Doxing may be considered cyberbullying and violators may face criminal prosecutions, the Personal Data Protection Office (GPDP) stressed in a statement yesterday.
Doxing uncovers personal data of a particular person or a group of people. The data is usually then published online and occasionally offline without the consent of the person or people to whom the data relates.
The office added that doxing is usually carried out for cyberbullying purposes.
Such activities, according to the Office, may breach the Personal Data Protection Law and lead to administrative or criminal violations.
“The office has always attached great importance to related issues,” the office noted in the statement, adding that as early as in 2011, it formulated the “Precautions for Publishing Personal Data on the Internet” for public reference.
“In recent years, the Office has dealt with many cases involving doxing, punished the relevant offenders, and transferred some cases with suspected criminal grounds to the police for investigations,” the office recapped.
Some doxing cases were triggered by money or transaction conflicts, as well as employment disputes. The office described doxing as an immoral and irrational act that appears trivial but in fact carries significant legal ramifications.
To support its statement, the office highlighted several cases where punishments had been handed down. In one case, the complainant’s partially covered photo, name and date of birth, as well as full gender marker, current and past employers were published on an open group on a social media platform.
In the discussion string, the complainant was identified by some users and the full name was published.
After investigations, the office imposed a fine of MOP8,000 on the perpetrator. AL
