The information was always public. That is exactly what makes it dangerous.
The Moment You Find Out
It starts with a notification you do not recognize. Then three more. Then a screenshot someone sends you, not because they want you to see it, but because they think you should know before you find out some other way: a thread on a forum you have never visited, with your full name at the top, your home address two lines down, and a photo of your own front door, taken by someone standing on your own sidewalk.
You did not post your address anywhere. You were careful, or you thought you were. But carefulness was never really the variable. Somewhere between a voter registration record, an old apartment listing, a data broker you have never heard of, and a comment you made under your real name four years ago, someone built a complete picture of where you sleep at night. It took them an afternoon. It will take you years to feel safe again.
This is doxing. Not hacking, not usually, not technically. Just assembly. The pieces were always there, scattered and legal and mostly forgotten. Someone simply put them in one place and handed that place to anyone who wanted to find you.
That is the part that makes it different from almost everything else this series has covered. Astroturfing manufactures what other people believe about an issue. Account suppression weaponizes a platform’s own rules against you. Doxing skips the platform entirely and goes straight for the thing no terms of service can protect: the fact that you have a body, and that body is somewhere, and now everyone knows where.
Definition
Doxing, sometimes spelled doxxing, is the act of publishing someone’s private or identifying information without their consent, typically with the intent to harass, intimidate, or expose them to real world harm. The term descends from the hacker slang dropping docs, worn down over decades of internet culture into a single, ugly verb. The information itself is rarely exotic. Home addresses, phone numbers, workplace details, family members’ names, financial details, and the link between an anonymous online handle and a real legal identity make up the overwhelming majority of doxing payloads.
The line is not the information itself. Much of what ends up in a dox is, on its own, publicly available and entirely legal to possess. Property records are public. Voter rolls are semi-public. A person’s employer is often listed on their own social media. What turns research into doxing is intent and aggregation: the deliberate compiling of scattered, mostly harmless fragments into a single weaponized profile, published with the explicit or implicit goal of inviting others to harass, threaten, or locate the target.
This is also where doxing gets genuinely contested rather than simply condemned. Investigative journalism regularly publishes true, lawfully obtained information about people, including information they would prefer stayed private, because the public interest in knowing it outweighs the subject’s preference for privacy. Courts have generally protected this kind of publication under the First Amendment, in a line of precedent sometimes called the Daily Mail principle: the government can rarely punish the publication of truthful information that was lawfully obtained. The same protection that shields a reporter exposing a corrupt official’s finances can also shield someone publishing a private citizen’s home address under the banner of accountability. The line between the two is not always where people on either side of a dispute would like it to be, and that ambiguity is part of why doxing has proven such a durable tactic across every part of the political spectrum, a pattern this piece returns to directly.
The Scale of the Problem
The numbers are larger and more ordinary than the headlines suggest. A 2025 survey from the home security research firm Safehome found that roughly four percent of American adults, an estimated 11.7 million people, have been doxed at some point, with another sixteen percent reporting that a friend or family member had experienced it. The Anti-Defamation League’s 2024 survey on online hate and harassment found that fifty six percent of American adults had experienced some form of online harassment, and twenty two percent had experienced a severe form, a category that explicitly includes doxing alongside stalking and physical threats.
The exposure is not evenly distributed. Pew Research Center’s long-running work on online harassment has consistently found that women experience more sexualized and identity-targeted abuse than men, and that LGBTQ adults report dramatically higher rates of online abuse overall, with roughly seven in ten lesbian, gay, or bisexual adults reporting some experience of online harassment compared to about four in ten straight adults. Journalists and activists, particularly women in those fields, show up disproportionately in research on who gets doxed and why, not because they are careless with their information but because visibility itself is the risk factor.
The psychological research on doxing specifically is thinner than the research on harassment broadly, but the mechanism is not mysterious. Doxing collapses the distance between online conflict and physical safety. A hostile comment can be ignored, blocked, or muted. A hostile comment paired with your home address cannot, because the threat is no longer contained to the platform where it appeared. It follows you into your kitchen.
Four Kinds of People Who Do This
THE DISGRUNTLED INDIVIDUAL
This is doxing’s oldest and most personal form: an ex-partner, a former coworker, a litigant on the losing end of a court case, someone with a specific grievance against a specific person, acting alone. The motive is rarely ideological. It is personal, often furious, and frequently underestimated by everyone around the target, including the target.
This type produced the worst documented outcome in this entire piece. In July 2020, a disgruntled lawyer who had appeared before U.S. District Judge Esther Salas found her home address online and arrived at her New Jersey residence disguised as a delivery driver. He shot and killed her twenty year old son, Daniel Anderl, and seriously wounded her husband, before fleeing and later taking his own life. Authorities later found a list of other judges in his vehicle. Judge Salas has said publicly that her son’s death traces directly to how easily his attacker found where they lived.
The Disgruntled Individual is the type people picture least and should fear most, because there is no forum to monitor, no campaign to track, no coordination to detect in advance. There is only the address, sitting in a database somewhere, waiting to be sold.
THE ORGANIZED BRIGADE
Where the disgruntled individual acts alone, the organized brigade acts as a crowd, and that changes everything about what it feels like to be on the receiving end. Forums and group chats dedicated to tracking specific targets turn doxing into a participatory hobby, with members competing to surface new personal details the way other communities compete over trivia.
Clara Sorrenti, a Canadian transgender Twitch streamer known online as Keffals, experienced this directly in 2022 after becoming a target of the forum Kiwi Farms. Members of the site located an old obituary for her father, traced it to a memorialized Facebook photo of her childhood home, and used satellite mapping to confirm the address. Weeks of escalating harassment followed, culminating in a swatting attack: someone impersonated her and emailed local officials with a fabricated mass shooting threat, sending armed police to her door. After fleeing to a hotel, trolls identified the building from the pattern on her bedsheets, visible in a photo of her cat. She left the country entirely, and her stalkers found her again in Belfast. Sorrenti’s campaign to hold Cloudflare accountable for providing security services to Kiwi Farms eventually succeeded, and the company cited an imminent threat to human life when it dropped the site in September 2022. Notably, a separate attacker claiming affiliation with the same forum also swatted U.S. Representative Marjorie Taylor Greene days later, a reminder that this particular weapon does not check anyone’s politics before it fires.
THE ACCOUNTABILITY DOXER
The most ethically contested form of doxing is the kind its practitioners do not consider doxing at all. The Accountability Doxer believes the target’s public conduct, speech, or affiliation justifies exposing their private identity, on the theory that consequences require a name and an address attached to them. This type exists across the entire political spectrum, deployed by people who would otherwise agree on almost nothing else.
In the days following conservative commentator Charlie Kirk’s death in September 2025, a website calling itself Expose Charlie’s Murderers published the names, employers, and personal details of people who had posted critical commentary about him, leading to firings and suspensions for some of those named. A separate, longer running effort has compiled lists of more than five thousand students and academics critical of Israel, sharing their information in blacklist campaigns that critics say have jeopardized jobs, immigration status, and safety. A digital billboard truck circling Harvard Square displayed the names and photos of students who had signed a public letter about the October 7 Hamas attack, a tactic widely described as doxing even though, legally, it involved nothing but a megaphone pointed at an already public letter. The Department of Homeland Security has separately reported a seven hundred percent increase in assaults against immigration enforcement agents whose identities and home information have been published by activists opposed to their work.
None of these campaigns share a politics. They share a justification: that some forms of speech or affiliation forfeit the speaker’s right to privacy. Whether that justification holds up is a genuine and unsettled argument, not a settled one, and it is worth sitting with rather than resolving in either direction here.
THE OPPORTUNIST
The newest entrant requires no grievance and no ideology at all, only timing. In the wake of UnitedHealthcare CEO Brian Thompson’s killing in December 2024, two anonymously run websites published the names, personal email addresses, phone numbers, compensation figures, and LinkedIn profiles of hundreds of Fortune 500 executives within months, explicitly framing the killing as righteous and the published list as a target index. Both sites were taken offline within twenty four hours of going live.
Twenty four hours was enough. The data had already been scraped, archived, and redistributed by the time either site disappeared, illustrating a gap this piece returns to in its legal section: the time it takes to publish a dox is measured in hours, and the time it takes to remove one is measured in weeks. The Opportunist does not need to sustain a campaign. The internet does that part for them.
What Being Found Actually Does to a Person
Ask anyone who has been doxed what changed, and very few of them start with the information itself. They start with the texture of their own attention afterward. Hypervigilance becomes the baseline state: checking locks twice, flinching at unfamiliar cars on the street, treating a knock at the door as a category of event rather than a doorbell ring.
The financial cost arrives quietly and compounds. Some victims relocate entirely, absorbing the cost of breaking a lease or selling a home at a loss. Others spend on data removal services, new phone numbers, address confidentiality programs, and in extreme cases private security, none of which existed as a budget line item before the dox. Professional costs follow close behind. Employers, uncomfortable with the liability or attention a doxed employee brings, sometimes part ways with the very person being targeted rather than the people targeting them, a dynamic survivors describe as feeling punished twice.
The least visible cost may be the most consequential at scale: the chilling effect on speech itself. Research on women journalists and activists who have experienced or witnessed doxing consistently finds a pattern of self-censorship afterward, not because the underlying belief changed but because the calculation of what it costs to say it publicly did. A platform user who watches a colleague get doxed for a position does not need to be personally targeted to learn the lesson the dox was designed to teach. For many perpetrators, this is the actual point. The named target absorbs the damage. The chilling effect is the return on investment.
Swatting sits at the furthest edge of this spectrum, where the threat stops being psychological and becomes literally a matter of who shows up with a weapon at your door. It is the rare and extreme outcome of doxing, but it is not a freak occurrence disconnected from the everyday version. It is what the everyday version is always one bad actor away from becoming.
How a Person Becomes Findable
It is worth being precise about what doxing actually requires, mostly because the answer is so much less impressive than the result it produces. There is rarely any hacking involved, and no special access is needed. The architecture is mundane, built from a handful of unremarkable categories of information that, individually, almost nobody thinks to protect.
Public records form the foundation. Property deeds, voter registrations, court filings, and business licenses are designed to be searchable, and in most states they are not redacted by default even for people who would have good reason to want them hidden. Commercial data brokers, the subject of the next section, aggregate this material at industrial scale and resell it as searchable consumer profiles, often for a few dollars per lookup. Old social media posts and abandoned usernames provide a different kind of fuel: the connective tissue between an anonymous handle someone has used for a decade and the legal name attached to their driver’s license. A single careless post linking the two, made years earlier and long forgotten, is often all it takes to collapse an entire identity firewall.
Less commonly, but more dangerously, compromising a connected account can surface information no public record contains at all. Sorrenti’s case illustrated this directly: after fleeing to a hotel, her rideshare account was compromised, exposing her phone number, home address, and her family members’ contact information through a service that had nothing to do with her public profile or her activism. The lesson generalizes uncomfortably well. Every account linked to a real address, a real phone number, or a real payment method is a potential leak point, regardless of how carefully someone guards their public-facing identity.
None of this requires sophistication. It requires patience, a willingness to spend a few afternoons cross-referencing sources that are often free or nearly free, and a target who has, like almost everyone, left more digital breadcrumbs than they remember leaving.
The Industry That Makes This Possible
Doxing has perpetrators, but it also has a supply chain, and the supply chain is legal. Data brokers are companies whose entire business model is collecting, aggregating, and reselling personal information, often without the meaningful knowledge or consent of the people the information describes. Some specialize in so called people search services, explicitly designed to let anyone type in a name and receive an address, phone number, relatives, and property history within seconds, for a subscription fee that rarely exceeds the cost of a streaming service.
The Federal Trade Commission’s case against the location data broker Kochava made the scale of this industry impossible to ignore. According to the FTC’s complaint, Kochava sold precise, timestamped geolocation data drawn from hundreds of millions of mobile devices, specific enough to trace a single device from a reproductive health clinic to the residential address it returned to that night, or from a domestic violence shelter to whatever location came next. The agency alleged that Kochava’s own marketing materials touted the ability to identify a household from its data, and that the company had taken essentially no steps to prevent the kind of identification that exposes people to, in the agency’s own language, stigma, stalking, discrimination, job loss, and physical violence. The case eventually resulted in a settlement barring Kochava from selling sensitive location data without explicit consumer consent, one of the most significant enforcement actions against the data broker industry to date, though hardly the last word on an industry with dozens of comparable competitors still operating largely as Kochava once did.
The most consequential reform in this entire space did not come from regulators acting proactively. It came from a tragedy that made the abstract risk impossible to dismiss as theoretical. After her son’s murder, Judge Salas became the public face of an effort to force data brokers to stop selling the addresses of judges and law enforcement officers. New Jersey’s Daniel’s Law, passed within months of the attack, gave covered individuals the right to demand removal of their address and phone number from any business that published it, with financial penalties for noncompliance. By 2024, more than one hundred lawsuits had been filed under the law against companies that failed to comply with removal requests in time. Congress followed in 2022 with the Daniel Anderl Judicial Security and Privacy Act, extending comparable protections to federal judges nationwide and explicitly prohibiting data brokers from trading their personal information.
Platforms occupy a parallel, if distinct, position of complicity. Cloudflare’s eventual decision to drop Kiwi Farms came only after sustained public pressure and an explicit declaration of imminent threat to human life, years after the forum’s harassment campaigns had already been linked to at least three suicides, according to reporting at the time. The company that hosted the infrastructure was not the one writing the threats, but it was, for years, the reason the threats stayed online and reachable. Accountability for enabling a harm and accountability for committing it are different categories of responsibility, but they are not unrelated ones, and the gap between when a platform could have acted and when it actually does is where most of the damage in these cases gets done.
What the Law Actually Does About This
There is no federal law in the United States that criminalizes doxing by name. Several bills have been introduced, including measures specifically protecting federal law enforcement personnel, but none have passed Congress as a standalone doxing statute, leaving most enforcement to a patchwork of state law that varies enormously depending on where the victim and the perpetrator happen to live.
As of 2025, three states, Alabama, California, and Illinois, have written doxing into their statutes by that explicit name. Fourteen additional states criminalize the same underlying conduct, publishing personal information with intent to harass or harm, without using the word doxing itself, often by amending existing harassment or stalking statutes. California’s Doxing Victims Recourse Act, effective January 2025, created a civil right of action allowing victims to sue for damages ranging from fifteen hundred to thirty thousand dollars, plus attorney’s fees, regardless of whether prosecutors ever bring a criminal case. Most other states offer no comparable statutory path at all, leaving victims to rely on general stalking, harassment, or invasion of privacy law that was never written with doxing specifically in mind.
The deeper obstacle is constitutional rather than merely legislative. Courts have repeatedly held that the government can rarely punish the publication of truthful information that was lawfully obtained, a principle that protects investigative journalism and, less comfortably, protects a great deal of what gets called doxing in practice. Any new law in this space has to thread a narrow needle: specific enough to reach the conduct that causes real harm, broad enough to actually deter it, and careful enough not to hand public officials a tool to punish embarrassing but legitimate reporting about themselves.
Even where the law clearly applies, the timeline rarely matches the damage. The Fortune 500 executive doxing sites described earlier were taken offline within twenty four hours of being discovered, a genuine enforcement success by most measures. It did not matter. The data had already spread to dozens of mirrors and screenshots by the time the original sites disappeared, and no legal remedy exists that operates on a twenty four hour clock. Legal recourse in doxing cases functions best as documentation, leverage, and eventual restitution. It functions poorly, almost by design, as a fire alarm.
Self-Assessment: How Exposed Are You, and Have You Ever Been the One Holding the Match
Rate each statement from one, not at all true, to five, completely true.
1. A simple search of my full name returns my home address, current or former, within the first page of results.
2. I have used the same username or handle across platforms where my real identity is public and platforms where I intentionally keep it anonymous.
3. My job, activism, public commentary, or relationship history makes me a plausible target for someone with a grievance against me.
4. I have shared someone else’s address, workplace, phone number, or full legal name in a group chat, comment section, or forum during a dispute, even one that felt justified at the time.
5. I do not know whether my information has ever been removed from, or sold by, a data broker or people search site.
6. If a stranger online decided to find out everything about me tomorrow, I genuinely do not know how hard that would be.
Scores of twenty four to thirty suggest your exposure, your participation in the practice, or both, deserve immediate attention. Scores of twelve to twenty three suggest meaningful gaps worth addressing methodically rather than urgently. Scores below twelve suggest a relatively low baseline risk, though the steps below are worth reviewing regardless, since exposure tends to change faster than awareness of it.
What to Actually Do About It
If you suspect your information is already circulating, start by documenting everything before you do anything else. Screenshot the original posts, the URLs, the timestamps, and the usernames involved, because platforms and data broker opt-out forms will ask for this evidence and it disappears or gets edited faster than victims expect.
Next, request removal directly. Most major data brokers and people search sites maintain opt-out pages, though the process is deliberately tedious by design, often requiring a separate request to each individual broker rather than one universal form. Google maintains a personal information removal policy that allows individuals to request that search results combining personal information with explicit or implicit threats be delisted, which will not remove the underlying page but will make it considerably harder to find through a casual search.
Then, lock down the accounts that could leak further information without your knowledge. Two factor authentication on email, financial, and rideshare or delivery accounts closes the exact gap that exposed Sorrenti’s location after she had already fled once. Review what services have your real address on file and consider whether each one actually needs it.
If you are in a profession that qualifies for legal protection, judges, prosecutors, and certain law enforcement or public safety roles in many states, file the paperwork those protections require rather than assuming they apply automatically. They generally do not activate until you request them.
Resist the instinct to respond publicly to the people circulating your information, however justified the anger feels. Public engagement, even angry engagement, generates the attention and the content the harassment campaign is built to harvest. Document instead, report to the platform and, where the threat is credible, to law enforcement, and let evidence accumulate quietly rather than feeding a public spectacle that benefits whoever started it.
Finally, treat this as a sustained process rather than a single fire to put out. Information removed from one source often resurfaces from another months later, and the people most successful at managing a doxing aftermath describe it less as a crisis they resolved and more as a vigilance they adopted.
When This Becomes an Emergency
Everything above assumes a serious but survivable situation. Some doxing cases escalate past that point, into explicit threats of violence, stalking behavior in physical space, or swatting, and those situations require a different response entirely. If you believe you are in immediate physical danger, contact local law enforcement directly rather than relying on a platform’s reporting tools, which are not built for emergencies and were never designed to move at the speed a genuine threat requires.
The Cyber Civil Rights Initiative and Online SOS both maintain resources specifically for victims of coordinated online harassment and doxing, including guidance on documentation, legal options, and in some cases direct support navigating a crisis. The National Network to End Domestic Violence’s Safety Net project focuses specifically on technology facilitated abuse and stalking, which overlaps heavily with doxing in cases involving a current or former intimate partner. None of these organizations can make the underlying exposure disappear, but they exist precisely because the gap between a dox and an emergency is sometimes a matter of hours, and having a resource already identified before that gap closes matters.
You Did Not Fail by Being Findable
Almost everyone is findable, by anyone sufficiently motivated, because the architecture of modern life was never designed with your safety as its first priority. It was designed for convenience, for commerce, for searchability, and your privacy was a cost nobody budgeted for until it was already spent.
What you control is not whether the information exists. Most of it already does, scattered across databases you will never fully audit. What you control is how quickly you notice, how methodically you respond, and whether you let the discovery turn into permanent vigilance or a managed, finite process with an end. The people who recover fastest from being doxed are rarely the ones with the least information exposed. They are the ones who stopped treating the exposure as a referendum on their own carelessness and started treating it as exactly what it is: a system failure that happened to land on them.
Doxing does not invent a threat. It just hands one an address.
Next in the Series: Coordinated Harassment and the Architecture of the Pile-On
A single doxed address is a location. A hundred accounts arriving at that location’s digital front door, in the same hour, using language that was clearly written somewhere else first, is a campaign. The next installment of Digital Manipulation examines what happens in the gap between a single bad actor and a coordinated one, and why platforms built to detect spam are so consistently unable to detect a crowd that was never actually spontaneous.
FAQ
A: Possibly. The legal and ethical question hinges on intent and aggregation, not just availability. Compiling scattered public fragments into a single profile, published with the goal of inviting harassment or harm, generally crosses the line even when each individual fact was technically findable beforehand.
A: Purpose and proportionality. Journalism that reveals true information about a public figure’s conduct, in service of a documented public interest, generally enjoys strong legal and ethical protection. Doxing aimed at a private individual, with no comparable public interest beyond punishing them for speech or identity, does not carry the same justification even when it uses similar techniques.
A: In several states, yes, depending on intent and outcome. Many anti-doxing and harassment statutes focus on whether a reasonable person would expect the disclosure to invite harassment or fear, not solely on whether the person sharing it meant to cause harm. If you have done this, even once, it is worth taking seriously rather than assuming good intentions provide automatic protection.
A: Search your own full name, along with variations and any usernames you have used publicly, on a regular basis. Set up free alert services for your name and home address where available. Check whether your information appears on major people search and data broker sites, since most allow free lookups even when removal requires a paid or manual process.
A: For most people facing an active threat, yes, because the manual process of contacting dozens of individual brokers is time consuming enough that most people abandon it halfway through. These services do not guarantee permanent removal, since brokers frequently reacquire data, but they meaningfully reduce the number of sources someone would need to check to find you.
A: It can happen without malicious intent, particularly when someone shares a screenshot, a location tag, or an identifying detail without realizing how it connects to information already circulating elsewhere. Accidental doxing still causes real harm to the person exposed, even when no one intended it, which is part of why basic digital hygiene matters even in low conflict situations.
A: Contact local law enforcement directly and, if possible in your jurisdiction, register your address with any swatting prevention or threat flagging program your local department offers. Some departments allow residents to pre-register safety concerns tied to a specific address, which can change how responding officers approach the scene.
A: It limits future exposure but does nothing to remove information that has already been copied, screenshotted, or mirrored elsewhere. Treat account deletion as one part of a broader cleanup rather than a solution on its own.
A: Because the evidence does not support treating doxing as a tactic native to one political position. It has been deployed by activists, partisans, and opportunists across the entire spectrum, often using nearly identical methods against opposite targets. Treating it as exclusively a problem of the other side makes it easier to excuse when your own side does it, which is precisely the blind spot this piece is trying to close.
A: Generally no, as long as the research stays private and proportionate to a reasonable safety concern, such as confirming someone’s identity matches what they have presented. It becomes a different and more troubling practice the moment that research is published, shared publicly, or used to humiliate rather than simply to verify.
STATISTICS & RESEARCH STUDIES
Safehome 2025 Doxing Survey
Citation: Safehome Research Team. (2025). National doxing prevalence survey.
Key Finding: 4% of American adults (approximately 11.7 million people) have been doxed; 16% report a friend or family member experienced doxing.
Link: https://www.safehome.org/ (search for “doxing survey 2025” or contact for research findings)
Usage in article: “The numbers are larger and more ordinary than the headlines suggestโฆ”
Anti-Defamation League (ADL) 2024 Online Hate and Harassment Survey
Citation: Anti-Defamation League. (2024). Online hate and harassment survey.
Key Findings:
56% of American adults have experienced some form of online harassment22% have experienced severe forms (doxing, stalking, physical threats)
Link: https://www.adl.org/resources/report/2024-online-hate-and-harassment-surveyUsage in article: “A 2025 survey from the home security research firm Safehomeโฆ”
Pew Research Center โ Online Harassment & Demographic Patterns
Citation: Pew Research Center. Ongoing longitudinal research on online harassment.
Key Findings:Women experience disproportionately higher rates of sexualized and identity-targeted abuse~70% of LGBTQ adults report online harassment vs. ~40% of straight adultsJournalists and activists show higher victimization rates
Links:
General harassment research: https://www.pewresearch.org/Search: “online harassment demographics” or “LGBTQ online abuse”
Usage in article: “Pew Research Center’s long-running work on online harassmentโฆ”
II. CASE STUDIES & DOCUMENTED INCIDENTS
Case 1: Judge Esther Salas / Daniel Anderl Murder (July 2020)
The Incident: A disgruntled lawyer located Judge Esther Salas’s home address via public records and data brokers, appeared at her residence disguised as a delivery driver, and fatally shot her 20-year-old son Daniel Anderl. Her husband was also seriously wounded. The attacker fled and later took his own life.
Documented Sources:
U.S. Courts Press Release: Judge Salas incident investigationFBI Statement (July 2020): Investigation into the shootingJudge Salas’s public statements on data broker accountability
Key Links:
NBC News report: https://www.nbcnews.com/news/judge-esther-salas-son-killed-doxing-public-records-n1232336Judge Salas’s TED talk on data broker reform (2021)
Usage in article: “The Disgruntled Individual” perpetrator type
Critical Note: Judge Salas has made doxing-to-violence causality a core part of her public advocacy.
Case 2: Clara Sorrenti / Keffals vs. Kiwi Farms (2022)
The Incident: Clara Sorrenti, a Canadian transgender Twitch streamer (username: Keffals), became target of coordinated harassment by Kiwi Farms forum members.
They: Located her childhood home via old Facebook memorial post and satellite mapping. Conducted sophisticated tracking across platforms and addresses. Coordinated swatting attempts (false emergency reports to police)Found her subsequent locations through metadata (bedsheet pattern, etc.)Forced her to flee Canada and ultimately leave the country
Documented Sources:
NBC News / Variety coverage (September 2022)Vice investigative reporting on Kiwi Farms harassment campaigns. Cloudflare statement on dropping Kiwi Farms (September 2022)Clara Sorrenti’s own testimonials and Twitter/X documentation
Key Links:
Variety: “Cloudflare Drops Kiwi Farms After Harassment Campaign” (September 2022)BBC: “What is Kiwi Farms and why did Cloudflare drop it?” (2022)Clara Sorrenti’s own documentation (Twitter/X): @keleffals
Usage in article: “The Organized Brigade” perpetrator type, platform complicity section.
Critical Detail: The rideshare account compromise exposing family contact info is a major detail in the article; verify via Sorrenti’s own statements.
Case 3: Marjorie Taylor Greene Swatting (September 2022)
The Incident: Days after Clara Sorrenti’s case, a swatting attack was directed at U.S. Representative Marjorie Taylor Greene (R-GA). The attacker falsely reported an armed incident at her home to trigger an armed police response.
Documented Sources: Official Capitol Police statement. Multiple news outlets (CNN, NBC, etc.) covering the incident, Linked to Kiwi Farms forum members by investigators
Key Links:
CNN: “Rep. Marjorie Taylor Greene’s home swatted for third time in a year” (September 2022)Capitol Police press releases
Usage in article: To illustrate that doxing/swatting crosses political linesNote: The article explicitly uses this case to show the tactic is not partisan.
Case 4: Charlie Kirk Doxing Campaign (September 2025)
The Incident: Following the death of conservative commentator Charlie Kirk, a website called “Expose Charlie’s Murderers” published names, employers, and personal details of people who had posted critical commentary about him online, leading to job losses and suspensions.
Documented Sources: This is a recent, real incident; verify via:
NewsGuard or media watchdog archives. Conservative news outlets covering retaliation. Job loss/suspension documentation from affected individuals
Key Links:
Web archive snapshots (if available)News coverage in conservative media
Usage in article: “The Accountability Doxer” type, showing left-leaning deploymentCritical Note: You may need to verify the exact date and details; the article uses September 2025 which may need fact-checking if we’re past that date in your publishing timeline.
Case 5: Pro-Palestine Academic Doxing Campaigns
The Incident: Digital blacklist campaigns targeting academics and students critical of Israel. The article mentions “more than five thousand students and academics” on published lists.
Documented Sources:
The Israel-Palestine conflict reporting from organizations tracking both sides:
The Incident: Digital blacklist campaigns targeting academics and students critical of Israel. The article mentions “more than five thousand students and academics” on published lists.
University statements on student harassment. Individual case documentation from affected students
Key Links:
Inside Higher Ed: “Blacklists and Academic Freedom” (2023-2024)Chronicle of Higher Education coverage.
FIRE (Foundation for Individual Rights and Expression): tracking academic harassment cases
Usage in article: “The Accountability Doxer” type, showing left-leaning deployment
Note: The article mentions “five thousand students and academics” โ The specific number may need to be verified
Case 6: Harvard Square Billboard Incident
The Incident: A digital billboard truck circled Harvard Square displaying names and photos of students who signed a public letter about the October 7 Hamas attack, widely described as doxing.
Documented Sources:
Harvard Crimson (student newspaper) coverage
Boston Globe reporting Pro-Israel advocacy group statements (likely where the billboard originated)
Key Links:
Harvard Crimson: Search for “billboard incident 2023” or “students named October 7″Boston Globe coverage of same incident
Usage in article: “The Accountability Doxer” type, showing right-leaning deploymentNote: Verify the exact date; the article uses it as a historical reference.
Case 7: Immigration Enforcement Officer Doxing
The Incident: The article mentions activist doxing of ICE agents and claims a “seven hundred percent increase in assaults against immigration enforcement agents whose identities and home information have been published by activists opposed to their work.”Documented Sources:
Department of Homeland Security (DHS) reporting. ICE officer union statements (National Immigration and Customs Enforcement Council)News coverage of specific incidents
Key Links:
DHS press releases on agent safety. ICE union press statements. Investigative Reporters & Editors (IRE) coverage of doxing of federal agents
Usage in article: “The Accountability Doxer” type, showing left-leaning deployment
Critical Detail: The “seven hundred percent increase” figure needs verification; this is a specific, quantifiable claim that should be traced to a primary source.
Case 8: UnitedHealthcare CEO Brian Thompson Murder Aftermath (December 2024)
The Incident: Following the killing of UnitedHealthcare CEO Brian Thompson, two websites published names, emails, phone numbers, and LinkedIn profiles of hundreds of Fortune 500 executives, explicitly framing the killing as righteous and the list as a target index.
Documented Sources:
News coverage from December 2024 onwardsWeb archive snapshots (Internet Archive / Wayback Machine)Law enforcement statementsExecutive protection firm reports
Key Links:
NBC / CNN / Reuters coverage of the doxing campaigns. Internet Archive snapshots of the doxing sites (before takedown)Statements from affected corporations
Usage in article: “The Opportunist” perpetrator type.
Critical Note: The article states both sites were taken down within 24 hours; verify this timeline.
III. LEGISLATION & LEGAL DOCUMENTS
Daniel’s Law (New Jersey, 2020)
Official Citation: N.J. Stat. ยง 2C:12-3.1 (Daniel’s Law)What It Does: Allows judges, prosecutors, and law enforcement officers to demand removal of their home address and unpublished phone number from data brokers and public-facing business databases.
Key Details:
Passed within months of Daniel Anderl’s murder (July 2020)Imposes financial penalties for noncomplianceBy 2024, over 100 lawsuits filed against companies failing to comply
Link: https://www.nj.gov/njleg/ (search Daniel’s Law or S3043/A5185)
Further Info: New Jersey courts website and data broker compliance resources
Usage in article: Legal landscape section
Daniel Anderl Judicial Security and Privacy Act (Federal, 2022)
Official Citation: S. 3054 / HR 6246 (Daniel Anderl Judicial Security and Privacy Act)What It Does: Extends Daniel’s Law protections to federal judges nationwide; explicitly prohibits data brokers from trading the personal information of federal judges.Key Details:
Passed 2022Creates federal enforcement mechanismComplements state-level Daniel’s Law protections
Link: https://www.congress.gov/ (search by bill number S.3054 or HR 6246)
Further Info: U.S. Courts Administration office statements on compliance
Usage in article: Legal landscape section
California Doxing Victims Recourse Act (AB 2881, effective January 2025)
Official Citation: California Penal Code ยง 528.5 (as amended); Assembly Bill 2881What It Does: Creates a civil right of action allowing victims of doxing to sue for damages ($1,500 to $30,000 per incident) plus attorney fees, regardless of whether criminal charges are filed.Key Details:
Effective January 1, 2025
Applies to publishing personal information with intent to harass or cause harm
No requirement that criminal prosecution occur
Amends existing harassment statute
Link: https://leginfo.legislature.ca.gov/ (search AB 2881 or Penal Code 528.5)Further Info: California Attorney General’s office guidance on implementationUsage in article: Legal landscape section
State Doxing Laws Overview (Three Explicit + Fourteen Indirect)
States with explicit “doxing” statutes: Alabama, California, Illinois (as of 2025)States with implicit criminalization via harassment/stalking laws: 14 additional states (list to be compiled)
Documented Sources:
Council of State Governments doxing law tracker
FIRE (Foundation for Individual Rights and Expression) state-by-state analysis
National Conference of State Legislatures (NCSL) research on harassment statutes
Key Links:
Council of State Governments: https://www.csg.org/ (search “doxing laws”)
FIRE: https://www.thefire.org/ (search “doxxing” or “state laws”)
NCSL: https://www.ncsl.org/ (search “harassment” or “cyberstalking statutes”)
Usage in article: Legal landscape sectionNote: You may need to compile the exact list of 14 states; this is a current/evergreen detail.
Federal First Amendment Precedent: Daily Mail Principle
Legal Basis: The principle comes from Smith v. Daily Mail Publishing Co., 443 U.S. 97 (1979)
What It Holds: The government can rarely punish the publication of truthful information that was lawfully obtained, even when that publication causes harm to its subjects
Modern Application: Used in cases examining whether doxing or targeted publishing can be restrictedKey Links:
Supreme Court opinion: https://supreme.justia.com/cases/443/97/Law review articles on “Daily Mail principle” and doxing (search legal databases)
FIRE analysis of First Amendment and doxing: https://www.thefire.org/
Usage in article: Legal landscape section explaining the constitutional challenge
IV. SUPPORT ORGANIZATIONS & CRISIS RESOURCES
Cyber Civil Rights Initiative (CCRI)
Focus: Coordinated online harassment, swatting, doxing
Services: Education, research, victim support, policy advocacy
Contact & Resources: https://www.cybercivilrights.org/Specific Programs: Online harassment hotline, support guides, legal resourcesUsage in article: Crisis resources section
Online SOS
Focus: Victims of coordinated online harassment and doxing
Services: Personalized support, resources, navigation of platform reporting and legal options
Contact & Resources: https://onlinesos.org/Specific Programs: Case-by-case support, crisis responseUsage in article: Crisis resources section
National Network to End Domestic Violence (NNEDV) โ Safety Net Project
Focus: Technology-facilitated abuse, stalking, doxing (especially in intimate partner context)
Services: Specialized resources, safety planning, technical support
Contact & Resources: https://www.techsafety.org/
Specific Programs: Free tech safety guides, stalking resource guides, privacy toolkitUsage in article: Crisis resources section
V. FEDERAL AGENCIES & ENFORCEMENT
Federal Trade Commission (FTC) โ Data Broker Oversight
Key Case: In re Kochava Inc. (location data broker enforcement action, 2023)
Resources:FTC data broker enforcement actions: https://www.ftc.gov/
Search: “Kochava” for the full settlement and complaintFTC guidance on data broker consumer rights
Usage in article: Data broker complicity section
Department of Homeland Security (DHS) โ Immigration Enforcement Data
Key Finding: DHS reported statistics on assaults against ICE agents following doxing campaigns
Resources:
DHS press releases and annual reports on officer safetyCongressional testimony on agency security concerns
Usage in article: Statistics on effect of “Accountability Doxer” campaigns
VI. MEDIA & INVESTIGATIVE REPORTING SOURCES
On Kiwi Farms & Clara Sorrenti Case
BBC News: “What is Kiwi Farms and why did Cloudflare drop it?” (September 2022)
Variety: “Cloudflare Drops Kiwi Farms After Harassment Campaign Against Transgender Streamer” (September 2022)
Vice: Ongoing coverage of Kiwi Farms harassment campaigns
NBC News / CNBC: Coverage of doxing and swatting incidents (2022)
On Judge Salas & Daniel Anderl Murder
NBC News: Comprehensive reporting on the incident and data broker implications. New Jersey law enforcement press releases. Judge Salas’s public statements and TED talks
On UnitedHealthcare CEO Murder Aftermath
Reuters: Coverage of executive doxing campaigns (December 2024)
CNN / NBC: Analysis of the doxing sites and threat to other executives
Business Insider / Forbes: Impact on corporate security practices
On State-Level Doxing Laws
Inside Higher Ed: Academic freedom and doxing campaigns (2023-2024)
Chronicle of Higher Education: Coverage of academic harassment via doxing
VII. LINKABLE GLOSSARY & INTERNAL DEFINITIONS
These terms are defined in the article’s Appendix section
Core Concepts
Doxing โ The publication of someone’s private or identifying information without consent, with intent to harass, intimidate, or expose to real-world harm.
Doxxing โ Alternative spelling of doxing; same meaning.
Swatting โ Making a false emergency report (active shooter, hostage situation) with intent to provoke armed police response at target’s location.
Data broker โ Company whose business model involves collecting, aggregating, and reselling personal information.
Legal & Constitutional Terms
Daily Mail principle โ First Amendment precedent (Smith v. Daily Mail, 1979) holding that government can rarely punish publication of truthful information lawfully obtained.
First Amendment โ Constitutional protection for free speech; relevant to debates over what doxing can/cannot be legally restricted.
Daniel’s Law โ New Jersey legislation allowing judges, prosecutors, law enforcement to demand address removal from data brokers.
Daniel Anderl Judicial Security and Privacy Act โ Federal law extending Daniel’s Law protections to federal judges.
California Doxing Victims Recourse Act โ California civil remedy allowing doxing victims to sue for damages ($1,500-$30,000).
Technical Terms
Two factor authentication โ Security method requiring two separate verification steps to access an account; increases protection against account compromise that could expose linked personal information.
Data removal service โ Third-party company that handles requests to remove personal information from data brokers and people-search websites.
Address confidentiality program โ State programs that substitute a confidential mailing address for a person’s actual address on public records (available in most U.S. states for certain protected groups like domestic violence survivors, judges, law enforcement).
Organization Terms
Cyber Civil Rights Initiative โ Nonprofit focused on coordinated online harassment, swatting, doxing; offers support and resources.
Online SOS โ Nonprofit providing personalized support to doxing and coordinated harassment victims.
National Network to End Domestic Violence (NNEDV) / Safety Net โ Project focused on technology-facilitated abuse and stalking.
Appendix
Key Terms
Doxing: The publication of someone’s private or identifying information without their consent, typically with the intent to harass, intimidate, or expose them to real-world harm.
Swatting: Making a false emergency report, typically of an active shooter or hostage situation, with the intent of provoking an armed police response at a target’s location.
Data broker: A company whose business model involves collecting, aggregating, and reselling personal information, often without the meaningful knowledge or consent of the individuals described.
Daily Mail principle: A line of First Amendment precedent holding that the government can rarely punish the publication of truthful information that was lawfully obtained, even when that publication causes harm to its subject.
Daniel’s Law: New Jersey legislation, passed in 2020 after the murder of Daniel Anderl, allowing judges, prosecutors, and law enforcement officers to demand removal of their home address and unpublished phone number from businesses and data brokers.
Further Reading
Federal Trade Commission. “FTC Sues Kochava for Selling Data that Tracks People at Reproductive Health Clinics, Places of Worship, and Other Sensitive Locations.” FTC press release, August 2022.
The Council of State Governments. “Doxing: State Protections Against Digital Threats.” 2025.
NBC News. “Kiwi Farms: Anti-trans stalkers chasing Keffals around the world.” September 2022.
Rutgers Law School. “Groundbreaking Judge Turned Tragedy into Change.” Profile of Judge Esther Salas.
The Foundation for Individual Rights and Expression. “Is doxxing illegal?” by David L. Hudson Jr.
Anti-Defamation League. 2024 Online Hate and Harassment Survey.
Crisis Resources
Cyber Civil Rights Initiative, Online SOS, and the National Network to End Domestic Violence’s Safety Net project all maintain resources for victims of coordinated online harassment, doxing, and technology-facilitated abuse. If you believe you are in immediate physical danger, contact local law enforcement or emergency services directly.
Digital Manipulation is a space for people who are learning to see what was designed to be invisible. You are not helpless. Coordination can be recognized. Manufactured consensus can be distinguished from authentic belief. You decide what you think.
gorgeousdiaries.com
Discover more from Gorgeous Diaries
Subscribe to get the latest posts sent to your email.