The internet is, in theory, a place where some degree of privacy and even anonymity may be possible depending on how careful you are, what precautions you take, and how diligent you are in controlling access to your private information.
But the system, like its users, is not perfect and it’s possible to “out” someone’s real identity, home address, and other details that the victim of doxing may have wished to stay out of the public eye.
Doxing, also spelled doxing, can be simply defined as the act of releasing information to the public that someone else wants to keep private. More formally, Merriam-Webster defines doxing as, “to publicly identify or publish private information about (someone) especially as a form of punishment or revenge”.
Some doxing might seem harmless to someone who doesn’t really think about the concept, other instances may be immediately recognizable as the harassment that it is.
Doxing could be the simple release of a private home address and phone number, or it could be more socially complicated; revealing someone’s sexual orientation or gender identity against their will, for example.
You could fully dox someone by doing a complete data dump on them to the public (assuming one has possession of such data) or there could be a partial dox if only a small amount of the information is released.
Does Doxing Require The Internet Or A Computer?
When it’s done properly, doxing does not require special hardware, software, or even an internet connection. The act of fully doxing or partially doxing someone is simply the revealing of private information.
The delivery system for that data can be anything from a series of phone numbers scrawled onto bathroom walls (this is a well-documented practice) to a mass email or social media post. There is much in between those two, but the short answer is no, you don’t need a computer to dox someone. What you DO need is information the victim would rather not be made public.
One of the most famous examples of “doxed crypto” incidents where cryptocurrency investors have been targeted? Consider what happened to the founders of the Bored Ape Yacht Club. These NFT enthusiasts made their presence known via pseudonyms or web handles, and declined to release their real names in association with BAYC announcements and planning.
But the founders registered their real names in association with BAYC business holdings, and in 2022 Katie Notopoulos from BuzzFeed News published the real identities if two of the founders of Yuga Labs.
In some of the reports discussing this, some complained that revealing the true identities of the BAYC Gordon Goner and Gargamel was tantamount to doxing; they complained about this at the same time they were repeating those real names of the doxxed BAYC founders reported by BuzzFeed.
Defenders of the BuzzFeed article say Notopoulos was only repeating publicly available information, while critics of the article point out that if the information was so freely discoverable, the breathless (to some) tone of the article was not only pointless but actually a bit misleading.
Indeed, the opening line of the BuzzFeed article in question says of BAYC, “The buzzy NFT collection has raked in millions and the eager support of dozens of celebrities. But its founders’ anonymity raises questions about accountability in the age of crypto”.
BAYC Doxxed Themselves?
Later the BuzzFeed article boldly proclaims, “BuzzFeed News can now reveal the identities of BAYC’s two main founders.” There’s just one problem; there are sources who report BAYC founders already revealed their identities when they registered their business in Delaware.
In light of that, what’s the point of “now revealing” information that is already public knowledge under the guise of cutting-edge reporting? That may not technically fit the definition of doxing, but releasing the names of the Bored Ape Yacht Club founders and writing about it as if you were sharing secrets or doxing them is considered in certain circles to be lazy, unrepentantly bad clickbait “writing” and definitely NOT journalism.
Was BuzzFeed guilty of shameless clickbait and pandering to controversy in their reporting? Or were they providing a public service to those who wonder how “legit” BAYC is in the crypto space? You be the judge.
Doxing Or Doxxing?
There’s not really a debate here, it’s simply that some spell it “doxing” (more accurate) and some spell it “doxxing” (less accurate). In some circles, the term is thought to be a mutation of the word “documents”. Think “docs”, mutating from a noun to a verb, as in, “doxing”. Merriam-Webster lists “doxxing” as a variant. Doxxing is, according to some sources, derivative of “dropping docs” or documents uncovered in a search for private information.
Have You Been Doxxed?
If you have been doxxed, the first thing you should consider doing is reporting the incident to your internet service provider or the social media platform on which the incident occurred. Remember, there are many different types of personal data that can be used in a doxing attack. To harass someone online in this way a number of personal data sets may be used including:
- Your actual name
- Phone numbers
- Social Security number
- Home address
- Employer address and phone numbers
- Financial data such as credit card or checking account numbers
- Personal photographs (revenge porn is a form of doxing)
- Social media profiles
Doxing may not be considered a crime if the act is limited to releasing certain types of private data (your name, phone number, etc.) but could quickly become part of a criminal complaint if the incident includes harassing, stalking, or other illegal activities.
Joe Wallace has covered real estate and financial topics, including crypto and NFTs since 1995. His work has appeared on Veteran.com, The Pentagon Channel, ABC and many print and online publications. Joe is a 13-year veteran of the United States Air Force and a former reporter for Air Force Television News.