Tag: Doxing

  • 7 Tips to Keep You Safe From Online Doxing

    7 Tips to Keep You Safe From Online Doxing

    Over the past 10 days, dozens of faculty and staff members have had their personal contact information, photos and sometimes addresses broadcast online by anonymous right-wing social media accounts seeking to punish them for comments they allegedly made about the death of conservative firebrand Charlie Kirk. This public campaign of online harassment and intimidation, known as doxing, is “off the charts” right now, said Heather Steffen, an adjunct professor of humanities at Georgetown University.

    Steffen is also the director of Faculty First Responders, a group created by the American Association of University Professors in 2020 to track and help faculty members targeted by right-wing media. Doxing has been on the rise since protests over the Israel-Hamas war fractured campuses in 2023, but educators are increasingly coming under attack in “ideologically motivated efforts” to silence dissent, according to an August report from the National Association of Attorneys General. “This shift signals the evolution of doxxing from isolated conduct to a more coordinated form of digital persecution,” the report said.

    While the attacks are becoming more frequent and sophisticated, higher ed employees can take steps to minimize the risk of doxing, as well as the damage incurred if it does happen.

    1. Keep your personal and work accounts separate.

    Remove employers’ names from all of your personal social media accounts—if it’s in your bio, take it out, Steffen advised. “You can state in your bio on social media that your views do not represent your employer, and you don’t need to name the employer in order to do that,” she said.

    In many cases, work may demand that you list some contact information publicly, but don’t use that information for personal business, said Rob Shavell, CEO and co-founder of DeleteMe, a service that will find and try to wipe members’ personal information from the web. “The data brokers are getting very good at correlating [work and personal] data and putting them into one dossier,” he said. These days, when DeleteMe’s privacy advisers scan the web for members’ information, they return an average of 750 pieces of personally identifying information per person, up from 225 pieces four years ago.

    Also, be aware of what devices, accounts and Wi-Fi networks you’re using, and be sure not to use work-provided equipment or resources for anything other than work, Steffen added.

    2. Scrub your information from data-broker websites.

    Data brokers collect and sell personal information. Companies like DeleteMe and Incogni will remove your personal information from data-broker websites for a fee; DeleteMe charges $129 per member annually. But for anyone who wants to take a do-it-yourself approach, DeleteMe has published free opt-out guides that walk readers through removing their information from the sites, including Experian, TransUnion and CoreLogic. Steffen also suggests following the steps outlined in the Big Ass Data Broker Opt-Out List, a Github project that explains how to scrub your information from data brokers.

    3. Use an email mask or alias when possible.

    “Masked emails or phone numbers or even credit cards allow you to sign up for things or make calls or buy things without revealing to every counterparty your real personal information,” Shavell said. DeleteMe offers masking, as do companies like Apple and NordPass. These services create a faux address that will then forward emails to your real account. Google also offers free alias phone numbers through Google Voice that will forward calls to your personal phone. In addition to better security, masking also decreases spam and phishing risks.

    4. Breathe before you post (and remember the risk of screenshots).

    Even if you’re posting to a private account—say, a “close friends” story on your personal Instagram—anything you put online can still be screenshotted and shared widely, Steffen warned. “Anytime you’re posting or reposting something, a good tool can be to pause and think: Would I be comfortable with my employer, my students and my community knowing that I hold this view, and would I be comfortable with them seeing it expressed in this way?” she said.

    5. Protect your accounts with complex passwords and two-factor authentication.

    It’s boring, but it’s important, said Viktorya Vilk, director for digital safety and free expression at the nonprofit PEN America, which offers digital safety training to colleges and universities and has created a “what to do” resource for people who have been doxed. “If someone hacks into your Facebook or your email, it’s so hard to get that account back. And it’s also incredibly intrusive and unsettling,” she said. “Having a long, secure password and two-factor authentication makes it almost impossible for someone to be able to hack into your account.”

    6. In the event you are doxed: Center yourself, and then secure your physical safety.

    “People often have a fight, flight or freeze response. It can be incredibly traumatizing and so very difficult to take steps or use your judgment about what to do when you’re being doxed,” Vilk said. “And so, counterintuitively, the very first thing to do is to take a minute and try to center yourself. For some people that’s taking some deep breaths. For other people, it’s just, like, moving around, wiggling around.”

    After that, make sure you’re physically safe, she advised. If your address has been shared, consider staying at a hotel or with friends or family until the storm passes. Consider contacting law enforcement to report the threats, file a police report and let them know you’re at increased risk for swatting—a harassment tactic that involves making a false emergency call in order to dispatch law enforcement to a specific location.

    7. Once you are physically safe, document the harassment and lock down your accounts.

    Set your social accounts to private mode if they’re not already, and take any steps to limit visibility of your posts, Vilk said. “That’s very easy to switch back after the storm dies down,” she added. Be careful communicating with unfamiliar accounts, emails or phone numbers, and document any threats or harassment you receive. Don’t download attachments or click on links from unknown senders, and do a quick search online to find out more about them before responding.

    “Take screenshots when you receive them and then report them to the platform where they’re happening. That can be really stressful, so we really recommend that people recruit friends or family or trusted colleagues to help them do that so that they’re not doing it alone,” Vilk said.

    Your cellphone number can also be stolen. “If it starts to circulate online, people will call your cellphone company and pretend to be you and try to reroute traffic,” she said. Protect your number by calling the company and placing a PIN on your account.

    Source link

  • Right-Wing Doxing Campaign Endangers Faculty and Free Speech

    Right-Wing Doxing Campaign Endangers Faculty and Free Speech

    Faculty and staff members at Auburn University, Eastern New Mexico University–Roswell and Coastal Carolina University are among those who have been punished for their comments on Charlie Kirk’s death.

    Photo illustration by Justin Morrison/Inside Higher Ed | Anna Moneymaker/Getty Images | Nordin Catic/Getty Images/The Cambridge Union | Andrew Harnik/Getty Images

    College faculty and staff members have become popular targets of the right-wing doxing firestorm that ignited in the hours after Charlie Kirk was shot and killed last week during an event at Utah Valley University. As of Thursday afternoon, Inside Higher Ed had identified 37 faculty and staff members who are being harassed online for allegedly critical or insensitive social media posts about Kirk. So far, at least 24 of those employees have been terminated, suspended or put on administrative leave, including employees at Auburn University, Eastern New Mexico University–Roswell and Coastal Carolina University.

    The force and scale of the doxing campaigns—and the speed with which institutions have moved to suspend or terminate their targets—paints a grim picture of free speech rights on public college campuses. Widespread doxing as a political tool to punish universities and academics is not a new phenomenon, but right now it’s particularly virulent, explained Keith Whittington, a professor at Yale Law School and an expert on free speech. “The size of the activity, the pressure campaign and the … short period of time is highly unusual,” he said. “Universities feel like they’re under intense pressure to mollify right-wing activists and try not to draw negative attention from the [Trump] administration.”

    Most of the higher education targets of doxing campaigns have been identified first by users on X, Facebook or other social media sites. Then anonymous accounts broadcast their name, employer, photo and contact information, along with calls for their firing. A group that calls itself the Charlie Kirk Data Foundation has also asked the public to submit via email or online the names, identifying information and screenshots of any person who has criticized Kirk or appeared to celebrate his death. On Sunday, the group claimed to have received more than 63,000 unique names.

    The first call-outs that gained traction were particularly inflammatory. For example, a University of Toronto professor—who has since been placed on leave—posted in a comment on X, “shooting is honestly too good for so many of you fascist cunts.” This type of speech is often “universally condemned,” but it should still be protected by universities committed to First Amendment values, Whittington said. (Or Section 2 of the Canadian Charter of Rights and Freedoms.) Now, doxers are attacking even those who engage in mild criticism of Kirk or his supporters, as well as those who merely quote Kirk’s own views on gun control and other topics in juxtaposition to the news of his death.

    “We do seem to see a pattern in which activists are very quickly moving beyond [more egregious] instances to much more marginal cases, where … we might not think that these particular examples of speech violated any widespread view that it is inappropriate or beyond the pale,” Whittington said.

    A staff member at Wake Forest University in North Carolina was doxed and later terminated after posting on social media the lyrics, “He had it coming, he had it coming” from the Chicago song “Cell Block Tango.” One University of South Carolina professor was targeted by doxers for a critical Facebook comment about a state representative who supported Kirk and was later relieved of teaching duties because of it. A faculty member at East Tennessee State University was put on administrative leave after posting, “You can’t be upset if one of those deaths in [sic] yours #charliekirk” in response to a news headline that quoted Kirk saying, “It’s worth [it] to have a cost of, unfortunately, some gun deaths every single year so that we can have the Second Amendment.” Inside Higher Ed has opted not to name employees that haven’t been confirmed by their university in order to prevent further harassment.

    The number of doxing campaigns targeting educators is on the rise. Experts say higher ed employees can stay safe by keeping work and personal accounts separate, using email masks, and removing personal information from data broker sites. For more tips, see our story here.

    So far no higher ed institution has faced as swift and fierce a condemnation from conservatives online as Clemson University, which, in response to the political pressure, has now terminated two faculty members and one staff member over their social media posts about Kirk. An assistant professor at Clemson was among the first to be named and shamed. On Sept. 10, the day Kirk was shot and killed, they posted, “Today was one of the most beautiful days ever. The weather was perfect, sunny with a light breeze. This was such a beautiful day.” Kirk’s supporters interpreted this comment as a celebration of his death. The Clemson professor also reposted jokes about the killing—including “no one mourns the Wicked” and “[N-word] worried about DEI and DIED instead.”

    From there, the doxing machine roared to life. The student group Clemson College Republicans was the first to identify the professor and share their posts, according to U.S. representative Russell Fry, whose Sept. 11 post on X about the professor garnered 1.2 million views. The post was amplified by hundreds of right-wing accounts and other politicians, including U.S. representative Nancy Mace, who has commented on and reposted dozens of similar call-outs. Clemson officials issued a statement on Sept. 12, writing that “the deeply inappropriate remarks made on social media in response to the tragic murder of Charlie Kirk are reprehensible and do not reflect the University values and principles that define our University community.” They made no mention of disciplining the employees involved and noted only that the university will “take appropriate action for speech that constitutes a genuine threat which is not protected by the Constitution.”

    The pressure campaign continued. Two other employees of the public university—a staff member and another professor—were also targeted for their posts about Kirk’s death, and Republican politicians called for their firing, too. Clemson officials issued another statement a day later, stating that an employee had been suspended and reiterating that officials would take action “in cases where speech is not protected under the U.S. Constitution and the First Amendment.”

    The university did not name any employees or say what the suspended employee posted. However, the posts circulating online from the three Clemson employees in question appear to be protected speech, according to the way most First Amendment scholars interpret it.

    Over the weekend, U.S. representative Ralph Norman, the X account for the U.S. House Committee on the Judiciary Republicans and Sen. Lindsey Graham of South Carolina joined in the calls for the employees’ firing, and some politicians called for the State Legislature to defund Clemson. So did President Donald Trump, who reposted a Truth Social post from South Carolina state representative Jordan Pace that said, “Now Clemson faculty is inciting violence against conservatives. It’s time for a special session to end this. Defund Clemson. End Tenure at State colleges.”

    Clemson officials did not respond to Inside Higher Ed’s request for comment. The university’s academic freedom policy for faculty states, “When they speak or write as private persons, faculty shall be free from institutional censorship or disciplinary action, but they shall avoid creating an impression that they are speaking or acting for the University.” The Faculty Handbook doesn’t outline any clear exceptions to this rule but does note that “as professional educators and academic officers, they are aware that the public may judge their profession and their institution by their utterances. Hence, faculty members should endeavor to be accurate, to exercise due restraint, to show respect for the utterances of others, and, when appropriate, to indicate that they are not officially representing Clemson University.”

    On Monday, Clemson announced it had terminated the staff member and removed both faculty members from their teaching duties. By Tuesday, all three employees had been terminated. South Carolina attorney general Alan Wilson told Clemson’s president he had the “full legal authority” to terminate the employees, writing in a statement, “The First Amendment protects freedom of speech, but it does not shield threats, glorification of violence, or behavior that undermines the mission of our state institutions.” This contradicts what experts at the Foundation for Individual Rights and Expression and other free speech experts have said in recent days: that speech, even if it’s poorly timed, tasteless, inappropriate, controversial or a nonspecific endorsement of violence, is protected by the U.S. Constitution.

    While these name-and-shame campaigns constitute a particularly harsh attack on campus speech, they are nothing new. In fact, they’ve increased in frequency since 2023, when many pro-Palestinian academics were targeted, said Heather Steffen, a humanities professor at Georgetown University and director of the American Association of University Professors’ Faculty First Responders group.

    “Faculty who speak about certain issues have been more vulnerable to doxing for a long time,” Steffen said. “So anyone who talks about issues of race or racism, gender and sexuality, or Palestine tends to be more likely to be doxed or somehow otherwise attacked in a politically motivated fashion, as do academics who are faculty of color, or queer faculty, or trans faculty or pro-Palestinian faculty.”

    Ultimately, it’s not about what the employees said, Whittington explained. It’s about the political outcomes.

    “This is primarily about exercising political power and trying to silence and suppress people who disagree with you politically,” he said. “It doesn’t matter that the offense is trivial … What matters is you’re identifying people that you politically disagree with and you have a moment in which you can exercise power over those people. And there are lots of people willing to take advantage of those opportunities.”

    Source link