors could use to dox you (or worse).

You can start by doxxing yourself (follow our helpful guide) using this list of easy-to-use doxxing tools. Doing so will give you a better idea of where your information is accessible online and help you take the next steps to plug any information holes.

More than likely, after you’ve identified where your vulnerabilities are, you’ll find yourself needing to:

• Change your social media account settings to private. 
• Opt out of data brokers. These are companies that make money by collecting information about you and then selling this information to anyone willing to pay the asking price. Consider subscribing to a data broker removal service like DeleteMe to have privacy experts continuously remove your information from these sites (data brokers are known to relist your details even after you opt-out) on your behalf. 
• Create and use unique usernames for every platform, forum, app, and online account. 
• Use unique passwords, two-factor authentication, and/or a password manager to prevent hackers from guessing common passwords or trying to log into your accounts with passwords found in data breaches.
• Stop giving out unnecessary personal information on the internet, particularly in public places. 
• Remember that anything you post online in public could stay there indefinitely. 

For more information, check out our guide on how to prevent doxxing. 

Michigan residents concerned about online privacy might wonder: Is doxxing illegal in Michigan? 

Read on to learn whether sharing other people’s personal information on the internet is illegal in Michigan and when legal penalties might come into play.

Is Doxxing Illegal in Michigan?

No. Doxxing (or doxing), which refers to publishing someone’s personal information online without their permission, is not illegal in Michigan. 

However, that could change in the future, as legislators have in the past submitted a bill that would make doxxing a crime in Michigan. While the bill didn’t pass, it signifies that the state is interested in cracking down on the practice.

Doxxing Related Activities That Are Illegal In Michigan

Although no specific laws cover doxxing in Michigan at present, there are laws that protect residents against other activities related to doxxing. These include cyberbullying, cyberstalking, and stalking. 

Cyberbullying 

Cyberbullying is one of the more common crimes related to doxxing. 

Under the Michigan Penal Code section 750.411x, if someone makes a post on a public forum that puts you in fear of bodily harm or death, along with a statement of intent, it counts as cyberbullying. 

In Michigan, cyberbullying is a misdemeanor crime with a penalty of up to 93 days imprisonment and a fine of up to $500. 

Continued cyberbullying that leads to serious injury can be ruled as a felony charge with up to five years imprisonment and a fine of up to $5,000. 

If someone’s cyberbullying leads to the death of the victim, they can be charged with a felony that comes with a penalty of 10 years imprisonment and up to a $10,000 fine.

Cyberstalking

Cyberstalking refers to unwanted and repeated acts of contact in an online environment.

For a message to qualify as cyberstalking in Michigan, it must lead to two or more “separate noncontinuous acts of unconsented contact” with you. There are a few other qualifications, as described in the state’s penal code (section 750.411s).

Cyberstalking is a felony crime in Michigan, with most cases earning a penalty of up to two years imprisonment and a fine of up to $5,000. 

In situations that involve breaking restraining orders or conditions of parole or probation, the penalty goes up to five years imprisonment and up to a $10,000 fine. 

Stalking

Even though stalking usually (but not always) takes place offline, stalking is related to doxxing, as stalkers can find out their victim’s contact information using online resources.

Under Michigan Penal Code section 750.411h, stalking occurs when someone repeatedly or continuously engages in unconsented contact to the point where the person feels terrorized, intimidated, threatened, etc. 

Examples of unconsented contact include:

• Following or appearing within the sight of the person.
• Approaching/confronting the person in a public place or on private property. 
• Showing up at the person’s workplace or residence.
• Calling the person on the phone.
• Sending the person electronic communications.

In most cases, stalking is a misdemeanor crime in Michigan that comes with a penalty of up to one year in prison and a $1,000 fine. 

That changes to a felony if the victim is under 18 and the perpetrator is five or more years older than them. In this case, the punishment is imprisonment for up to 10 years and a fine of up to $10,000.

Is Doxxing Illegal at the Federal Level?

Despite the negative ramifications and dangers that can come from doxxing, publishing someone’s personal information online without their consent is not illegal at the federal level. The reason why is that doxxing typically involves publicly available information. 

That said, doxxing can frequently lead to other activities that are illegal at the federal level. 

While doxxing is not a crime federally, it can be at the state level. A growing number of states – including California, Illinois, and Arizona– now have anti-doxxing laws. 

If you live outside these states, you’ll want to make yourself as undoxxable as possible (for optimal privacy, you’ll want to do that even if you live within states with anti-doxxing laws). Doing so will help you proactively obscure your online presence, making it harder for doxxers to release information about you regardless of federal law. 

How to Protect Yourself Against Doxxing In Michigan (And Elsewhere)

To make yourself undoxxable, your first step should be to dox yourself. 

While it may seem counterintuitive, digging around the internet to see what information you can uncover about yourself is the fastest way to gain a better understanding of how exposed to doxxing you are. 

Doxxing yourself is a relatively simple process, but it’s important to be thorough to see all the places where your information may be posted. Follow our guide on how to dox yourself, and check out our list of doxxing tools. 

Once you’ve identified where your information is showing up online, your next steps will be to reduce your digital footprint. 

This will most likely involve: 

• Changing your social media account privacy settings to private rather than public.
• Removing your information from data brokers. Data brokers are companies that operate by aggregating information about individuals and selling them as profiles to anyone (which could include advertisers, political entities, or even cybercriminals looking to steal your identity or finances) willing to pay a minimal fee (sometimes these profiles also appear for free). Remember to opt-out continuously – data brokers are known to relist your profile when they collect more data about you. Or, subscribe to DeleteMe to have our privacy experts remove your personal information from data brokers on your behalf. 
• Learning to use unique usernames on all of your online accounts to make it harder for people to find you and track you on the internet. 
• Using unique passwords across your accounts and enabling multi-factor authentication to improve your protection against data breaches and hackers.
• Limiting how much unnecessary personal information you share about yourself on the internet. 

With these critical steps taken, your risk of being doxxed – or cyberbullied, cyberstalked, or stalked – will decrease, as bad actors will have a harder time finding your contact details. To learn more, see our guide on how to prevent doxxing.

If you’re living in Florida and notice that your personal information is published online without your knowledge, you’ll probably wonder: Is doxxing illegal in Florida?

This guide explores the legal landscape in Florida, examining how doxing is treated in the state and what steps you can take to protect yourself from getting doxxed in Florida or anywhere else in the United States. 

Is Doxxing Illegal In Florida?

In Florida, doxxing (i.e., the act of publishing someone’s personal information – like their name, address, phone number, or other personal details – online without their consent) is not considered illegal behavior. 

Doxxing Related Activities That Are Illegal In Florida

While there are no distinct state laws that directly address doxxing, the act can lead to other illegal activities under Florida law.

For example, cyberstalking, threatening or extorting someone, sending threatening letters, and making harassing phone calls. 

Cyberstalking 

Doxxing can frequently result in cyberstalking. This is when someone uses electronic communication for online harassment or to threaten a specific person, putting them in reasonable fear for their safety or the safety of their loved ones. 

In Florida, cyberstalking is a serious offense. Florida Statute 784.048 prohibits stalking and cyberstalking. 

Besides harassing someone electronically, the statute makes it clear that a person can also be charged with cyberstalking if they access or try to access your accounts or internet-connected home electronic systems. For this to be illegal, they must do so without your consent, with the aim of causing substantial emotional distress, and with no legitimate purpose. 

If you are guilty of breaking Florida’s cyberstalking law, you can be charged with first-degree misdemeanor. This crime is punishable by jail time (up to 12 months) and a fine (up to $1,000).

Aggravated stalking, involving credible threats, is a third-degree felony with more severe penalties. Cyberstalking is also a third-degree felony in Florida if the victim is a child under 16 years old or if the stalker violates an injunction for protection or a similar court order.

Threats and extortion

If someone has access to your private information, they may use it to threaten or extort you. 

The Florida Statute 836.05 criminalizes extortion. This includes maliciously threatening to accuse someone of a crime, injure a person, damage property, or harm reputation to extract a monetary advantage or compel them to perform/refrain from performing a specific act against their will. 

Extortion can be made verbally, in writing, or printed communication. 

Extortion is a second-degree felony punishable by prison time (up to 30 years) and a fine (up to $10,000). 

Written threats

Once someone has your contact details, they can send you threatening letters. 

Sending threatening letters is a punishable offense under the Florida Statute 836.10. The statute defines the offense as sending a person written or electronic communication threatening to injure or kill them or conduct a mass shooting or an act of terrorism. 

The threat also applies if the person threatening someone publishes the threat on their own Facebook page, and the person being threatened reads that threat later. 

To be convicted, it’s not necessary for the person threatening someone through written communication to have the intent to harm the victim. 

Classified as a second-degree felony, the crime of written threats involves severe consequences. Those found guilty face penalties including prison (up to 15 years), probation (up to 15 years), and a hefty fine (up to $10,000).

Harassing phone calls

Access to your contact details also means that someone could make harassing phone calls to you. 

Making phone calls to harass someone is considered illegal in Florida. This falls under State Statute 365.16. 

Under Florida Statute 365.16, harassing phone calls are defined as making calls to a location where the recipient reasonably expects privacy, making obscene comments or suggestions, or repeatedly calling to harass the recipient (even if no conversation ensues). 

Making harassing phone calls is a second-degree misdemeanor in Florida. Those convicted of making harassing phone calls can face jail time (up to 60 days) and a fine (up to $500). 

Is Doxxing Illegal at the Federal Level?

There isn’t a specific federal law that would make doxxing illegal. But when doxxing happens, other illegal activities that violate federal laws can frequently occur.

The reason doxxing is not illegal is that it usually involves publicly available information. That includes your name, home address, email address, etc. That said, a growing number of states, like California, Illinois, and Arizona, are enacting anti-doxxing laws. 

This absence of a federal statute highlights the importance of personal measures to protect oneself from doxxing. Being proactive and making oneself as undoxxable as possible is essential in this digital era, where personal information can easily be exposed and misused.  

How to Protect Yourself Against Doxxing In Florida (And Elsewhere)

To reduce the likelihood that you’ll be doxxed, you need to 

a) Figure out how much information there is about you online currently.

b) Delete or obscure as much of this data as possible. 

Start by doxxing yourself (follow our guide on how to do this and check out our list of doxxing tools). Once you’re aware of what personal data is published about you on the internet, you can take steps to remove it. 

This might involve:

• Removing your name from data brokers and people search sites. Data brokers collect personal information (including your family members’ details) from various online and offline sources and then collate it into profiles that are sold to anyone, including marketers, politicians, cybercriminals looking to carry out identity theft, and individuals who engage in cyberbullying and public shaming. Since data brokers relist your information when they find more of it, you’ll need to repeat the opt-out process regularly. Alternatively, subscribe to a data broker removal service like DeleteMe.
• Making your social media accounts private and adjusting privacy settings.
• Using unique usernames and passwords across your social media and other online accounts and enabling multi-factor authentication. 
• Downloading fewer apps (they can sell your data to data brokers).
• Removing personal data from Google Search. 
• Being careful about what you say and share online – especially when it comes to sensitive information like social security numbers (remember: even if you delete a social media or forum post later, you never know who might have already taken a screenshot of it). 

For more information, read our guide on how to prevent doxxing. 

If you live in Texas and are worried about your online privacy, you might be wondering: is doxxing illegal in Texas?

Releasing someone’s private information on the internet is scary and has severe consequences. However, the legalities surrounding doxxing in Texas are more complex than you might think.

This guide dives into these nuances, examining Texas privacy laws and their implications for doxxing. We also look at whether there are any doxxing laws at the federal level and what steps you can take to avoid doxxing. 

Is Doxxing Illegal In Texas?

Doxxing can be considered illegal in Texas, depending on what type of information is exposed. 

From September 1st, 2023, Section 42.074 of the Texas Penal Code criminalizes “Unlawful Disclosure of Residence Address or Telephone Number.”

Under this statute, a person commits doxing if they share someone’s telephone number or residence address on a publicly accessible website to cause them or their family member/household harm or threat of harm.  

Doxing under this Texas law is a Class B misdemeanor and is punishable by jail time of up to six months and a fine of up to $2,000. If doxing leads to bodily injury, it becomes a Class A misdemeanor.

Doxxing Related Activities That Are Illegal In Texas

Texas state laws also penalize other criminal activities that can come from doxxing. Criminal charges related to doxxing include harassment, stalking, and swatting.

Harassment

Publishing someone’s personal information online can often lead to harassment, which is illegal under Texas law. 

The Penal Code Section 42.07 outlines what constitutes harassing behaviors. For example, initiating communication and making obscene comments, proposals, requests, or suggestions. Or threatening to inflict bodily injury or commit a felony against them or their family, household, or property. 

The behaviors must be carried out with the intent to “harass, annoy, alarm, abuse, torment, or embarrass” another person. 

Harassment can happen in person or via an electronic communication device like a phone.

In Texas, harassment is a Class B misdemeanor and carries a hefty punishment. Depending on the severity, a person can face up to 180 days in jail and a fine of up to $2,000. Previous offenders can face harsher punishments and get charged with a Class A misdemeanor. 

Stalking

If someone has your personal details, they can stalk you. Texas covers stalking in detail in Section 42.072 of the Penal Code. 

Stalking is when someone engages in an action on multiple occasions with the intent to cause fear of death or serious bodily injury. This includes communicating with or threatening the victim directly.

Stalking applies to online and in-person communication. Criminal charges can be severe in Texas for anyone convicted of stalking. It’s classified as a third-degree felony. Anybody guilty of stalking faces up to 10 years in prison and a fine of up to $10,000.

If the defendant has any previous marks on their criminal record, this can elevate to a second-degree felony. That carries a more severe punishment of 2 to 20 years and a fine of up to $10,000.

Swatting

Once someone knows where you live, they can swat you. 

Swatting is when someone calls 911 to report an emergency to a location when there is no emergency. 

Swatting has become a common form of cyberbullying for online streamers. Someone who obtains your home address can report a crime at your house to law enforcement even if there isn’t one. When a police officer shows up expecting to find a crime, it can put the house’s residents at risk.

Swatting is covered under Texas Penal Code Section 42.061. 

It is a Class B misdemeanor that can result in the doxxer facing 180 days in jail and a fine of up to $2,000. 

Is Doxing Illegal at the Federal Level?

Currently, there is no federal law in the United States that directly targets doxxing. That means doxxing is not illegal at a federal level. The lack of a federal doxxing statute means individuals must proactively protect their personal information.

However, doxxing can intersect with other criminal offenses under federal law, like 18 USC 119, which protects covered persons (including witnesses in a federal criminal investigation) from having their restricted personal information from being made publicly available. 

Note that besides Texas, a number of other American states, like California, Illinois, and Arizona, have also passed anti-doxxing laws, while others have passed laws against doxing-like behavior, like cyberbullying. 

How to Protect Yourself Against Doxxing In Texas (And Elsewhere)

To reduce the likelihood that you’ll be doxxed, you need to reduce the amount of information there is about you online. 

The best way to do that is to doxx yourself. We have put together a guide on how you can do that. We also have a list of doxxing tools you might find useful. 

When you know what details someone could find about you on the internet, you can take steps to erase or at least reduce your digital footprint.

As a priority, you may want to:  

• Set your social media accounts to private mode and adjust the settings to hide all contact information like phone numbers and email addresses.
• Opt out of data brokers (companies that collect and sell your personal information without your consent). Or, subscribe to a data broker removal service such as DeleteMe.
• Use different usernames for each online platform you sign up for. This strategy prevents easy tracking of your online activities and profiles. 
• Delete your details from Google Search. 
• Be mindful of sharing personal details like your address or phone number, especially on public platforms. 

Read our guide on how to prevent doxxing for more information on how you can become undoxxable. 

Is doxxing illegal in Illinois? If you’re ​worried ​about personal information ​leaks and live in the​ state, you’ve come to ​the right place. 

​In this guide, we’ll cover whether doxxing is illegal in ​Illinois, what laws you should know, and ​how doxxing is treated federally ​throughout ​the United States. 

We also ​explain in detail ​what ​​steps you ​can take to ​protect yourself against ​doxxing so ​your information doesn’t get ​​published ​online without ​your ​consent. 

Is Doxxing Illegal in Illinois?

Yes, doxxing is illegal in Illinois under the Civil Liability for Doxing Act.

The law was passed unanimously by the Illinois State House of Representatives and Senate and signed into law by Gov. JB Pritzker in 2023. This ​anti-doxing law defines doxxing and outlines ​what constitutes personally identifiable ​information. 

It also allows victims to sue doxxers. David Goldenberg, Midwest regional director of the Anti-Defamation League (ADL), which advocated for the law, noted that “under this bill, victims now have a way to seek recourse from their attackers.”

The Civil Liability for Doxing Act goes into effect on January 1, 2024. According to the Daily Herald, it’s the first law of this kind in the Midwest. 

What Is Doxxing In Illinois?

The state of Illinois defines doxxing as the act of intentionally sharing someone’s personally identifiable information without their consent and with the intent of harming or harassing them. 

To be illegal in Illinois, a doxer must doxx someone with the knowledge or disregard that the information they publicly share could lead to stalking, bodily injury, or death. 

Under the Illinois doxxing law, illegal doxxing has occurred if the act of publishing information leads the doxxed person to:

1. “Suffer significant economic injury or emotional distress or to fear serious bodily injury or death of the person or a family or household member” or
2. “Suffer a substantial life disruption.” 

What Is Personally Identifiable Information In Illinois?

Illinois defines personally identifiable information as any data that makes it possible to identify an individual, like their name or date of birth, in combination with other information that is linkable or linked to that individual. 

Personally identifiable information can also include:

• Home address
• Phone number
• Email address
• Social media accounts
• Social security numbers
• Biometric data
• Medical, financial, education, consumer, or employment information/data/records
• Any other sensitive or private information, for example, gender identity or sexual orientation
• Any information that gives access to an individual’s teleconferencing. 

Are There Any Exceptions to the Illinois Doxxing Law?

Under specific circumstances, publishing or sharing someone else’s information may not be considered a crime. 

Primarily, the exception is related to providing information about criminal activity. When personal information is shared as part of reporting a crime, you are not violating Illinois anti-doxxing law. 

Here’s when it’s legal to share personally identifiable information:

• When reporting a crime or conduct you believe to be unlawful to a law enforcement or intelligence agency. 
• As part of any activities protected under free speech laws. 

Can You Sue Someone for Doxxing You Under the Illinois Law?

Yes, you can sue people for doxxing attacks and get a restraining order in Illinois. If the attack causes substantial life disruption or significant economic injury, you’ll have a strong civil and criminal case based on these new policies by Illinois lawmakers. 

A person found to have been doxxed under this law can recover damages and other relief, like attorney’s fees. 

As state Rep. Jennifer Gong-Gershowitz said, the Illinois doxxing law “creates a way to hold accountable those who perpetuate hate online.” 

Is Doxxing Illegal at the Federal Level?

In the United States, there’s no federal law making doxxing illegal. However, doxxing can intersect with other criminal offenses under federal laws. 

Although no federal law covers doxxing, several American states, including California and Arizona, have taken the initiative to pass anti-doxxing laws. Others have passed laws against doxing-like behavior, for example, cyberbullying. 

How to Protect Yourself Against Doxxing In Illinois (And Elsewhere)

The less sensitive personal information exists about you online, the less likely you are to get doxxed. 

To find out how much of your data is available online, dox yourself. Take a look at our guide on how to do this. We also share a list of doxxing tools. 

Once you’re aware of what someone could discover about you by researching you on the internet, you can reduce your digital footprint. 

These might include: 

• Removing your profile from data brokers and people search sites who gather your data from various online sources and then sell it to more or less anyone who wants it. Remember that you need to opt-out continuously – data brokers are known to relist your profile as soon as they find more data about you. Alternatively, sign up to a data broker removal service like DeleteMe to have privacy experts remove your data from brokers on your behalf.
• Adjusting your privacy settings on social media.
• Using unique usernames and passwords across all accounts. 
• Reducing how many apps you use (apps can sell your data to brokers and people search sites).
• Removing your details from Google Search. 
• Being conscious of your privacy when interacting online. Remember: the internet never forgets. 

Read our guide on how to prevent doxxing for more information. 

What is doxxing and swatting? As these two harassment and intimidation techniques become more popular, it’s essential that everyone is aware of what they entail. We’ll cover the basics of doxxing and swatting in this guide, along with how you can keep yourself safe.

What Is Doxxing?

Doxxing (also known as dropping dox or docs or doxing) occurs when someone releases your personally identifiable information – like your full name, home address, or social security number – online without your permission. 

Initially, the practice was used by hackers to “out” other hackers. However, recently, doxxing has become common among average internet users.  

Part of what makes doxxing so easy is the amount of personal information that’s available about most Americans on the internet. 

Although doxxers can buy your personal information on the dark web or trick you into sharing it through social engineering attacks (including phishing emails), private information can be just as easily found through Google Search, social media accounts (such as Facebook or LinkedIn), public records, data brokers, and other online sources. 

You may think that you don’t need to worry about doxxing if you’re not doing anything “wrong” or engaging in online harassment yourself. Unfortunately, that’s not true. Doxxers, internet trolls, and other bad actors can release your personal information without provocation, for profit, or even because they think you’re someone else. 

Doxxing isn’t typically illegal, but it can be paired with illegal activities such as harassment, cyberbullying, stalking, identity theft, and swatting.

What Is Swatting?

Swatting is one of the scarier actions that can come from being doxxed. It refers to calling law enforcement agencies (usually a SWAT team) or another emergency service on someone else with a false report to cause them distress.

Swatting entered popular culture in the mid-2000s when gamers (especially streamers on Twitch) started to use the personal details of an adversary (such as their home address) to make prank phone calls to police departments about a crime happening at that location. However, swatting is now becoming more common outside of gaming circles. 

Having an armed response team raid your home can be very distressing, and there have also been cases where people have died because of swatting. One man was shot and killed after local police received a hoax call about a hostage situation; another had a heart attack and died when armed police officers knocked on his door. 

Instigating a swatting attack is illegal, and efforts are underway by the FBI and law enforcement partners to compile a database of swatters and swatting incidents to help reduce them as much as possible. 

How Is Doxxing Related to Swatting?

Doxxing can lead to swatting. That’s because, for someone to swat you, they need to know where you live. In other words, your address needs to be available and accessible enough for them to find it. 

Your contact information (including your home address) may already be publicly shared on the internet, whether you’re aware of it or not. 

How to Avoid Doxxing and Swatting 

Since doxxing and swatting are so closely related, you can reduce the likelihood that you’ll be swatted by making yourself undoxxable – or, at least, less doxxable. People will have a much harder time sending law enforcement to your residence or workplace if they don’t know where those places are.

To minimize the chances that you’ll be doxxed, you need to shrink your online footprint. In other words, you need to remove personal information about yourself (especially your contact information) from public sources.

Here are some steps you can take. For a more comprehensive look at how to become undoxxable, read our blog post. 

1. Doxx yourself

Your first step should be to assess where your information is currently visible on the internet. You can do that by doxxing yourself. 

Use our guide to doxxing yourself and our list of tools to do so. 

2. Delete your personal information (if you can)

When you look for your personal information online, you may find your contact information (such as your home address, email, phone number, etc) on search engines, old blogs, social media profiles, forum accounts, etc.

Delete any unnecessary profiles or comments, and remove your personal details from any online biographies that you have access to.

You can also follow our guide on how to remove doxxing content on Google.

3. Remove yourself from data brokers

You will also likely find your information shared on data brokers and people search websites. These entities get your personal data from various sources, including public records, apps, and even credit card companies, and sell it to others. 

To remove your data from these sites, you’ll need to opt out of each data broker that has a profile on you. 

Opting out of data brokers is time-consuming, mainly because each broker has a different opt-out procedure. 

Note that you’ll need to repeat the opt-out process continuously. Data brokers never stop looking for information about you, and when they find more data, they relist your profile – even if you had previously opted out of their database. 

Alternatively, subscribe to a data broker removal service such as DeleteMe. Our privacy experts will delete you from data brokers on your behalf.

4. Make your social account private

Be wary of what you share on your social media accounts and how much is viewable by the general public. Some social media platforms let you see how your profile looks to different audiences (friends, the public, etc.), which is a good tool to use.

5. Follow cybersecurity best practices 

In general, following cybersecurity best practices can keep you safer online. Common practices include: 

• Having unique passwords for each online account.
• Using multi-factor authentication.
• Avoiding public Wi-Fi networks (or using a VPN – just remember that a VPN won’t protect you from malware).

Become Undoxxable (and Unswattable) 

Removing your personal data from the internet (and, in particular, data brokers) can reduce the likelihood that you’ll be doxxed or swatted. 

Remember also to avoid sharing any new data about yourself online. The less you give away, the less ammunition a potential doxxer or swatter will have to use against you. 

To learn more, read our guide on how to prevent doxxing.

If you’re concerned about doxxing, you may find it helpful to know that you can usually remove doxxing content on Google Search. 

Doxxing content includes personally identifiable information (PII) such as your real name, home address, phone number, etc. 

Can You Remove Doxxing Content on Google?

The short answer is yes: Doxxing content can be removed from Google. 

The longer answer is that the doxxing content you can remove on Google has to include specific personal data. You also need to go through a few steps to have it removed. 

Keep in mind: You’ll only be removing the listing from Google’s Search engine results. The content will remain on the internet (i.e., the site it was published on, whether that’s a news article or someone else’s blog). 

That said, Google’s stance on removing doxxing content from Search results has always been a strong one. 

In a blog post, Google wrote:

“For many years, people have been able to request the removal of certain sensitive, personally identifiable information from Search — for example, in cases of doxxing, or information like bank account or credit card numbers that could be used for financial fraud.” 

In support of this, Google recently implemented a new policy to increase the types of information that can be removed from Search results, including personal contact information and information that could put you at risk of identity theft (like login credentials).

Doxxing Content You Can You Remove from Google

You can request the following personal info to be removed from Google search results:

• Government identification numbers, including Social Security Numbers (for US residents), Resident Registration Numbers (for residents of South Korea), China Resident Identity Cards, and Single Tax Identification Numbers (for residents of Argentina).
• Financial details (including bank account numbers and credit card numbers).
• Pictures of your handwritten signature.
• Pictures of your personal identification (such as your driver’s license or state ID).
• Medical records or other restricted official records.
• Personal contact information (such as your physical address, phone number, email, and so on).
• Confidential login credentials (username and password).

Depending on the situation, Google might also remove professional contact information (such as your work address and phone number) from Search results at your request.

How to Remove Doxxing Content on Google

Follow the below steps to remove doxxing content on Google Search.

1. Go to Google’s support form and start filling it out 

Access Google’s support form located on the Google Search Help page. 

Once there, select “Content contains your personal information” from the list, and choose your country of residence. 

Click “Next.” 

2. Choose identifiable information you want to report 

On the next page, select the kind of identifiable information you’re reporting, such as “address, phone number, and/or e-mail address” or “bank account or credit card number.” 

3. Share additional details and confirm the content is shared for doxxing purposes

Depending on the option you select, you may be prompted to enter additional details (such as the last four digits of your government ID number or credit card number). 

Each option, however, will include a field like the one below. 

Select “Yes” if the content is being used for doxxing or “I don’t know” if you aren’t sure but suspect it could be.

4. Fill out your contact details

On the next screen, you’ll be prompted to fill out additional details. 

At the top will be your contact info, which you should complete so Google can let you know how the process went.

5. Answer questions about the content you’re reporting 

Below your contact information, you’ll be asked to fill out information about the content you’re reporting, including how it appears in Google Search.

6. Upload screenshots of the content you’re reporting 

Lastly, you’ll need to upload screenshots of the information, along with any additional details, and affirm that you are authorized to request removal of the doxxing content.

What Factors Does Google Consider When Evaluating for Doxxing?

Google’s ability and willingness to remove doxxing content depends in part on how the information appears. 

Most notably, Google will actively remove personally identifiable content if it meets both of these requirements: 

• It includes the ability to find you or get in touch with you (your contact information, in other words). 
• It includes either a threat toward you (including implicit threats) or calls for others to harm or harass you.

What Happens If Google Approves My Doxxing Content Removal Request?

Once you’ve submitted your removal request to Google, their support team will review it. 

To decide whether or not to approve your removal request, Google’s team will try to determine if the content you want removed is part of a public record on official sources or government sites. If it is, they will not remove the content. 

Depending on the type of doxxing content you’re requesting to have removed, one of two things will happen if your request is approved. 

1. If you are requesting to have financial information or confidential ID information removed, the web page will no longer appear in Google Search results, regardless of what people type in to try and find it. 

2. If the information about you appears on a page with content that is “of public interest” or includes information about other people, the URL will no longer appear in Google Search results in conjunction with your name. In other words, it could still appear in search results, but not to someone who is also searching for your name. 

What Else Can You Do to Remove Doxxing Content on Google?

It’s disconcerting and even dangerous for your personal information to appear on Google without your permission when you don’t want it to. 

While requesting Google to remove doxxing content from Search results is a step in the right direction, your request might not be approved. And even if it is, the content is still on the internet for others to see.

As a result, you should take additional steps to protect your online privacy. 

If your information appears on websites owned by other people, be prepared to contact them and ask them to remove it. 

If it’s a data broker, you can submit an opt-out form or send an email specifically requesting that they remove your profile. Remember that you’ll have to repeat the process of opting out of data brokers repeatedly unless you subscribe to a data broker removal service like DeleteMe, which can do it on your behalf. 

Make sure you’re not accidentally doxxing yourself by revealing too much personal information on your social media accounts, blog, website, forum posts, and website comments. 

Set your privacy settings to private rather than public as a precaution. In general, be careful about how much you share when you interact online. 

California residents who see their personal information like name or home address published online without their consent might wonder: Is doxxing illegal in California?

This guide answers this question while also explaining the steps you can take to protect yourself from getting doxxed in California and elsewhere. 

Is Doxxing Illegal in California?

Doxxing is illegal in California if it places the victim in reasonable fear for their safety and is done with the goal of harassment, unwanted physical contact, or injury, as per section 653.2 of the California Penal Code. 

Doxxing is the act of publishing identifying or private information about a person without that person’s consent. Examples of personally identifying information might include a person’s contact information like their phone number or residential address, job information, family member details, social security number, etc. Doxxing usually has malicious intent behind it. 

Under California law, it doesn’t matter how doxxing information is distributed. For example, through email or as a hyperlink, and through what means, i.e., an electronic communication device can be a cell phone, computer, web page, or even fax machine or video recorder, etc. 

Violating section 653.2 of the California Penal Code is a misdemeanor that can be punished by a maximum of one year in jail, a fine of up to $1,000, or both. 

Doxxing Related Activities That Are Illegal In California

California also penalizes other criminal activities that can come from doxxing, including stalking and making criminal threats. 

Stalking

Publishing someone’s home address or other personal details (like where they work) can often lead to stalking.

Under California law and the Penal Code 646.9, stalking (including cyberstalking) involves repeatedly following or harassing someone (online harassment/cyber harassment is included) to the point where they feel afraid for their safety or the safety of their family. 

Violating Penal Code 646.9 can lead to jail time of up to one year, a $1,000 fine, or both. However, this is only if the perpetrator faces a misdemeanor charge. Depending on the severity of the crime, the violation may be charged as a felony. 

Making criminal threats

It’s not unusual for someone who is doxxed to start receiving threats. 

In California, this crime is known as making criminal threats. It is defined in Penal Code 422 as when a person threatens to commit a crime that can cause death or significant bodily injury to another person or that person’s immediate family. This still qualifies as a crime even if no physical act occurs. 

The threat can be made verbally or through electronic communication, like email or text messages. 

Criminal threats can be prosecuted as either a misdemeanor or a felony. For misdemeanors, the maximum penalty is one year in county jail. For felonies, the sentence can be up to three years in state prison. This punishment can include a fine of up to $10,000 and probation.

Making annoying phone calls

Once a doxxer has your phone number, they or anyone else can make annoying or threatening phone calls. 

In California, making phone calls or electronic communications with the intent to annoy is subject to Penal Code 653m. This includes calls or communications that are obscene, threatening, or repeatedly harassing. Calls made in good faith or for legitimate purposes are excluded. 

Violating this law is punishable with a sentence of up to six months in a county jail and a fine of up to $1,000. It’s a misdemeanor crime, and judges can impose other conditions of probation beyond the expected punishment. 

An important aspect of California’s law is that not every communication deemed annoying qualifies as criminal. The communication must also:

• Contain obscene language or threats.
• Be part of an excessive series of repetitive calls.

Is Doxxing Illegal at the Federal Level?

In the US, doxing is not currently illegal at the federal level. 

Each state is responsible for setting its own laws, regulations, and punishments related to doxxing. 

However, some federal laws could punish doxxers. For example, 18 U.S.Code §119 is a federal statute under which it’s illegal to share restricted personal information about covered persons (e.g., grand or petit jurors, witnesses in a federal criminal investigation, etc.). 

Some states, like California, Illinois, and Arizona, have made doxxing illegal.

How to Protect Yourself Against Doxxing In California (And Elsewhere)

To protect yourself against doxxing, you need to reduce the amount of personal data that exists about you online. 

Few people realize how much of their personal information lives on the internet. To figure out how easy it would be for someone to find this information, try doxxing yourself. You can follow our guide on how to do this. We also have a list of doxxing tools you can use. 

Once you know what data exists about you on the internet, you can take steps to delete or hide it. 

This might involve:

• Opting out of data brokers who collect our data from all kinds of sources and then collate it into comprehensive profiles, which are sold to more or less anyone. You can also subscribe to a data broker removal service like DeleteMe, which will opt you out of brokers on your behalf. 
• Making your social media accounts private.
• Adjusting privacy settings on social media platforms.
• Using unique usernames across all your online accounts. 
• Reducing the number of apps you download and use (these can sell your information to data brokers).
• Removing personal and harmful information from Google Search. 
• Being mindful of what you say online (remember, even if you delete a post or a comment, someone might have already taken a screenshot of it).

To learn more, read our guide on how to prevent doxxing. 

Is Doxxing Illegal in Your State?

“How does doxxing work?” This was the question I asked myself when I first heard about doxxing and people getting their private information exposed on the internet. 

Trying to answer it led me down a rabbit hole of details that clued me into how people can find your information and what they can do with it. 

In this guide, I’ll share what I learned with you – as well as steps you can take to mitigate the risk of getting doxxed. 

How Does Doxxing Work?

Doxxing or “dropping dox” (or docs) on someone typically involves collecting small amounts of information left by a person all over the internet – and then releasing some or all of that information without their permission. 

Doxxing attacks can often lead to online harassment and cyberbullying. 

Some people have also been swatted (when someone sends law enforcement to their house with malicious intent), stalked, or even killed with the information acquired through doxxing. In other words, it’s a real threat and not something to be taken lightly.

Finding information to doxx you with can be done in several ways. Here are some of the most common among internet trolls and other bad actors:

Username tracking 

One of the easiest ways people can find out more about you is through your username.

If you use the same username across multiple online accounts or apps – whether it’s for social media, posting on YouTube, forums, shopping accounts, and so on – a person who comes across you on one site or app can immediately find you everywhere else you hang out on the web. 

All they have to do is type your username into Google or another search engine. 

To mitigate this risk, use a unique username for every account. None of your usernames should include real-life information, like your surname or even name. 

Data brokers

If someone has your name/phone number/email address/username, they can find out a lot more about you using a data broker site. 

Data brokers operate by collecting and compiling pieces of information on individuals into a single profile and then selling that profile for a small fee to anyone interested in it. 

The information that data brokers offer can come from a number of sources, including social media accounts like Facebook, Instagram, X, TikTok, or LinkedIn, as well as websites, news articles, retail outlets, and more. 

Sometimes, data brokers also obtain sensitive personal data, including social security numbers. While they may not openly sell that information, a data breach can leave you open to identity theft and worse when your private data winds up on the dark web.

Many data brokers will give you the option of “opting out” of their services. You can find opt-out forms or email addresses to contact them and request the removal of your profile on their websites. 

Keep in mind, however, that data brokers collect information continually to renew their databases, so you will need to repeat the process periodically to keep your data private. 

Alternatively, there are data broker removal service providers like DeleteMe that can remove you from data broker databases on your behalf.

Public records

By default, public records are meant to be exactly that – open to the public. That means that anytime you’ve been arrested, gotten married, gotten divorced, had a traffic violation, obtained land, or anything of that nature, the record exists and can be viewed in person or even online. 

In many cases, you can contact the court with the record and request that it be sealed to the public, but you will need to make a compelling case as to why the record should be sealed (for your safety, for instance).

Social media stalking 

Social media stalking happens when someone digs through social media sites, finding as much information as possible about you. 

To increase your privacy: 

• Optimize your privacy settings.
• Make your social media profile and biographical information private.
• Remove personal details such as your real name, workplace, and relationship status. 
• Remove geolocation from your photos.
• Avoid mentioning your family members in public posts. 

Tip: By protecting your privacy on social media, you’re not only reducing the amount of information a doxer has to work with but also increasing your cybersecurity – and reducing the risk of cyber attacks. Hackers and cybercriminals use personal data on social media to guess login credentials (despite what many people still think, information like your spouse’s name is not a strong password) and bypass security questions. 

Whois search

Whois is a simple service that lets you do a reverse lookup on a website’s URL or an IP address to find out the contact information of who owns it. Depending on the website registration type, it could include your full name, phone number, home address, and email address. 

Most domain registrars offer the ability to make your real identity private or obscured, sometimes for an additional fee. 

If you’re not sure about your domain, you can go to the Whois lookup tool and type in the URL. Ideally, you’ll see something along the lines of this screenshot (with “Registration Private” indicated).

Phishing

Another way doxxers can get your sensitive personal information – including your address, social security number, credit card number, and bank account information – is by social engineering, and more specifically, phishing. 

Phishing can happen in many ways, but the most common is when someone sends a “spoof” email or text from what looks like a legitimate business (such as Amazon, Microsoft, or Revolut). 

Here’s an example of a phishing text: 

By clicking on a link within the scam email or text and then entering your personal information, you are handing it over to doxers.

In some cases, doxers may also trick you into clicking a link that leads to malware that can then steal your credentials to your email account, etc. For this reason, it’s a good idea to use a password manager and multi-factor authentication. 

IP doxxing 

The fear that someone might leak your IP address and then use that to dox you is a common one, especially in the gamer community. However, unless the doxer manages to successfully socially engineer your internet service provider (ISP) into giving up your personal information, they are unlikely to be able to do much harm to you. 

The reason why is that your IP address reveals only your general vicinity. It also changes all the time. 

That being said, if you’re still worried, you can always use a virtual private network or VPN (something that you should be doing anyway if you’re ever connecting to public Wi-Fi). 

Reduce Your Risk of Doxxing

Doxxing and the potential effects that come from getting doxxed – including swatting and death threats – can be terrifying, but fortunately, once you know how it works, you can take steps to reduce your risk. 

To learn more, read our guide on how to prevent doxxing.

After learning about how damaging and even dangerous having my information exposed online is, I made it a priority to find out how to prevent doxxing (and swatting) by keeping my identity as separate as possible from my online personas. 

In this guide, I’ll go over the steps you can take to do the same.

What Is Doxxing? 

A form of online harassment, doxxing involves publicly sharing someone’s personal information without their consent. 

The practice originated in the hacker community in the 1990s when one hacker would ” drop dox” (short for documents or docs) on another hacker and has since become incredibly common among internet trolls. 

You can get doxxed for pretty much anything these days – including liking a specific manga series, as this X (formerly Twitter) user found out:

To learn more about doxxing in general, as well as swatting (a practice that involves making false reports to law enforcement about someone else so that they go to the victim’s address), read our guide on doxxing and swatting.

How to Prevent Doxxing 

It doesn’t take much for someone to doxx you – all they need is some basic information about you and the malicious intent to do something with it. That’s why it’s important to think of all the places doxxers can find your private details and then do your best to hide or remove your information from them.

Here are some steps you can take to minimize your digital footprint and reduce the likelihood of getting doxxed. 

Remove yourself from data brokers

One of the easiest ways for someone to doxx you is through a data broker website, aka people search site/phone number lookup site/email address lookup site. 

Data brokers are websites that collect data on individuals from a variety of sources (public records, social media, etc.), package this data into profiles, and then sell these profiles to others for as little as $0.99. Sometimes, data brokers even give away personal information for free. 

Finding out more about you through a data broker website is really simple. All someone needs is your name/phone number/email address, or username. 

Once they type this information into the search bar of the data broker site, they will get a report about you.

Here’s what a sample report looks like:

Data broker reports contain a lot of information. A typical report can include:

• Full name
• Alias
• Home address
• Phone numbers
• Email addresses
• Family member information
• Education history
• Employment
• Social media profiles 
• Bankruptcy information
• Divorce records 
• …and much more! 

Basically, all the information someone who wants to dox another person needs (data broker information can also be used for identity theft and cybersecurity threats).

Fortunately, you can remove yourself from data brokers by opting out of their databases. 

To do so, you’ll need to complete an opt-out form or send an email to every data broker website that your information appears on (the opt-out process differs from one data broker to the next). 

Something to keep in mind is that data brokers renew their profile databases regularly. This means that when data brokers scrape more data about you, they will start a new profile on you, and you’ll need to contact the same data broker again.

If you’d rather not have to opt out from data brokers manually, you can subscribe to a data broker removal service like DeleteMe, where privacy experts will opt you out on your behalf.  

Remove personal info from other sites

Data brokers are not the only sites that expose your personal information. Your own personal sites might also reveal too much. External sites can likewise put you at risk. 

Personal blogs

If you have a website or blog, remove your personal data from it so your full name, address, phone number, and email address can’t be easily collected. Using a contact form instead of leaving your email address visible is a good option if you want to remain reachable. 

Website owners can also usually request that domain registration be made private so users of Whois lookup tool aren’t able to find their contact information.

External sites

If your personal info is on an external site, such as a Medium publication, a local community newspaper, or someone else’s blog, contact the owner of the page or publication and ask them to remove your details.

To find out who to contact, look for a “Contact Us” tab on the site or check Whois to see if their contact information is visible. 

Ask Google to remove personal information 

If you do a Google search of your name or other personal information and see results that contain information you’d rather keep private, there’s an easy way to request Google to remove it. 

To do so, click on the three vertical dots to the right of the URL for the search result.

A popup menu will open. Click “Remove result” to be presented with a list of choices as to why you’d like to remove the result.

You can choose to remove the information either because it has your contact information, someone is attempting to harm you with the information (using online harassment), or whatever reason best fits your situation.

Set up Google alerts

To find out whenever information about you appears on Google Search, you can set up a real-time Google alert on yourself. That way, anytime more info appears, you’ll be notified, and you can take steps to remove it from the search engine if needed.

To set up a Google alert, go to the Google Alerts page, sign in to your Google account, and enter your name.

Treat every account as a separate entity 

Do you use the same username across different online accounts? If yes, doxxing you has become much easier. 

To prevent a doxxing incident, keeping your accounts unique and separate is key.

Here’s how: 

• Use different usernames and passwords on every website. 
• Avoid using real-world information whenever possible (including your real name, phone number, and date of birth). Not only can this information be used to dox you, but combined with your social security number, it can be used to open bank accounts and credit cards in your name.
• Don’t use identifying profile pictures. 
• Avoid using the same words and phrases between your different accounts. 
• Never link your accounts to one another. 
• Create multiple anonymous accounts on forums like Reddit, i.e., a different, unique profile for each one. Otherwise, you’ll be leaving breadcrumbs for someone to follow.

Compartmentalize your email accounts 

Your email address can expose your identity. In the event of a cyber-attack or data breach, keeping your email accounts separate can help minimize the possibility that your other accounts and real identity will be jeopardized and end up on the dark web. 

Tip: If someone typed in your email address into the HaveIBeenPwned tool, how many sites that you have an online account with would they be able to trace to you? 

At a minimum, you should aim to have an “official” or professional email address, a personal email address for friends and family, and an email address for miscellaneous websites. 

Adjust social media privacy settings

Check the privacy settings for every social media account you have. 

Make sure that your biographical information and your posts are set to “friends only,” private, or whatever setting that hides your personally identifiable information and other details about your life from the general public.

If the platform allows you to opt out of data tracking or sharing, personalization, personalized ads, or anything along those lines, opt out to maximize your online privacy. 

You may be prompted that the functionality of the platform will be affected, but it’s a small trade-off for protection from harassment and cyberbullying.

Protect your IP address

There’s a lot of discussion about the importance of using a virtual private network (VPN) or Tor to hide your IP address so as not to get doxxed. 

But what can someone actually do with your IP address? Well, they can get an idea of your geographic region, your ISP, and your interests (based on the websites you visit). However, unless it’s law enforcement or some other government agency that’s after you, the chances of them being able to get your specific personal information with your IP address are slim. 

The reason why is that most IP addresses are dynamic, meaning they change constantly. 

That being said, if you believe that the person who’s after you can potentially find what IP address you were using on a specific date, then using a VPN or Tor is the safest option.

Beware of social engineering attempts 

Someone can use a phishing email or message to trick you into handing over your personal details or clicking on a malware file disguised as something else that ends up being an info stealer. 

Remove geotags from photos

Anytime you upload a photo to the internet, it can potentially be traced back to your specific location – unless you remove the geotag from it. 

To remove your geotag from a photo before uploading it on your iOS phone, tablet, or laptop, go to your Photos and pull up the photo you’d like to upload. 

Click the “Share” button in the lower left corner, and then click “Options” on the top of the screen. 

Once there, you’ll see a “Location” slider (which is always on by default). Slide it to the left to turn it off. You’ll need to do this for every photo or batch of photos you upload.

On Android, open Google Photos, open the photo you’d like to share, click the three vertical dots, and then “Edit.” 

Click “Remove location.” 

As with iOS, you’ll need to do this with each photo, batch of photos, or video you upload to remove the GPS location data.

Use strong passwords and multi-factor authentication 

Using the same password on multiple sites is a definite no-no, but what about using weak passwords? 

If you use personal pieces of information like your spouse’s name, variations on the same word, or simple sequences of numbers and letters, it’s relatively easy for someone to guess your password. 

You can set up a strong password by avoiding any real words, incorporating upper and lowercase letters, using special symbols (like ( , ! > and so on), and including non-sequential numbers. 

Tip: Use a password manager to create unique passwords and keep track of them. 

Don’t overshare 

Whenever you’re posting or sharing something online, keep in mind that anything you upload can be used against you. Even the things you don’t think matter can be used to build a profile about who you are. 

The worst part? Whether it’s deliberately saved by someone else as a screenshot or an automatic content scraper, the information you shared up until now could stay on the internet forever. 

Doxx yourself 

Now that you’ve (hopefully) done some of the above, it’s time to check what your digital footprint looks like. 

How hard would it be for someone to doxx you right now? 

→ Do a Google search on your own name and read what comes up, noting any personal details or private information (taking steps to remove it if needed). 

→ Go to your social media profiles, Reddit username profiles, and any other profiles you have to see if you can use the public information there to figure out more about yourself and track down your other accounts. 

For a step-by-step guide on how to doxx yourself, read our guide and use our list of self-doxxing tools.

Prevent Doxxing 

By taking steps to prevent your private information from being publicly available, you’ll decrease the potential that someone can get ahold of it and dox you. 

As long as you have a presence on the internet, the risk will always be there. But by being vigilant, taking security precautions, and regularly checking for your information online, your chances of experiencing a doxxing attack will be much slimmer. 

Your name, address, and phone number have been published online without your consent, and you’re now receiving harassing social media messages and intimidating phone calls. Known as doxxing, this situation is becoming more common among average internet users. 

In this guide, we’ll provide an overview of what doxxing is, along with how you can protect yourself against it.

What Is Doxxing? 

Doxxing (or doxing) is an increasingly common online practice that involves another person releasing your private information without your permission. The information released can include your:

• Full name
• Phone number
• Address
• Photos
• Criminal history
• Social security number 
• Family member details.

Doxxing typically has harmful or malicious intent behind it and is used against individuals with whom the doxxer disagrees. 

When and where did doxxing emerge?

Doxxing is said to have originated in the 1990s among hacker communities, where maintaining privacy was key. It was considered incredibly damaging when one hacker would release the personal information of another hacker by “dropping dox” (slang for “docs” or “documents”) on them. 

Today, doxxing has spread well beyond hacker communities. 

More than 43 million Americans report being doxxed as of 2023, with two-thirds either having been a victim or personally knowing someone else who has, according to a recent study by SafeHome.

How does doxxing relate to swatting? 

Doxxing is related to swatting, another form of cyberbullying that crosses into the physical world. 

However, in the case of swatting, the perpetrators will call law enforcement to your home, work, or family member’s address under the (false) pretense of a horrible crime underway. 

This can lead to significant distress, property damage, physical harm, and even death.

While most doxxing doesn’t get to the level of swatting, swatting is an example of what someone with harmful intent can do with your private information. 

This dangerous prank is particularly prevalent in the gamer community:

How Does Doxxing Work?

For doxxing to happen, attackers need your personal information, which can be obtained through several sources, such as:

• Data brokers. Data brokers are companies that exist to harvest personal data on individuals and then sell this data for a nominal fee to anyone who wants it. Data broker information can include details like your name, address, phone number, social media accounts, photos, family information, education, and more. Data broker profiles are one of the easiest ways to acquire personal data about someone, not only because they include a ton of data in one place but also because they tend to appear on the first page of Google when someone looks up someone’s name. Here’s an example of what a data broker profile looks like:

• Public records. Government entities such as courthouses sometimes have searchable online databases of public records pertaining to individuals, including marriage records, land transfers, and more. Public records are one of the primary information sources for data brokers. 
• Social media stalking. If your social media accounts are accessible to the public, then it’s easy for others to browse through everything you’ve posted. Going back to the beginning of your timeline, someone can glean information about your life as they do so. Social media is a popular source of information for data brokers. 
• Phishing. If you get a text or email asking for your private information from an unrecognized email address, it may be a phishing attempt in which someone is trying to trick you into handing over your personal data using social engineering.
• Whois search. The private information of website owners, potentially including your full name, address, phone number, and email address, is often readily available using the Whois lookup tool.
• Username tracking. If you use the same username across multiple platforms, such as X, Reddit, and Instagram, you’re opening a window for others to follow your trail and easily compile information on you. Some data brokers let you look up individuals based on their usernames. 

Doxxing Examples 

Doxxing can have varying degrees of impact based on who is victimized and the severity of the information released. 

Sometimes, it’s celebrities who are doxxed – in 2022, Elon Musk suspended an account on Twitter for tracking the live physical location of his jet. Even though the information was technically public, aggregating Musk’s whereabouts under a single account crossed a privacy line.

Other times, doxxing victims become unwittingly entangled in a web of criminal activity. Such was the case for the clients of Ashley Madison, an online website for married individuals to coordinate affairs. The business was targeted by hackers for unpublicized demands, and upon failing to meet them, the hackers published the information of millions of users in what became a high-profile scandal and an example of “organizational doxing.”

Doxxing can essentially happen to anyone. Following the death of George Floyd while under police custody, high-ranking police officers in several large U.S. cities had their home addresses and contact information shared across social media platforms as part of a wave of public dissent against law enforcement officials. The same thing is now also happening to public officials and judges. 

In the worst cases, doxxing can lead to death threats and homicide. In just one such example, the names and addresses of doctors who performed abortions were posted online in the 1990s and early 2000s; eight of those doctors have since been murdered. 

Is Doxxing Illegal?

In most cases, doxxing is not illegal. This is because doxxing typically relies on public information, and gathering and releasing that information is, in itself, not a crime. 

But whether or not doxxing is a crime can change depending on how the information is used, with doxxing being a natural springboard for other crimes – including harassment, identity theft, stalking, and worse.

Note: Some states and countries take doxxing more seriously. In 2021, the state of Nevada passed a law that lets doxxing victims take civil action if their personal data is published with the intent of harassment, stalking, or death. That same year, Hong Kong amended its privacy law to include doxxing.  

Dangers of Doxxing 

Doxxing can cause or result in the following:

• Anxiety and psychological distress. Victims of doxxing frequently report having high levels of stress due to having their location and contact information made public. 

• Harassment. If someone has your phone number or email address, they can continually harass you with phone calls and emails at any time of day or night; this could extend to your place of work and your family members’ homes and workplaces.

• Stalking. One of the more serious manifestations of doxxing is stalking – once someone has your home address and/or your work address, they can potentially follow you and track your behavior in person. 

• Vandalism. If someone knows where you live, what car you drive, etc., they can vandalize your property. For example, slash your car tires, break your house windows, and so on. 

• Impersonation. Using your personal information, someone can set up a social media profile under your identity and then interact with and mislead others.

• Identity theft. Attackers can use your personal information to set up financial accounts, open credit cards, file tax returns, or get insurance or medical operations performed – all under your name.

• Reputational harm. If you’ve ever said anything in a private message or email that you’d rather not be made public, you can understand the possible reputational risks that can come from being doxxed. Trolls and attackers also know this and will often use your words against you.

• Homicide. Instances of death threats being reported following a doxxing incident are sadly common, and sometimes, they can escalate into bodily harm to the point of murder.

How to Prevent Doxxing 

The only real way to prevent a doxxing attack is to keep your actual identity under wraps as much as possible while using the internet. 

It can be easy to overlook how much information is out there about ourselves, let alone what may be on the dark web. For this reason, it is a good idea to conduct an online audit where you go to each of your online accounts and check your privacy settings. Be sure to look at how much of your private data is set to “public.”

Do the same for your posts – try to look at your accounts, profiles, and timelines through the lens of someone trying to find out as much as possible about you. 

Could they find out where you live, the names of your children, or where you work during the day? Can they figure out your entire life story by piecing together your profiles across similar usernames and data broker websites? 

Tip: Look up your name and some common usernames you use on a search engine like Google to see what kind of information a potential doxxer could find out about you. 

You can reduce the risk of being doxxed by using different usernames and strong passwords (consider getting a password manager) for every platform, enabling two-factor authentication (a good cybersecurity practice in general), never using your real name, using a virtual private network (VPN) to hide your IP address, and keeping your social media posts private. 

Tip: Set up Google Alerts to be notified when there’s a new mention of your name online. 

However, even after you take these steps, much of the information you previously shared will remain on data broker sites. 

Luckily, most data brokers let you opt-out. Something to note, however, is that the opt-out process differs from one data broker to the next.

Remember that opting out of data brokers once is not enough. Data brokers are notorious for relisting people’s information as soon as they collect more of it. For this reason, you need to check their databases regularly. 

Alternatively, you can subscribe to a data broker removal service like DeleteMe to have our privacy professionals continuously monitor for and remove your personal information from data brokers on your behalf.

What to Do If You’ve Been Doxxed 

If you believe you’ve been doxed, follow these steps:

• First and foremost, if you believe your safety is at risk, get somewhere safe.
• Collect evidence of the doxxing by taking screenshots of information that’s been posted online (including the data published and website URL). This evidence will be important for law enforcement purposes.
• Contact the platform you’ve been doxxed on and report it; with luck, they’ll be able to respond quickly and remove the post that exposes your personal information. 
• Contact law enforcement (such as your local police department) if you feel that the doxxing could lead to harm against you (sharing any evidence you have of the doxxing with you).
• Tell someone close to you. Doxxing can be stressful, and having someone else who is aware of the situation and willing to help you navigate it can help. If the information of your family members or friends has also been compromised, be sure to let them know as well. 
• If your financial account information was doxxed, contact your financial institution(s) immediately and let them know what happened so they can watch for any suspicious behavior in your bank account. Change your online account passwords as needed.
• If the person who doxxed you is on a social media platform of some kind, be sure to block their username so they cannot see your information any longer. Consider changing your settings to “Friends Only” or private (depending on the platform) to limit how much of your personal data public viewers can see.

How to Report Doxxing

Depending on where the doxxing took place, you may be able to report it to the platform and have it removed, along with alerting the platform to the bad behavior of the doxxer. On social media websites, information on how to report doxxing can typically be found within the community guidelines. 

You can find Facebook’s guide here, Instagram’s report form here, and X’s information policy and how-to guide here.

Protect Yourself from Doxxing

With two-thirds of Americans now being the direct victim of doxxing or knowing someone who is, it’s clear that doxxing isn’t going to go away anytime soon. 

Fortunately, you can minimize your risk of falling victim by keeping your online presence private. Don’t make your personal details public or associate them with your real identity and remove your name from data broker databases. 

Keeping your online footprint to a minimum can limit your chances of being doxxed.

For more information, read our guide on how to prevent doxxing.