What is doxxing?

The definition

Doxxing is the act of researching and publishing private information about a person without their consent, typically to expose them to harassment, intimidation, or physical danger. The word is a corruption of "documents" — "dropping docs" was 1990s hacker slang for publishing someone's identifying paperwork.

The contemporary form of doxxing is enabled by data brokers. Most of the information that used to require investigation (employer, current address, family relationships, daily routine clues) is now searchable in seconds on Spokeo, BeenVerified, Whitepages, and similar sites. The technical barrier is gone. What remains is the willingness to assemble the exposure and post it where harassers will see it.

The categories of doxxing

Researchers classify doxxing into roughly four types based on motive:

• Harassment doxxing. Posting someone's home address and phone on a hostile forum to incite calls, mail, or visits. Most common form. The motive is to make the target's daily life unsafe or impossible.
• Political or ideological doxxing. Targeting public figures, judges, election workers, journalists, abortion providers, or anyone whose work the doxxer opposes. Often coordinated across multiple actors. The 2020-2024 election-worker harassment campaigns and the persistent doxxing of judges and prosecutors are the documented heavy cases.
• Identity-theft preparation. Compiling enough about a person to social-engineer their bank, employer, or government accounts. Less about public exposure, more about private exploitation. Often invisible to the target until financial fraud surfaces.
• "Prank" or trolling doxxing. Often associated with online gaming or streamer communities. Doxxer claims the motive is humor; the target's experience is identical to any other doxxing.

Documented cases that show the stakes

The doxxing-to-violence pipeline is documented in named incidents, not hypothetical. A partial list:

• Judge Esther Salas, 2020. A gunman who blamed Judge Salas for an unfavorable ruling looked up her New Jersey home address online, came to her house, and killed her 20-year-old son Daniel. The incident motivated the 2022 federal Daniel Anderl Judicial Security and Privacy Act, which created an opt-out mechanism for federal judges.
• Ruby Freeman and Shaye Moss, 2020-2021. Two Fulton County, Georgia election workers were doxxed and named in conspiracy theories after the 2020 election. Their home addresses circulated within days. They received death threats and were forced to leave their homes. Sued Rudy Giuliani and won a $148M defamation judgment in 2023.
• Minnesota House Speaker Melissa Hortman, 2025. The shooter who killed Hortman and her husband used data broker sites to find their home address. The case prompted renewed congressional discussion of federal data-broker legislation.
• Amy Boyer, 1999. The original documented case of broker-enabled stalking. A stalker purchased Boyer's workplace address from an online information broker, drove there, and killed her. Her case prompted the first state-level data-broker laws and federal hearings on the industry.

These are not edge cases. They are the named documented results of the same data-aggregation business model that publishes your address on broker sites like Spokeo for anyone to look up.

How doxxing actually works mechanically

The doxxing process has roughly three phases:

1. Identification. The doxxer starts with a partial identifier — a username, an email, a photo, sometimes just a face caught on video. Reverse image searches and OSINT techniques convert this to a real name.
2. Aggregation. With a real name, the doxxer searches data broker sites and public records. Within minutes they typically have home address, phone numbers, family members, previous addresses, and an employer. This is the phase data brokers materially enable.
3. Publication and coordination. The compiled "dox" is posted to a hostile forum, sometimes accompanied by a call to action ("call this number to harass," "send pizzas to this address"). The publication amplifies the harm beyond what one doxxer could do alone.

The data broker layer collapses phase 2 from days of investigation to a few minutes of searching. Reducing your broker exposure doesn't make you un-doxxable. It does materially raise the friction.

Is doxxing illegal?

Federal US law has no general anti-doxxing statute. Several federal laws apply when the doxxing crosses into specific harms:

• 18 USC §2261A (cyberstalking). When the doxxing is part of a course of conduct with intent to harass, kill, injure, or intimidate. Felony.
• 18 USC §875(c) (interstate threats). When the doxxing includes or facilitates threats transmitted across state lines.
• 18 USC §119 (covers federal employees). Posting personal information of federal officers, employees, and their families when motivated by their official work. Felony.
• Daniel Anderl Act, 2022. Federal opt-out for federal judges and family members, post-Salas.

State-level anti-doxxing laws have been passed in California, Illinois, Maryland, Nevada, New Jersey, Texas, and several others — many in response to specific incidents. The state-level scope and penalties vary significantly.

Practical reality: doxxing prosecutions are rare because attribution is hard. The doxxer is often anonymous, the platform doesn't preserve evidence, and the harm spreads faster than law enforcement can intervene. Civil suits against named participants are the more common remedy.

How to reduce your doxxing surface before targeting

Pre-emptive defense is far more effective than reactive defense. The work to do, in priority order:

1. Remove yourself from data brokers. The largest single source of doxxing-ready information. Our hub covers this.
2. Audit social-media privacy settings. Lock down friend lists, location tags, photo metadata, public family members.
3. Separate professional from personal identities. Use different email addresses for professional and personal accounts. Consider an alias for any public-facing work.
4. Use a private mailing address. Mailbox forwarding services, a registered agent (for business filings), or your state's Address Confidentiality Program if you qualify.
5. Audit reverse-image searches. What does PimEyes find when someone uploads your photo? Use the face-search removal hub.
6. Family coverage. Brokers link records by shared address. Removing only your own data leaves your spouse and adult children as the soft entry point. Family privacy plans address this.

If you're being doxxed right now

If you are actively being doxxed, the priority shifts from prevention to response:

1. Document. Screenshot every post, save URLs, note timestamps. The platform will likely delete the content; you need it as evidence first.
2. Report to platforms. Twitter/X, Reddit, Facebook, Discord, Telegram all have anti-doxxing policies. They typically act within hours of receiving a report from the affected person.
3. Contact law enforcement. Local police if there's an immediate physical threat. FBI's IC3 (ic3.gov) for online-only threats that cross state lines.
4. Lock down your accounts. Change passwords, enable 2FA, set up recovery codes. Doxxing often precedes account-takeover attempts.
5. Get professional help. For sustained doxxing campaigns, a digital-forensics firm and a defamation attorney are sometimes necessary. The Ruby Freeman / Shaye Moss case shows the model: civil suits against named amplifiers can produce both injunctive relief and damages.

For ongoing recovery, see our guide on privacy after being doxxed.

Frequently asked questions