Reading this article made me consider the legality of “doxxing” a person. For those unfamiliar “dox” is an internet slang word for finding and releasing personally identifiable information, such as their real name, address, or account information. In this instance, I am unsure how he got the person’s name and address, but clearly he had intentions of confronting the person. This could have resulted in a violent altercation. A couple of questions that came to mind:
Can a person be liable (criminally or civilly) for “doxxing” someone who then suffers harm as a result of being “doxxed”?
Should the act of “doxxing” be considered a tort?
In some states, you can be sued for publishing private facts about another person. “Private facts” refers to information about someone’s personal life that has not been previously revealed to the public, that is not of legitimate public concern, and the publication of which would be offensive to a reasonable person. However, the law protects you if you publish something that is already publicly available.
Some states also consider it a tort to unreasonably intrude upon the seclusion or solitude of a person. In order to bring an action for tort of privacy invasion based upon the concept of intrusion on the seclusion of another, the following elements must be established (Doe v. High-Tech Inst., Inc., 972 P.2d 1060 (Colo. Ct. App. 1998)):
-that defendant committed an unauthorized intrusion or prying into plaintiff’s seclusion;
-that intrusion was highly injurious and objectionable to a reasonable man;
-that matter intruded on was private; and
-that intrusion resulted in agony and suffering to plaintiff.
It seems from this that a person can be held liable for “doxxing” someone if that person is harmed, or if the information released is not newsworthy or publicly available.
Thoughts?
Interesting matter. I think there are a couple of interesting issues here. First, who is legally responsible for the doxing. Presumably Twitter or some other ISP made the information available. As a general matter ISPs are not responsible for information posted on their servers, but are they responsible for releasing information about a person such as their name, etc. I guess an argument could be made that the ISP should be responsible if by releasing the information, they are causing harm, but in this instance the harm would be to the person whose information was released (and do we really want to protect that guy?) as far as the person who is the object of the hurtful tweets, since he was able to find the author of the tweets he may have a remedy in tort for defamation, etc. But the issue you raise is – as we like to say – the $64,000 question is there any instance in which we can hold ISPs responsible? The question is in some way a function of how enforceable ISP privacy waivers are.
The bigger issue is why would anyone taunt a professional boxer???