Should No-Doxxing Policies Apply To Links/FPPs Too? May 11, 2015 4:57 PM   Subscribe

While a hard bright line has been maintained against actively doxxing people in comments on Metafilter, where do we stand about FPPs and comments that link to sites which expose details of people's information and home lives against their will? Most recently, the recent FPP about doxxing members of the intelligence community, to include photos of them, their family, details of where they live, and which cars they drive, etc. Can we, and should we, do better?

I think it'd be helpful to clarify this policy - there have been some posts deleted in the past for doxxing even when not about Mefites-. It'd be useful to have a clearer line going forward. Thoughts?
posted by corb to Etiquette/Policy at 4:57 PM (133 comments total) 5 users marked this as a favorite

This is a good post for metatalk.
posted by Going To Maine at 5:06 PM on May 11, 2015 [2 favorites]


A few thoughts on this. The deleted post you link to was about doxxing one person, so it's a different kind of situation, in terms of the level of scrutiny that would be thrown onto that person. A better analogy I think is some of the large document dumps that have happened, like the Sony emails, with the info of a huge number of people... The current post is IMO more okay than the Sony info, since the current post is just a roundup of publicly-posted information from sites like LinkedIn, as I understand it (?) whereas the Sony stuff was private emails.

To me there's a clear line of us not bringing the personally-identified information over here (like, we would delete it if you commented "here's Mary Smith of such-and-such place"). But what we link to is more gray-area. I think this current post is iffy -- since the linked video does the kind of identifying stuff we wouldn't allow on the site -- but didn't feel like it was a home-run delete.

I'll be interested to hear what people think about what the site's standard should be on linking to this kind of thing.
posted by LobsterMitten (staff) at 5:06 PM on May 11, 2015 [3 favorites]


I am bewildered to find myself in agreement, here.

Doxxing is bad, it really doesn't matter who the target is. I feel--same as I do about reddit links--that we should not be condoning doxxing in any form. Yes, it's a big-ish news story. Got that. I don't think we should be linking to anything about it, or any similar doxxing data dumps in the future. (ISTR I said something similar about the Sony stuff).

To say nothing of--I presume; I haven't read the post or links and won't be--the very real danger to people involved in any stage of intelligence operations when their employers, if not themselves directly (again, I haven't read the details and won't be), are publicly identified. I mean, let's say you're China. Read about this story and you've just saved yourself tons of legwork.

(Not getting into a debate about the ethics of spying or a pox on both their houses or anything like that--I'm talking only about effects as they relate to the state of the world as it is right now, and not how we might wish it to be.)

In summary: this should have been deleted because doxxing is bad. As should all future posts. I could see carving out a nod-and-wink exception whereby we never link, in FPPs or comments, to the actual doxx themselves and only the coverage about them. I wouldn't like it personally; I think that's probably the only realistic outcome.
posted by feckless fecal fear mongering at 5:15 PM on May 11, 2015 [10 favorites]


I'm not so concerned after recently uncovering the NSA has a Glee Club.
posted by clavdivs at 5:15 PM on May 11, 2015 [4 favorites]


I've never understood why people consider "doxxing" to be such a big deal in the first place, unless it's data being gathered from non-public sources. Pretending the data isn't out there in public records doesn't make it somehow become inaccessible. This project is no different; it is just a compendium of information which is already available to the public. If these people did not want the information to be known, why did they put it on the web in the first place?

I can imagine a reasonable argument against this opinion to the effect that perhaps it isn't reasonable to expect non-specialists to understand what they are doing when they put information out in public, but this is the intelligence community, for Christ's sake, there is nobody on the planet who should be expected to know better than to put information on the public internet that they don't want other people to know about.
posted by Mars Saxman at 5:22 PM on May 11, 2015 [4 favorites]


I'm still considering the implications of a ban, so far. But I would like if all links containing private information about living persons without their consent or prior divulgement were tagged as such by the poster/commenter. This is a suggestion and not a requirement; people's views on what counts differ widely.
posted by halifix at 5:22 PM on May 11, 2015 [4 favorites]


This is a disingenuous attempt to suppress political disagreement under the guise of interpersonal etiquette. "Doxxing" is a matter of harassment of private individuals; the subject of the post is research into the national security state. No harassment has occurred nor has any been solicited, and suggesting otherwise is a misrepresentation — I suspect a deliberate one — of the journalism/research, clearly in the public good, which is the subject of the post.
posted by RogerB at 5:33 PM on May 11, 2015 [14 favorites]


but this is the intelligence community, for Christ's sake,

It is also, apparently, people who share names with people in the intelligence community.
posted by the man of twists and turns at 5:37 PM on May 11, 2015 [19 favorites]


I've never understood why people consider "doxxing" to be such a big deal in the first place

How comfortable would you be with your full name and home address splashed across the internet for anyone--some of whom will have nefarious intentions (see: gamergroobers)--to see and use as they see fit? See also the few ridiculous house parties that have happened in the past few years, etc.

Now, specifically to this case, put yourself in the position of working--even in a tertiary manner--for a government agency literally dedicated to rooting out secrets of other governments, and preventing other governments from doing the same in return.

Would you not be slightly concerned about your personal information being made so public, in such a circumstance?
posted by feckless fecal fear mongering at 5:39 PM on May 11, 2015 [4 favorites]


So, two separate sets of issues:

a) Should this kind of project be done at all, and should it be covered by the media? Was this particular project done in a responsible and good way?

b) Should we link to it from MetaFilter? What kind of standards and rules of thumb should we work under, in terms of links that are unacceptable vs acceptable for linkage here?

It would be great if we could keep to question (b) in here, and take question (a) over to the thread on the blue.
posted by LobsterMitten (staff) at 5:39 PM on May 11, 2015 [6 favorites]


I was stalked and doxxed by a religious sex cult--they posted photos of my dog, my car, and my kid's school, because I worked on a documentary about them. I wasn't all that worried, because the producers had a really good lawyer. Do typists for the CIA have that same protection?
posted by Ideefixe at 5:39 PM on May 11, 2015 [4 favorites]


How comfortable would you be with your full name and home address splashed across the internet for anyone--some of whom will have nefarious intentions (see: gamergroobers)--to see and use as they see fit?

It doesn't really matter whether I'm comfortable with it, because my home address has been a matter of public record for many years. It showed up on the first page of a google search for "Mars Saxman address", last I checked. There are many ways someone's address can become public: domain registry, business license, being part of an LLC, buying property, being involved in a lawsuit, etc. People may not realize how easy it is to find this information, but why should that obligate the rest of us to pretend that we don't know either?
posted by Mars Saxman at 5:55 PM on May 11, 2015 [2 favorites]


Why doesn't it matter whether you're comfortable with it?
posted by uosuaq at 5:58 PM on May 11, 2015


For all the other reasons that I listed that you failed to address.

Just because you're unconcerned about your address being available doesn't mean that other people are. You might want to ask Zoe Quinn or Anita Sarkeesian about being doxxed.
posted by feckless fecal fear mongering at 5:59 PM on May 11, 2015 [11 favorites]


My feelings about the availability of the information have no effect on the ability of any curious person to find it. If I am uncomfortable with the fact that my address is public information, that's a matter to discuss with a therapist, because it is reality and being uncomfortable with it will not change anything.
posted by Mars Saxman at 6:00 PM on May 11, 2015


fffm: if someone's information is public, the information is public, and wishing it weren't so does nothing to stuff the genie back in the bottle. If the information is *not* public, that's a different story. In the case we are discussing, all of the information came from public records. The information is already available whether anyone concerned likes it or not, and it would still be available whether or not the authors of the linked project had compiled it. If the people involved don't want their addresses to be available to the public, then they need to take the legal steps which would allow them to keep their addresses private. If they haven't done so, then why is it our problem that their addresses are, in fact, public? Why are we supposed to play along with their mistake and pretend we don't know something that anyone can find out if they want to look for it? Wouldn't you expect people in the intelligence community, of all people, to be aware of these facts and to manage them as necessary for their professional security?
posted by Mars Saxman at 6:02 PM on May 11, 2015 [7 favorites]


The project in question constitutes doxxing only if you also think the local police blotter, or the sex offender register, constitutes doxxing. A reasonable site-wide policy about linking to instances of doxxing would not apply in this case, so why is this the example being discussed in a MeTa about a site-wide doxxing policy?

In fact, the police blotter -- which names people who have not (yet) been convicted -- and the sex offender register -- which has collateral consequences for people who have already served their sentence -- seem to me to be worse, from an invasion-of-privacy perspective, than this service, which just provides a public service.

Would a site-wide policy about doxxing govern links to arrest reports (of not-yet-convicted people)? It's generally pretty easy to find out where "Zebulon Uncommonname of West Microvillage" lives.

Also, if the data is really from LinkedIn, in what universe is this even remotely "doxxing"?

Wouldn't you expect people in the intelligence community, of all people, to be aware of these facts and to manage them as necessary for their professional security?

Right.
posted by busted_crayons at 6:05 PM on May 11, 2015 [1 favorite]


The point being that this specific doxxing that we are talking about here wasn't just something a 'curious person' could find. And whether or not a 'curious person' can find it is irrelevant, anyway. What is relevant is that people are having their private information put right out there in a very easy to find way, with unforeseen and occasionally tragic effects (again, gribble glompers, swatting (at least one person's dog is dead bc of that), Sarkeesian can't even go back to her home, Brianna Wu... shall I go on?). That's reality.

This propensity towards oh well bad people will do bad things, what can we do is pretty gross, frankly, especially given the huge number of very long discussions we've had on MeFi--blue and grey--about the effects of doxxing.

Do you not get that the very act of compilation is what makes doxxing and its effects so despicable?
posted by feckless fecal fear mongering at 6:06 PM on May 11, 2015 [17 favorites]


More to the point, the correct doxxing policy is "punching up is laudable, punching across is probably fighting rather dirty, and punching down is unacceptabe", so again this is the wrong example on which to base the discussion.
posted by busted_crayons at 6:09 PM on May 11, 2015


How is it 'punching up' to reveal the employers of typists and clerks and such? At the end of the day they're basically just office workers, not the actual shitheels that do the evil stuff.

It's like doxxing middle managers at Wal-Mart instead of the jerks who sit in the C-suites.
posted by feckless fecal fear mongering at 6:12 PM on May 11, 2015 [8 favorites]


No, I do not agree with that proposition. Threats, harassment, and violence are despicable. Searching, indexing, and analyzing public records is what those records are for.
posted by Mars Saxman at 6:12 PM on May 11, 2015 [5 favorites]


fffm, I don't think anyone is arguing that publishing private information on somebody is OK. As several folks have pointed out, this particular instance is publishing already public information from social media. There is no doxxing going on here, somebody just compiled publically available information.
posted by drinkyclown at 6:16 PM on May 11, 2015 [3 favorites]


Oh good, so you can guarantee that nobody who has been exposed by this is going to get harassed? That's pretty awesome.

Look.. one of the reasons MeFi is great is because of the $5 fee. It puts just enough a bar to entry that most trolls can't be arsed. Right?

Doxxing--the compilation of personal data about private individuals--is equivalent to someone saying "hey anyone in the universe who wants a Mefi account, here's $5 for it."
posted by feckless fecal fear mongering at 6:16 PM on May 11, 2015 [2 favorites]


It's like doxxing middle managers at Wal-Mart instead of the jerks who sit in the C-suites.

I am not super-okay with releasing irrelevant personal information about low-level intelligence organization workers, either, although I'm even less okay with their decision to choose to work for an organization like the ones I imagine to appear on those resumes. I don't have a good idea of the distribution of jobs in the ICWatch site, because I am a little afraid to look at it in detail, and I agree that that affects how ICWatch should be assessed.

(Like, would ICWatch tell me that my neighbor is e.g. a CIA janitor? Actually, if you think I'm entitled to know, from a public database, for my safety, that my neighbour served a prison sentence for a sex offense, why do you think I'm not similarly entitled to know that my neighbour works for an organization that has extrajudicially killed people etc.?)

Wal-Mart is extremely problematic, but the "intelligence community" is responsible for out-and-out indisputable evil, and poses a serious threat to democracy and to the public. In view of that fact, ICWatch should not be confused with normal shitty harassment, which has completely different intentions and which has indisputable victims.
posted by busted_crayons at 6:25 PM on May 11, 2015


In my previous comment, most instances of the word "release" should really say "compile".
posted by busted_crayons at 6:26 PM on May 11, 2015


(1) "available" is not the same as "easy"
(2) I asked specifically why your comfort/discomfort (with you standing in for any other person) *didn't matter*. I don't think you answered that.
posted by uosuaq at 6:28 PM on May 11, 2015 [3 favorites]


As I mentioned in the main thread, whether or not you agree with the goals of this, they have done a horrendous job of 'quality control'. It's trivial to find cases of people that are only on the list because they share a common name with others (yet are listed as the primary identity).

Agree or disagree with the overarching idea, but I can't see why anyone would support lending MeFilevel visibility to badly-sourced, patently-wrong information about innocent people.
posted by BlueDuke at 6:42 PM on May 11, 2015 [13 favorites]


This is a disingenuous attempt to suppress political disagreement under the guise of interpersonal etiquette.

This is my general feeling on the manner. I think the language is sloppy. Doxxing, to me, is assembling public and private information about people with the intent to stalk, harass or otherwise fuck with a person. It's possible my personal interpretation isn't right and to most people it's just shorthand for "assembling a dossier" on people. I think there are some shitty doxxing antics out there and also some that are more "We're trying to make a political point with this" statements. I think linking to the actual doxxes (?) is in a grey area and maybe uncool (the info is all public, right?) but talking about the fact that this stuff is going on is totally AOK to me.
posted by jessamyn (retired) at 6:43 PM on May 11, 2015 [16 favorites]


I'm with FFFM for the most part here on the general topic of doxxing. And I want to re-emphasize TMOTAT's comment:

It is also, apparently, people who share names with people in the intelligence community.
posted by the man of twists and turns at 8:37 PM on May 11 [2 favorites −] Favorite added! [!]


Doxxing has an unreliable track record for accuracy, so even if we view it as something other than the list of harrasment targets it often turns in to and see it just as a collection of information we have to grapple with the reality that the internet has a terrible track record with fact checking this information before publishing it.
posted by Drinky Die at 6:44 PM on May 11, 2015 [11 favorites]


Doxxing--the compilation of personal data about private individuals

If that is your definition of doxxing, why are you concerned about a database containing public data about government employees?

I asked specifically why your comfort/discomfort (with you standing in for any other person) *didn't matter*. I don't think you answered that.

If my answer didn't answer your question then I don't understand your question. My feelings about public records describing me have no effect on the content or availability of those records. Once information is public it stays that way.
posted by Mars Saxman at 6:56 PM on May 11, 2015


Mod note: One comment deleted. Please don't go through people's comments and drag in personal info here; that is a really strange impulse given the question we're considering here.
posted by LobsterMitten (staff) at 6:59 PM on May 11, 2015 [3 favorites]


"but the "intelligence community" is responsible for out-and-out indisputable evil, and poses a serious threat to democracy and to the public. In view of that fact..."

I think the mods asked for this to raised in the blue but let's look at that concerning policy. The CIA has a policy and mefi does. They do not match nor should they however it was the policy and directive of the U.S. govt. to kill Saddam Hussein in the 90s. (death by coup) This was attempted and the agent who set it up, had it cancelled by the White House and he was detained for attempting to murder Saddam.
The CIA policy held, they followed orders but the executive branch did not and hung him out to dry because of politics.
now, if by your reasoning, the Intel folks are a danger to the public because of what they do, is it metafilters job to expose it? If some Intel folks perceive x site as a threat for exposing information and they Doxx members of site x, is that right?
No, it would be illegal.
posted by clavdivs at 7:00 PM on May 11, 2015


If I am uncomfortable with the fact that my address is public information, that's a matter to discuss with a therapist, because it is reality and being uncomfortable with it will not change anything.

I'm guessing that if you were a target for harassment and threats and people were sharing around your address on places like 8chan, you'd probably be more likely to be discussing it with more than your therapist. You'd probably be discussing it with the police and maybe a real estate agent, because this shit has frequently forced people to move, and just because you're comfy with it or whatever doesn't mean people, especially people without male privilege, are going to want to be members of a website that implicitly supports publicizing that information.
posted by NoraReed at 7:01 PM on May 11, 2015 [19 favorites]


This is a disingenuous attempt to suppress political disagreement under the guise of interpersonal etiquette.

This is my general feeling on the manner.


I disagree and feel that corb is likely speaking more from a sense of personal empathy for the people involved rather than pushing a political agenda.
posted by Drinky Die at 7:03 PM on May 11, 2015 [10 favorites]


I don't see how pretending the information doesn't exist is supposed to make it go away. If I am at risk of harassment, isn't it better to know exactly what my harassers do and don't have to work with, instead of hiding behind an illusion of security?
posted by Mars Saxman at 7:08 PM on May 11, 2015 [2 favorites]


There is a difference between information being available and information being publicized. I am not sure if you don't understand that different or if you're being intentionally dense to make some kind of point, but either way you are taking up all of the air in this thread and making it all about you, and it is annoying.
posted by NoraReed at 7:10 PM on May 11, 2015 [29 favorites]


I don't see how pretending the information doesn't exist is supposed to make it go away.

Nobody, but nobody, is suggesting that anyone pretend the information doesn't exist.
posted by feckless fecal fear mongering at 7:27 PM on May 11, 2015 [2 favorites]


Mars, gonna need that photo back of me and Ollie North.
posted by clavdivs at 7:30 PM on May 11, 2015 [7 favorites]


I think the whole "this is public information and therefore it's okay" is kind of a crappy way of framing this. Without even getting into the harassment aspect that others have covered pretty well already, there's a bunch of problem areas.

I work in the DC area, as do a lot of my friends and family and fellow MeFites, and some of them work (or have worked) for government agencies, including military ones. Most of these people are working for the kinds of places that will pay them the most money, and working for these agencies offers better pay and benefits, as well as a ton of job opportunities in both the public and private sectors. This should be obvious when you keep on saying "but it's on LinkedIn!" Yes, that's because working for these organizations opens a lot of doors for them. Having the Pentagon or even the NSA on your resume is pretty damn useful in places like the tech industry and engineering. Second, politics shouldn't really come into it. When someone says something like
the "intelligence community" is responsible for out-and-out indisputable evil, and poses a serious threat to democracy and to the public
they sound like they're talking mostly about people who are political appointees and/or SES, not your average white- or blue-collar worker. DC and most of the surrounding suburbs are among the bluest parts of the country, and that's where the majority of these people come from. No doubt some of them are really into it for the chance to blow up terrorists or spy on citizens, but even among the executive levels, this isn't a universal sentiment. Also, I can't even access it, so I can't tell if this is purely government employees or if it also includes contractors (Snowden, you should recall, worked for BoozAllen), and whether it's actually limited by agency or just a listing of people with certain clearances. There's a ton of people that work at places like the SSA and CDC and NASA and the like that have security clearances because of the data that they handle, not to pilot drone strikes.

In any case, either the information is complete and therefore has a bunch of people who aren't "indisputably evil" or public employees, or it's incomplete and therefore a large portion of the people you believe should be held accountable aren't even there. It's a lose-lose situation: the people whose information was revealed may not be who you're looking for, and the people who you're looking for aren't all there.
posted by zombieflanders at 7:43 PM on May 11, 2015 [20 favorites]


Well, Corb has a great point. Should personal information posts be allowed and cites R_Ns' deletion of the above link. That suggests a precedent. The only problem is, that deleted thread is still accessible information. Deleting it won't make the info "go away" unless it is never placed in the deleted stack in the first. So maybe the question is to review these types of subjects for posting. As to the immediate question, I think it should not be allowed to link in thread as Lobstermitten pointed out. This would require more modding in these threads.
posted by clavdivs at 7:48 PM on May 11, 2015 [1 favorite]


One more thing: If this has information from their LinkedIn profiles, it likely has who they're linked to. Anyone who is either a professional or personal contact of these people is going to be tainted by association, even if they don't have any connection beyond sharing business cards at one of the thousands of conventions and symposiums and conferences that deal with the minutiae of running the massive beast that is the federal government. It would really suck to have a bunch of internet randos getting on your case because your cousin's best friend that you had drinks with that one time worked for the CIA a decade ago.
posted by zombieflanders at 7:57 PM on May 11, 2015 [12 favorites]


It's definitely incomplete. I know several people who fit their definition but aren't in the list.
posted by Johnny Wallflower at 8:14 PM on May 11, 2015 [1 favorite]


And whether or not a 'curious person' can find it is irrelevant, anyway.

Because the act of publishing the names, in itself, makes people "curious", and the outrage article that usually goes with it implicitly suggests fucking with them however much it protests otherwise.

I haven't read this (and won't, because the "in your jurisdiction" part of the FPP definitely applies to me due to the nature of my job) so maybe I'm missing something. It seems to me in the general case we could do without MeFi Newsfilter about a thing being reported elsewhere. If there's an interesting angle to this other than "everyone is reporting this thing that happened" maybe we could talk about that angle without a direct link? Just thinking out loud. *In writing, while not actually making any noise. So, not out loud at all, but you know what I mean.
posted by ctmf at 8:20 PM on May 11, 2015 [7 favorites]


What you all seem to want is impossible, but I trust I have made my point, so I will accept that this is just another way metafilter consensus has changed greatly since I first started hanging out here and leave you to it.
posted by Mars Saxman at 8:35 PM on May 11, 2015


What we want is to not link to people's private information being splashed all over the internet. How, pray tell, is that impossible?
posted by feckless fecal fear mongering at 8:53 PM on May 11, 2015


It is impossible to stop the flow of data if public. It is possible for us not to release it here.
posted by clavdivs at 9:01 PM on May 11, 2015 [17 favorites]


It is possible for us not to release it here.

Which seems a lot like masturbation.
posted by AElfwine Evenstar at 9:09 PM on May 11, 2015 [1 favorite]


The term "public information" is disingenuous because it is too vague. Charles Johnson published "Jackie's" name (ostensibly -- which adds a very complicating factor about authentication) so is it public? The glib 'well it's out there' position just encourages some asshole to behave like one.

Exposing information that is nominally out of reach is an intentional and ideological act -- whether is it CIA operative or people who have made accusations of rape. If we have a policy that opposes it, then we should extend it to the content we share out. Public figure standards for satire and parody are probably the best rough proxy for when something should be considered 'public'. Or a court case. I don't think a LinkedIn profile fits that measure, because at the very least because it's a private company.

At the end of the day, if we don't link to things that don't have a standard of privacy that we extend to members, how much is lost? Maybe a little more digging for source links that don't provide dox level details? If you can't find the raw meat with a google string, maybe we don't need to hold your hand.

I'm probably just an old crank here, but the protocol is still HTTP. We can have a point of view about that, even if everyone else just races past it in search of eyeballs and ad revenue.
posted by 99_ at 9:13 PM on May 11, 2015 [5 favorites]


It is possible for us not to release it here.

Which seems a lot like masturbation.


Isn't it...isn't it more like a self affixed chastity de....You know what, nevermind. Good night, everybody!
posted by Drinky Die at 9:13 PM on May 11, 2015 [3 favorites]


The term "public information" is disingenuous because it is too vague. Charles Johnson published "Jackie's" name

You should specify Charles C. Johnson when you discuss him, because there is another well known Charles Johnson blogger.
posted by Drinky Die at 9:18 PM on May 11, 2015 [1 favorite]

a) Should this kind of project be done at all, and should it be covered by the media? Was this particular project done in a responsible and good way?

b) Should we link to it from MetaFilter? What kind of standards and rules of thumb should we work under, in terms of links that are unacceptable vs acceptable for linkage here?
I think there is a group of folks that want an option c) - We shouldn't post *about* such stories on metafilter, because even if we don't link to the offending data, it's easy enough for anyone to find it.

Personally, I don't have a problem not linking directly to 'offending' links - I know how to use google. But the thing is, I imagine the rest of metafilter does as well. So what exactly is the point of not including such links then?

As far as option C - I'm pretty wary of having some conversations off-limits to discuss or talk about, unless there is a very compelling reason to do so. And given the press has already written stories about the subject, it feels pretty reasonable to discuss it here. Even if that discussion consists of a chorus of 'the press shouldn't write about this' comments.
posted by el io at 9:22 PM on May 11, 2015 [2 favorites]


No, I figure the reality is that people will find this data if they want to. What makes me uncomfortable is MeFi linking directly to it. Compare, perhaps, to the general feeling about not linking directly to torrents with oblique references about things available torrentwise.
posted by feckless fecal fear mongering at 9:25 PM on May 11, 2015 [2 favorites]


I am not sure about the whole issue, but I feel uncomfortable when the family or friends of someone are dragged into it or may be in some sort of danger as a result. I personally would not post this, but I cannot figure out if it is appropriate to ban such posts.
posted by AugustWest at 9:43 PM on May 11, 2015


APersonally, I don't have a problem not linking directly to 'offending' links - I know how to use google. But the thing is, I imagine the rest of metafilter does as well. So what exactly is the point of not including such links then?

There was a MeTa that included a convo (may have been about -- I forget) about the Twitter widget and it referenced members behavior. Honestly, it felt gossipy more than anything and I admit when I'm distracted or in a bad mood because of work, I will go down a rabbit hole on things like that. After some vague back and forth, a link was posted. If that link wasn't there, I would have never found the info, even if it was plausibly available.

Point being, people are lazy. Should you link to an ISIS video? Linking, not linking, it's an active decision. So if people can find anyway, it's easy enough to posit the opposite: why bother linking if it's that easy to find?

Edit: wrong para quoted
posted by 99_ at 9:48 PM on May 11, 2015 [1 favorite]


Drink clipped me on that, I was going to retort that masterbation is usually a one-sided affair.

"The term "public information" is disingenuous because it is too vague. Charles Johnson published "Jackie's" name"

That reminds of old Ezra Pound who named or doxxed his jailers while in detention for being the only American civilian to face trail for treason during world war 2.
No doubt his jailers were mean (the names are priceless) but that info was somewhat private. That poetry was discussed at that time with wide reaching implications concerning freedom of speech.

I get what you mean about vauge but the NSA glee club seems vauge yet it is out there. Am I outting the anti-gleers to doxx? No. Am I exposing their cabal under the aegis of the keen aspects of Handel?
posted by clavdivs at 9:57 PM on May 11, 2015 [1 favorite]


I know this issue has been discussed before, but the proposed banning of such links would certainly include wikileaks (the Sony leaks are on its front page).
posted by el io at 10:21 PM on May 11, 2015 [2 favorites]


How is it 'punching up' to reveal the employers of typists and clerks and such? At the end of the day they're basically just office workers, not the actual shitheels that do the evil stuff. It's like doxxing middle managers at Wal-Mart....

It isn't because the information (at least that which isn't wrong) is both public and about public employees. Most of us kind of expect it now. Talk to a teacher or a cop about what they put on Facebook, or if they use it at all.

It's uncomfortable, but social media is trawled on a regular basis by the press and NGOs and companies and who knows else for leverage when then deal with public employees. I gather this is "creepy" to a lot of people who've never been put into that sort of situation, but if you sign-up for any public service job now, particularly one with any kind of profile or public interaction, this kind of "doxxing" has been a fact of life for at least the last 10 or 15 years.

I think it's worth talking about, simply because this sort of thing is so common as to simply be part of the background for most government employees, of course we don't use social media for anything work-related. I've had run ins about my Linked-in profile. There's a reason I use a pseudonym here. My teacher relatives all absolutely refuse to put pictures of themselves or their kids up. It's a bit odd to me to see non-government folks have such a strong reaction to that. Maybe we do need to talk about it.

This database is clumsy and wrong-headed, but I'll bet you most of the big political organizations, NGOs and so on all have one for their areas of interest. If they don't now, they will likely in a few years. Not just federal either, state/provincial, municipal, even school systems. Targeted lobbying is all the rage right now, and the regulatory capture that's happening because of these new information sources is something the bureaucracies are having trouble dealing with.

Not talking about these sorts of things and the particular ways they are used to lobby and influence public policy (which is exactly what this is) would seem like a bad idea to me.
posted by bonehead at 10:40 PM on May 11, 2015 [5 favorites]


masterbation is usually a one-sided affair

Metafilter being but "one-side" of the countless other outlets where this information is easily available. Either way, I will retract the term "masturbation" and rephrase:

"Which seems a lot like a circle jerk."
posted by AElfwine Evenstar at 11:12 PM on May 11, 2015


even among the executive levels, this isn't a universal sentiment

Isn't this exactly the sort of buck-passery and diffusion of responsibility that lets certain types of bureaucracy, when not held appropriately accountable, do shit that is way more horrible than individuals can accomplish on their own?

I'm afraid I have very little sympathy for someone who chooses to be a cog in that sort of machine, at any level much more deeply involved than, say, janitorial services, regardless of what they'd self-report if questioned about whether they are into scaremongering, mass surveillance, torture, and murder. The whole apparatus is too perverted (from the vantage point of a news-reading schmoe with no special expertise) and the original purpose is already deeply questionable.

I obviously don't think that such people should be harassed as a result of the compilation of publicly-available information about them, because (unlike intelligence agencies) I think it's categorically wrong to harass anyone. However, it is important for the public to know who these people are, and what they are up to, for various democratic, informed-consent-of-the-governed, and safety reasons. In this case, I think the latter consideration outweighs the former. Specifically, I don't think we have any particular duty to protect people like this via site policy (from what look to be nebulous risks, so far), since that they work (voluntarily, and for pay) for organizations whose not-even-maximally-fucked activities include compiling exactly the same sort of dossier, and more, on everybody, with shocking lack of oversight by the public.

I mean, shouldn't we focus on discussing site policy for protecting ourselves from the little panoptiprojects, which dwarf the one in the FPP, if we're worried about the unchecked compilation of personal information in databases searchable by bad actors?

My line of work means I could, say, apply for a research grant from a secretive government agency that shares just the first two letters of its acronym with the National Science Foundation. I could also answer one of the employment ads they routinely distribute. If I did those things successfully, I would contribute in a small but nonzero way to the activities of an organization that does some extremely undemocratic shit. It's probably very unlikely that I'd be anywhere near any heinous undemocratic shit, but it would still be in the public interest, in that case, to have, in an independently-run searchable database, "busted_crayons, NSA math geek", at the very least so that my neighbors could make an informed decision about whether to even talk to me.

(This is very particular to the intelligence community. It would be much more problematic if someone posted a database about what random people do at work, because random people don't work at places that keep their activities a secret from the people whom they are ostensibly serving and back that secrecy up with the full coercive power of the state.)

Therefore, while I probably have some problems with the scope of the ICWatch project, I still don't think that this is the right example for a discussion of MeFi's doxxing policy, even if most of the data in question is about the supposedly innocent little people who make the whole machine function. A better example would involve an FPP whose links were obviously malicious doxxing. Has that happened?

Moreover, perhaps the notion of doxxing isn't so useful, because it is overly broad and dependent on a fixed definition of privacy, which sounds difficult. It would be better to have a site policy discussion framed in terms of not posting links that aid some party's efforts to harass some other party. Most genuine doxxing would get covered by such a policy anyway.
posted by busted_crayons at 11:47 PM on May 11, 2015 [5 favorites]


- Compiling information re-presents it for consideration by a public (e.g. MetaFilter's main purpose); shining a light on it boosts its audience, in an iterative way. Filtered information has more persuasive / attractive force than raw, only potentially available information does.

- In general, I'm pro-privacy for individuals, like I'm for the "right to be forgotten" absent a strong public interest, and that's a complicated legal or editorial question.

- MetaFilter isn't the New York Times or Al Jazeera or whatever.

- I think it'd be ok to wait until the dust settles a bit for a given story, and some kind of consensus has been formed among reputable news outlets. Maybe very fresh posts could be parked temporarily. Editorial decisions get made quickly in the average news cycle today, anyway, it'd probably be a matter of days.

- The rationale behind the exposure, according to one article in the post, was that knowing the identities (and cars!) of all employees might offer insight into the organization as a whole. Maybe? Yes, individual actors have their personal stakes, but they play against each other in complex ways, guided by organizational inertia and stuff coming from the top.

Or that's how I see it. I guess it's an empirical question. But I think key actors (sometimes) eventually do come out, if the right stars align and journalists and activists are able to act. But again, MetaFilter isn't about breaking news or being quickest on the draw, it's about serving up the best. (As far as I understand things.)
posted by cotton dress sock at 12:03 AM on May 12, 2015 [5 favorites]


In summary: this should have been deleted because doxxing is bad.

This is too rigid and dumb, because as with everything, context matters. Who is doxxed, why are they being doxxed, who is doing the doxxing, are all valid questions to ask.

I'm more than happy of course for MetaFilter to have a clear line ban on individuals being doxxed and linking to sites doing the same, but I don't think the post in question should fall under it.

if someone's information is public, the information is public, and wishing it weren't so does nothing to stuff the genie back in the bottle.

This of course also naive and dumb about the way the internet and other semi-public, semi-private spaces work. There's a world of difference between "technically public, but you have to go looking for it" and "blasted from the front pages of a major internet site". Doxxing is not just about what's technically public and technically findable, but also about social conventions and context. Having your criminal conviction e.g. available from some Florida court website or whatever is different from having it shoved under your nose here.

Let's not even go into the difference between having various pieces of data about you available scattered over the interwebs and combined into some form of doxxing file.
posted by MartinWisse at 12:57 AM on May 12, 2015 [12 favorites]


Damn, LinkedIn is gross. I propose a blanket ban on anything ever having anything at all to do with it in any way.
posted by Joseph Gurl at 1:37 AM on May 12, 2015 [3 favorites]


Also if you put yourself on LinkedIn, you get what you pay for.

So...you get nothing then? That would be a lot better than what LinkedIn does.

(fwiw, I'm on LinkedIn because I found an old friend and that was the only place on the Internet to contact him. I didn't know how pernicious it was at the time, and it seems pretty legit. So thanks for the victim blaming and lack of empathy!)
posted by Joseph Gurl at 3:47 AM on May 12, 2015 [2 favorites]


Years ago, I was a member of a listserv mailing list about a SciFi author. A very active member who happened to run the group's website and lived in the Netherlands became increasingly disruptive. The list's admins had to step in and ask him to stop his behavior. When he escalated and began spamming the list with angry messages, they banned him.

So he took the listserv's related home page & site content down, and replaced it with a page doxxing the admins (and I think a couple of list members as well.) Pulled their phone numbers, home addresses, family info, employers and other info off the internet and published them, with a bunch of unhinged accusations and correspondence that "proved" they had treated him unfairly.

Over a listserv mail list.

One of the admins was looking to sell her house. First Google search for the address? His page. This was before linkedin, so prospective employers looking up employees would find his page pretty quickly. Lawsuits were threatened. But suing someone (or even getting a Cease and Desist) living in the Netherlands from the US was at the time, not easy. And the doxxer worked for the government, so who knows what would have been successful.

He eventually took it down. I think his wife talked him into it.

All of the information he published was publicly available. But he was the one who gathered it into a dossier. He coupled it with crazy accusations. He published it for the world to see. On a site linked to the name of a currently publishing, popular SciFi author, and likely subject of online searches.

This project has far more attention and a wider scope. And I don't think it belongs on Mefi. We have an obligation to be responsible netizens, not potential enablers of harassment of innocent people.
posted by zarq at 4:05 AM on May 12, 2015 [18 favorites]


To say nothing of--I presume; I haven't read the post or links and won't be--the very real danger to people involved in any stage of intelligence operations when their employers, if not themselves directly (again, I haven't read the details and won't be), are publicly identified. I mean, let's say you're China. Read about this story and you've just saved yourself tons of legwork.

I think you underestimate the Chinese intelligence services if you think this would genuinely be any sort of boon to them.
posted by Dysk at 4:18 AM on May 12, 2015 [5 favorites]


I'm afraid I have very little sympathy for someone who chooses to be a cog in that sort of machine, at any level much more deeply involved than, say, janitorial services, regardless of what they'd self-report if questioned about whether they are into scaremongering, mass surveillance, torture, and murder. The whole apparatus is too perverted (from the vantage point of a news-reading schmoe with no special expertise) and the original purpose is already deeply questionable.

That's cool, but that's your personal line, and it's way, way out of the norm both on metafilter, and in the world more broadly. It's also, forgive me but from where I'm sitting, really pretty ignorant about how government and government workers work.

I'm generally against anything remotely like doxxing, and when the data in question is so wildly shit, the alleged interest it serves so diffuse, I fail to see the value.

But I don't know that the site needs a blanket rule; I'm not sure how that would help anyone or anything. I think some guiding principles and a case by case approach has been effective in the past, and likely will continue to be. After all, why should we treat different things in different contexts the same? In this case, I think it's shitty, but I can imagine cases where sharing that info would not necessarily be shitty.
posted by smoke at 4:19 AM on May 12, 2015 [14 favorites]


Personally, I'd vote for the policy we seem to have at the moment - linking to the news story and discussing it is fine, linking to the actual personal data is fine. That's how the Sony breach and most other data leak cases have been handled, and while I can see that it makes sense to treat things case-by-case and maybe not link to things like "hey, here's so-and-so-target-of-harassment's doxx" things, or press statements from groups doing such things about them, this does not seem like one of those cases. This is intelligence leakage, effectively, of very low-use, non-classified intelligence, and is more analogous to a corporate data breach (which we discuss on Mefi all the time, but without linking the lists of user/pass combos mined, for example).
posted by Dysk at 4:29 AM on May 12, 2015 [6 favorites]


So are we also going to ban links to Google? Are we going to ask Matt to stop using Google ads? Because last time I checked Google specializes in doxxing the world.
posted by AElfwine Evenstar at 6:55 AM on May 12, 2015 [1 favorite]


I was unaware the google is dedicated to finding everyone's private data and then putting it out there in a neatly compiled form for anyone to use for whatever nefarious purposes they can come up with

learn something new every day I guess
posted by feckless fecal fear mongering at 7:05 AM on May 12, 2015 [2 favorites]


So are we also going to ban links to Google? Are we going to ask Matt to stop using Google ads? Because last time I checked Google specializes in doxxing the world.

This is a bit different, I think.

GoogleDox is a catchy name, though.
posted by zarq at 7:16 AM on May 12, 2015 [4 favorites]


This project has far more attention and a wider scope. And I don't think it belongs on Mefi. We have an obligation to be responsible netizens, not potential enablers of harassment of innocent people.

Like it or not, I think this will become increasing common. How easy is it to do a search on your name or pseudonym? How many tools exist beyond just a naive Google search? I know my own employer has and uses one. I subject myself and my employees to it every time we ask for a security check. It goes well beyond the standard criminal, citizenship and financial checks. They monitor our social media feeds now, and apparently that's only going to increase in the future.

I know that the big companies and NGOs I have to work with do the same with what ever they can get their hands on. They've used public information about me in depositions and in the press. In fact, the NGOs have been more intrusive than the companies have been, go figure. When politics are a stake public servants are just food for the meat grinder. I have a number of relatives with public-facing public health jobs. Their experiences have been much worse than mine.

I think for those reasons, it is important to examine dumps like this. I want to know how inaccurate they are, and how good the tools are that pry into my life and that of my family and friends. NGOs mostly use this stuff to shame and embarrass*. The press are looking for sensation. Companies will use these for personal attacks**, but increasingly they use these databases to target folks within government, to become their advocates. The most effective lobbyists are the ones in government themselves, and all they need do is dangle some plum in front of most of them.

I don't even think this is classically "doxxing", which implies for me disclosure of non-public info, like private phone numbers or medical info or whatever. The fact that we don't even really have a word for what's happening here is reason enough to not turn our attention away. It won't stop happening because polite folks agree not to link to it. We still won't understand how it functions, what it does and how it's being used.

*In my case, they were trying to use my informaton to shame and embarrass someone else. It was still felt like a really personal violation of trust.

**A good friend of mine was hounded for two decades by one of the biggest companies of the world as he was one of the regulators who stood up to them in court for a decade or so. Fortunately for him, this was prior to the age of social media, but he's pretty sure they had private investigators going through his garbage.
posted by bonehead at 8:03 AM on May 12, 2015 [5 favorites]


MartinWisse: "This is too rigid and dumb, because as with everything,

This of course also naive and dumb


I don't think calling people, or even their opinions, "dumb", is really advancing the discussion.
posted by Chrysostom at 8:28 AM on May 12, 2015 [3 favorites]


A lot of people giving out AND collecting information do not fully understand how the web works - and unfortunately they get caught up in the cross-fire of people whose information was willfully and fully under consent posted to the web and thus are at least generally cognizant of the risks involved.

And it does none of us any good to ignore the problems, some of which can only be understood by examining primary sources. Accuracy, to name one.

This, to me, is the strongest argument for linking to and discussing such incidents. If we don't talk about them, we will never understand as a society how to handle them. People will continue to be surprised and embarrassed (or fired or worse). We don't deal with social problems like sexual issues or health scares or prejudice by sweeping them under the rug and pretending they didn't happen. Privacy issues should not be treated differently.
posted by bonehead at 8:40 AM on May 12, 2015 [4 favorites]


The way to handle invasions of privacy is to... invade privacy? Had to burn down the village to save it?
posted by feckless fecal fear mongering at 8:49 AM on May 12, 2015 [5 favorites]


Many crimes and health issues are intensely personal to those who suffer them. Should we never talk about sexual abuse, even when it gets to court? Should we never talk about how ovarian cancer can be hell?

Perhaps most relevant to this, if someone is outed involuntarily, should that be something we don't talk about? That is absolutely doxxing in my view, but we've had no trouble discussing it in the past.
posted by bonehead at 8:57 AM on May 12, 2015


I don't even think this is classically "doxxing", which implies for me disclosure of non-public info, like private phone numbers or medical info or whatever.

I think, for me, doxxing implies the reveal and compilation of personal data about someone that would allow them to be tracked or harassed, even if it would be publicly available data. For example - a blogger may blog under her real name, and have a publicly listed phone number in the phone book for the small town where she lives. But I would still consider it doxxing if someone went to the trouble to find that phone number and post it online, even if they didn't add the next step of saying "Call her." Same with address. Maybe that blogger signed up for a mailing list that has their documents on the internet now. I would still consider it doxxing if someone tracked down their address and published it.

I think "publicly available" needs to be judged by 'what the person meant to share publicly', not 'what can be tracked down without hacking.'
posted by corb at 9:25 AM on May 12, 2015 [13 favorites]


learn something new every day I guess

FFFM, with respect, one of every seven comments in this thread is yours at this point. It would be nice if you could let the conversation breathe a little more and not feel like you have to respond to every single thing everyone says.

I'm glad we're talking about that project and I'm glad the post wasn't deleted. The project is highly problematic in any number of interesting and scary ways, but compiling public information about a huge number of people at once is different in kind from compiling private information about one or two people who become specific targets, and I don't think that MeFi linking to a big public project like this is going to make a big difference in their exposure or traffic. I might feel differently if this was an obscure forum post that nobody would ever have found otherwise, but not linking to the project itself just seems like an empty gesture that only hurts us by depriving us of great commentary like bonehead's.

Governments and corporations are doing this exact kind of data gathering and far worse about every one of us right now, and I couldn't agree more with bonehead's fantastic comments about the value of exposing these techniques to the sunlight. We're already refraining from linking to specific peoples' information, and in this case, I think that's sufficient.
posted by dialetheia at 9:29 AM on May 12, 2015 [5 favorites]


I think "publicly available" needs to be judged by 'what the person meant to share publicly', not 'what can be tracked down without hacking.'

I think that's one of the hard issues here: what the person meant to share publicly. too many people think of the net as somehow fragmented. Facebook is it's own thing, talking about posts on Twitter is "creepy", for example. It really isn't, and people really, really don't appreciate that. This is one of the things that I think we really need ot talk about.

For example, as a result of similar kinds of concerns, in the past year or so was the EU parliament forced Google to implement a "right to be forgotten". Is this a win for privacy or a loss for transparency, or both? sure some can hide their bad Live Journal poetry, or participation in a mental health support group, but people can also (try to) suppress criminal convictions or past misbehavior too.

But still, it's still not that simple. There's a real public interest argument to be made here too.

Many people have also mentioned that monitoring public officials is an important sunlight activity, and I don't think that can be fully discounted. Given how far down into organizations companies and lobbyists are reaching now, excluding policy advisors and middle manager misses where much legislative and regulatory activities are decided these days.

As an example a reporter in Canada (and a public employee) was "doxxed" using public information. She was literally in bed with the VP of a bank which was the focus of her reporting. She was also a speaker at pro-bank events, and had defended some very questionable employment practices there using her position in the media. Lang sure didn't think this info, her relationship or the side jobs for the bank, were important enough to be disclosed, but neither did she hide it. But it did take a reporter some digging to put it all together. Was this doxxing or just good journalism in this case?
posted by bonehead at 9:54 AM on May 12, 2015 [5 favorites]


I agree that these links are fine. But I think the Metafilter position of "linking to sites which reveal other people's personal information is okay, but bringing up personal information a MeFite has posted in comments/in their profile is bad" approaches Reddit levels of hypocrisy.
posted by Justinian at 12:34 PM on May 12, 2015


How about if the reporter published the names and addresses of every woman who MIGHT be sleeping with bank VPs? Or who have the same name as women who might be sleeping with bank VPs? Does that fall under good reporting?

I'm seeing quite a bit of "Well she shouldn't have worn such a short skirt" attitude here. There's quite a bit of difference between having public information on single people available to be dug up, and compiling an overall list releases to the general public. The latter is designed specifically for people to take action- whether harrassment or something worse. If it's not designed for harassment, why is personal information being included?

If we accept this, then what next? Will we see a FPP on a list of feminists activists? Will we have people here arguing that there's a vital public need for a "Girls aged 12 to 16" list?

I think in general the internet is on a path to a point where it's impossible for most people, especially women, to maintain any kind of public identity. I'd rather not see metafilter contribute to that process.
posted by happyroach at 12:36 PM on May 12, 2015 [10 favorites]


That reminds of old Ezra Pound who named or doxxed his jailers while in detention for being the only American civilian to face trail for treason during world war 2.

That reminds me that James Dickey once promised Pound one of his wife's knit sweaters:
"May I suggest [Pound replied] that Madame make it WITHOUT sleeves /
That will both simplify her labors      fit the need of the beneficiary /
                                                             the waning garment is double woolllll

grampaw had arruv at the borders of the cent kilO / has now
got a BIT nearer human form
                                                             do yu want MEASUREMENTS?

at any rate fer XrizaChe don't make it short. nowt more
annoying        that a GAP betaeen pantZZ' top and bo'm
of the warmth purrjuicer

OMIT fancy adornments / trouble enuf to git the garmik
           constructed."
Omit fancy adornments indeed. There's poetry in a knitting instruction for you.
posted by octobersurprise at 12:38 PM on May 12, 2015 [2 favorites]


There is a reasonable distinction between public and publicized.

Just because something is available given sufficient digging is not the same thing as putting up a flyer on every street corner with someone's name, address, and net worth. Publicizing something like this makes it much more likely that the information will be widely known.
posted by thefoxgod at 1:08 PM on May 12, 2015 [9 favorites]


I think in general the internet is on a path to a point where it's impossible for most people, especially women, to maintain any kind of public identity.

I'm increasingly convinced that "doxxing" isn't even close to being the ultimate driver of this problem as people often seem to believe. The real problem is that once you've been doxxed, assholes can harass you and ruin your life with impunity. For example, since it's come up a lot in this thread: because the women who've been doxxed in e.g. Gamergate have gotten almost zero protection from the law for any of the threats they've faced, we take it as a given that it's vitally important for all women to be able to hide themselves away and disappear themselves from the internet at the drop of a hat so that the eye of Sauron doesn't fall on them. But the ultimate problem isn't that these women have publicly-available addresses, it's that they receive no actual protection under the law against intimidation, stalking, violence, and harassment.

If the laws against stalking and harassment were actually enforced in these internet-adjacent cases, it wouldn't be as socially acceptable to do this shit, there would be real consequences for people who did it which would serve as a deterrent, and the harassed parties would be more free to actually have public identities that they didn't have to exercise eternal vigilance to keep separate from their private identities. So for me, the emphasis on doxxing as a problem in and of itself only makes sense when our systems fail to properly enforce laws against stalking and harassment, and emphasizing it as a good unto itself only strengthens the idea that women should be seen and not heard on the internet.

While there are plenty of circumstances where it makes a lot of sense to keep separate identities, I don't want to feel like I have to keep my personal information TOP SECRET AT ALL TIMES to avoid harassment and stalking, and that's the message I sometimes get from the emphasis on doxxing as the Ultimate Evil (which emphasis, it's worth mentioning, is almost certainly imported directly from reddit, where not doxxing is the single Inviolable Rule). If anything, it substantially hurts women to cut them off from almost all internet-based networking if they have to remain pseudonymous to avoid harassment. Presumably all the people who posted their CIA jobs on their LinkedIn pages feel similarly - that the benefits to living their lives and networking outweigh the possible security threat of being identified by malevolent people.

I worry that the emphasis on doxxing as an evil in and of itself a) actually normalizes the idea that women have to disguise themselves online to protect themselves, which narrowly constrains our behavior and opens the door for shitty victim-blaming, and b) helps to take some of the moral burden off of the harassers since it normalizes harassment as something women should just expect to experience, as opposed to a terrible thing that shouldn't ever happen and which we should be fighting back against at all times.

I'm not sure if or how any of that connects back to the project at issue here, but I'm just growing increasingly tired of seeing people get very upset about doxxing but basically giving up on the idea of women not being stalked and harassed as a matter of course. We deserve much better than to have to carefully guard our real names at all times to hide from sociopathic assholes.
posted by dialetheia at 1:26 PM on May 12, 2015 [28 favorites]


I agree that these links are fine. But I think the Metafilter position of "linking to sites which reveal other people's personal information is okay, but bringing up personal information a MeFite has posted in comments/in their profile is bad" approaches Reddit levels of hypocrisy.

Well, Mefi's position is more that linking to site which reveal other people's personal information is problematic but not necessarily an automatic delete depending on the context. I think this specific case is interesting for falling into a really grey area where it's both (a) manifestly different from the kind of HERE'S SOME JERK'S INFO, GO RUIN HIS LIFE stuff that's absolutely, unarguably okay and would be nixed in a hot minute no matter how righteous people felt about it and yet (b) not a super clearcut case where the line between talking about a situation or phenomenon is cleanly separated from linking to some of the actual dispensing of information.

The other half of that, mefi policy about not intentionally moving non-indexed profile contents into indexed threads, isn't an exception to the above, it's a separate question about internal policy where the private-vs-public threshold is fairly explicit.

Setting the two against each other may make for a satisfying cheap shot but it doesn't really get us anywhere in talking about community expectations for posts to the front page.
posted by cortex (staff) at 1:38 PM on May 12, 2015 [4 favorites]


Some of the discussion has focused on the fact that much (all?) of the information being assembled is public and therefore putting it together is licit.

In goverment there exists a category of document that is "classified by compilation.” Which means none of the individual bits of the document are classified, but the compiled information reveals an additional association or relationship that is not otherwise revealed in the individual items of information and so the gestalt is classified.

It struck me as topical.
posted by pseudonick at 2:17 PM on May 12, 2015 [13 favorites]


I use Bing for just this reason of keeping my secrets from Google.
posted by Tanizaki at 2:20 PM on May 12, 2015


I'm not sure if or how any of that connects back to the project at issue here, but I'm just growing increasingly tired of seeing people get very upset about doxxing but basically giving up on the idea of women not being stalked and harassed as a matter of course. We deserve much better than to have to carefully guard our real names at all times to hide from sociopathic assholes.

I really feel you on a lot of what you're saying - but I think in the meantime, until we get to a world where people are protected from harassment and worse, that defaulting to not revealing said information is far safer for everyone than defaulting to a world where we reveal said information as a way of poking the bear.
posted by corb at 2:44 PM on May 12, 2015 [2 favorites]


> Amanda Lang wasn't "doxxed", she was the subject of good old-fashioned reporting (much of which was based on public events and discussions).
posted by cotton dress sock at 4:28 PM on May 12, 2015 [1 favorite]


Correct, and Metafiter isn't a journalistic organization.
posted by Joseph Gurl at 5:01 PM on May 12, 2015


"In goverment there exists a category of document that is "classified by compilation.”

Absolutely, this I overlooked. I give a technological analogy. The SR-71. Most of the planes systems, after it was completed, was available by open source, like 97%. The remaining was classified and compiling all its data was illegal if prior authorization was not obtained.
posted by clavdivs at 5:33 PM on May 12, 2015 [1 favorite]


To : A. Mod
Date : Nov 19, 2008 7:49 PM
Subject : BNP list post
Message :
Hi,

If posting people's personal details in a thread is forbidden (a good rule of thumb IMO), why is linking to a list of personal details in a FPP OK?

Date : Nov 19, 2008 9:05 PM
Subject : Re: BNP list post
Message :
because that information is 1. on another site 2. not googleable as coming from metafilter. This isn't an ethical issue as much as a "what is going to get the site in trouble" issue. Other people's websites are, more or less, their own problem.


Back in 2015:
I think this current post is iffy -- since the linked video does the kind of identifying stuff we wouldn't allow on the site -- but didn't feel like it was a home-run delete.

O tempora! O mores!
posted by topynate at 7:45 PM on May 12, 2015 [1 favorite]


The remaining was classified and compiling all its data was illegal if prior authorization was not obtained.

Well, that'll stop the spies.
posted by el io at 10:55 PM on May 12, 2015 [1 favorite]


. If anything, it substantially hurts women to cut them off from almost all internet-based networking if they have to remain pseudonymous to avoid harassment.

Women ordinarily and especially, but not just women. I used to use my real name on various sites, and now I regret that I did and wonder if it will open me up to attack.

I agree that the endgame that activists like the EFF want (possibly not consciously) is an internet where everyone is anonymous; where everyone buries their identity as a matter of course. And where having a public identity is agreeing to be attacked.

Of course in this scenario, the list compilers are the guy who hands the shooter a loaded gun and points them at the target. The question is whether the target deserves that.
posted by happyroach at 1:39 AM on May 13, 2015


I didn't actually read the FPP. It didn't pique my interest at all. But now I am curious about one thing. Did they scrape the registered sex offenders websites? Because if there are people working in intelligence (who are treating me as presumed suspicious and depending on the whim of their flawed algorithms may potentially decide I am a public enemy) who are registered sex offenders, I think this information should be published as widely and loudly as it possibly can be.
posted by bukvich at 7:42 AM on May 13, 2015 [1 favorite]


It is possible for us not to release it here.

Which seems a lot like masturbation.


I don't always release other people's doxx, but when I do, I release them into a sweaty sports sock.
posted by PeterMcDermott at 8:25 AM on May 13, 2015


I don't always release other people's doxx, but when I do, I release them into a sweaty sports sock

The Doxx in the Soxx, by Dr. Seuss
posted by Going To Maine at 9:33 AM on May 13, 2015 [2 favorites]


There is goo
In my shoe
Nifty, thrifty
Private Snafu.
posted by clavdivs at 4:57 PM on May 13, 2015


Peoples' definition of doxxing is variable. For instance, the sole time that I am aware of having a comment deleted, it contained a link to the public youtube channel of a person being discussed in the post, and - I shit you not - a link to a google image search on the person's name, depicting only photos that the featured individual had posted (at least as far as I saw). When I asked about why the comment was pulled, I was told that a few people flagged it because it "came off as doxxing." The mod who told me this is a pretty big wheel on this site, to put it mildly (I only get deleted by the best).

My personal definition is that doxxing is the gathering and publication of information about a person for the purpose of harassing that person. It's not the specific nature of the data so much as how it is used. Public or private is totally besides the point - you can publish private information without it being doxxing, for instance.

In the case of my deleted comment, it was not doxxing, but some people chose to see it that way. That doesn't mean they were being disingenuous, as some have accused corb of being, although I think that they were mistaken. I think the post he refers to is borderline, and I think there is a strong argument to be made that this data was published in order to make these people uncomfortable.
posted by Edgewise at 6:42 PM on May 13, 2015 [1 favorite]


Aren't mods "big wheels" by definition?
posted by Chrysostom at 6:49 PM on May 13, 2015


The mild sorta-on-the-road-to-doxxing angle Matt mentioned was one of several reasons he gave when you asked about that deletion, though, and without wanting to get into it here easily the least significant of them. Representing the deletion of that comment after the fact as being about that, specifically, is a heck of a stretch, the validity of observing that people have varying definitions of and sensitivities about doxxing entirely notwithstanding.
posted by cortex (staff) at 7:04 PM on May 13, 2015


"Aren't mods "big wheels" by definition?"

With hand brake and rear cargo hatch, yes.
posted by clavdivs at 8:01 PM on May 13, 2015 [2 favorites]



My personal definition is that doxxing is the gathering and publication of information about a person for the purpose of harassing that person. It's not the specific nature of the data so much as how it is used. Public or private is totally besides the point - you can publish private information without it being doxxing, for instance.


I agree with this and think that deleted post corb linked to should also have been let stand. Investigations are not necessarily doxxing. Even though I also think outing people as intelligence community members is morally wrong, it's obviously not the same as harassing a private citizen.
posted by Potomac Avenue at 8:29 PM on May 13, 2015


Chrysostom: "Aren't mods "big wheels" by definition?"

Big wheel keep on turnin'
Proud mod keep on burnin'
rollin', rollinn' rollin' on the Meta
posted by AugustWest at 8:48 PM on May 13, 2015 [2 favorites]


Even though I also think outing people as intelligence community members is morally wrong, it's obviously not the same as harassing a private citizen.

Where do you draw the line, though? The line used to be - in the largely pre-internet age, admittedly - that someone had to be a 'public figure' for their personal life to be fair game for exposure. But this is a slider, not a boolean proposition. What makes a public figure? Is the who drove a truck for KBR a public figure? The guy who created training manuals? What about the guy who processed clearances? The woman who did graphic design for the Army?

This doxxing applied not just to the high-end decision makers but also to anyone who was perceived to have worked for anyone or anywhere in the intelligence community. And largely, it doesn't apply to the real movers and shakers or the people actually doing serious intelligence collection, because those people don't put their information down publicly.
posted by corb at 9:45 AM on May 14, 2015 [1 favorite]


OK. I've had my own epic take-downs of corb's revanchist idiocy. I'm generally pleased with them, if a bit guilty at how mean I come across as. You should know from where I come from.

I have immediate family members with clearances. They do actual, no-kidding Good Work. That is a kill-list, straight up, published with the intent to kill someone. Identify and locate, go at it, ISIL recruit! I'm out of my mind anxious they might be on there, intentionally or by mistake, as the creators don't discriminate much, if at all.
posted by Slap*Happy at 8:23 PM on May 15, 2015 [4 favorites]



I felt that way about MySpace and the Simpsons.
posted by clavdivs at 12:42 AM on May 16, 2015 [1 favorite]


What is the policy for non US persons with regards to a) being exposed to this information, b) the possible danger of being associated, whether at the 1st, 2nd or now, I believe, the third degree, to such now known publically persons?, and thus, c) what would the appropriate site policy in order to protect the interests of the unprotected - members of the MetaFilter community who are not US Persons?
posted by infini at 2:50 PM on May 16, 2015


What do we non-US people need protecting from, exactly?
posted by Dysk at 4:52 PM on May 16, 2015


The US, maybe?
posted by Joseph Gurl at 5:49 PM on May 16, 2015 [1 favorite]


What do we non-US people need protecting from, exactly?

Imperialist powers with modern, combined-arms mechanized armies, mostly. The US has been pretty firm about dismantling the old colonial empires, and taking a very dim view on new ones taking their place.

The modern US does fucking awful things in the name of its foreign policy, but have you seen what other powers in the same position have done? Look up almost any monarch with "The Great" after their name. With the exception of Frederick, genocide was usually involved. Do you know what happened to Carthage after Rome got done with it? What happened to Germany and Japan?

So, yeah. Unipolar world, and the sole super-power makes dumb mistakes that cost lives for bad reasons. Contrast with, say, the Mongols or Assyrians.

The USA can and should do better. But please understand, it already is, compared to what came before.
posted by Slap*Happy at 8:24 PM on May 16, 2015


Possibly getting a little off track here, even though the role of the US in the world is an interesting subject...
posted by LobsterMitten (staff) at 8:53 PM on May 16, 2015 [2 favorites]


But please understand, it already is, compared to what came before.

please understand what it means to be a foreign brown non US person (though what difference has the passport ever made) who may have been inadvertently exposed to classified top secret information on the US' espionage and intelligence community. That the Assyrians used methods worse than waterboarding doesn't help the insecure feeling in the now - the Assyrians also didn't have an omnipotent eye in the sky with its own lightning bolts and remote weaponry
posted by infini at 12:36 AM on May 17, 2015 [1 favorite]


Some pragmatic examples, without the hyperbole

I've to go to Kenya for work soon but its getting delayed to after July and Obama's visit because the airport security is already boosted to OTT levels for Kerry and Clinton and already the locals are complaining

I might want to nip over to Estonia but its the staging point for all things Ukraine and Russia and the port security is boosted to OTT levels

I go to my bank 3 days ago to pick up my new debit card and am handed a sheet saying there's been an overhaul of security procedures and it'll take a 2 hour detailed interview of where exactly my money comes from, goes to, how frequently and why - luckily they know me at the branch and I can carry on with my day. Yes, it triggered based on profiling, its not for all customers.

I can go on and on about how the Assyrians are encroaching on my daily life and decisions, even on the other side of the world.

I don't want to wake up one morning and discover Cortex needs to interview me first before I can log in here.

Its not a stretch to ask is the "security" theatre the new "colonization"?
posted by infini at 12:47 AM on May 17, 2015 [2 favorites]


And, so, we're clear that I'm not a rando ranting on the interwebs and needs to be watched. I too have extremely close connections on LinkedIn whose affiliations are clearly stated, which only adds to my concerns.
posted by infini at 12:51 AM on May 17, 2015


...are you seriously suggesting that those of us not from the US may be in danger due to having seen this list? Or was that whole conversation a complete non-sequitur?
posted by Dysk at 3:41 AM on May 17, 2015


Those of us who are brown non US persons may indeed be at risk, we don't know how the network analysis works, nor do we know what criteria are used to take what kind of actions. The consequences of this kind of information release are opaque, as are the decision making processes. Algorithms are used, and my own experience at airports and other such key points offers me enough hints on how these algorithms are set up that I am not certain that I (or others of my hue) am necessarily immune to any blowback.

make that brown non 5 eyes/friends/whatever persons, i guess
posted by infini at 6:21 AM on May 17, 2015


As far as MetaFilter issues go, I don't think that's one we can really solve, though. If there is some risk from clicking on those links, we don't know about it, and it isn't something we control. People will have to do their own risk-assessment before deciding to click.
posted by LobsterMitten (staff) at 7:26 AM on May 17, 2015 [1 favorite]


...at risk from what, exactly? I'm having a hard time seeing any arm of the US government taking action against citizens of other nations simply for having viewed a website.
posted by Dysk at 9:55 AM on May 17, 2015


Why don't you go visit one of their honeypots and see what happens? Say one that entices you to get on a flight eastwards?
posted by infini at 12:38 PM on May 17, 2015 [1 favorite]


You go ahead and link me to a website, I'll point my browser at it and wait for a knock on the door.
posted by Dysk at 5:30 PM on May 17, 2015 [1 favorite]


...pizza...Avon...water dept...landshark!

Ever see Rome when Carthage got near it, boy howdy that was close.
posted by clavdivs at 8:40 PM on May 17, 2015


Also, a large amount of roman emperors were "brown people"

The last one being an Albanian unich.
posted by clavdivs at 8:42 PM on May 17, 2015


We should reform the anti-doxxing rules : We should allow disclosure of personal details about members of the intelligence community in posts and comments on metafilter. Ideally, we should extend this to members of the advertising community too, but that's less important. It's fine if you oppose doxxing, but they doxxed us all first, within much more dangerous organizations too.
posted by jeffburdges at 4:20 PM on May 28, 2015


. Ideally, we should extend this to members of the advertising community too

Thanks for the vivid reminder of why I don't link to my social media accounts on mefi. Fanatics without empathy ftw, I guess.
posted by zarq at 5:20 PM on May 28, 2015 [7 favorites]


doxxing members is a flat out banning.
posted by jessamyn (retired) at 6:37 PM on May 28, 2015 [6 favorites]


This is true, but I think Jeff said members of the intelligence and advertising community.

Which is like Adolphe Menjou doing Mad Men with Hoover as a guest star.
posted by clavdivs at 10:47 PM on May 28, 2015


We do have members of both communities here on Metafilter.
posted by corb at 12:56 AM on May 29, 2015 [1 favorite]


First the tattoo thread, and now this. Thanks for raising the creeptastic level of the site to levels I haven't seen in years.
posted by happyroach at 1:58 AM on May 29, 2015 [3 favorites]


I'm a publicist. A related field, and one that some people might consider worse than advertising. I've also designed and placed ads for clients during my career.

So when Jeff declares folks like me dox-worthy, I wonder if some asshole with an axe to grind will take him up on it.

Unlikely? Maybe. Who the fuck knows?

I've never, in my entire career, done anything that even barely resembled doxxing. Nor would I. But hey, who gives a shit about actual facts and people's lives or the safety of their kids when pitchforks and torches are within easy reach?
posted by zarq at 4:10 AM on May 29, 2015 [4 favorites]


Rereading that last comment, I sound angrier than I actually am. Sorry.

Being targeted for any reason sucks. As we have seen from GamerGate, etc, it can have serious, real world consequences. It's worth considering how quickly things can snowball out of control, and end up hurting people, or causing collateral damage.

Doxxing people can be dangerous. Calling for an entire class of person to be doxxed is stupid and reckless.
posted by zarq at 4:27 AM on May 29, 2015 [2 favorites]


We should allow disclosure of personal details about members of the intelligence community

Yeah in the interest of being tediously clear, this is not a suggestion currently under consideration, to give you the boilerplate. Regardless of its merits or flaws outside of MeFi, I just don't see it being widely supported or desired by Mefites, nor can I imagine a practical implementation that'd be vaguely straightforward or dependable. I'd say both would be required for this to be on the table.
posted by goodnewsfortheinsane (staff) at 6:37 AM on May 29, 2015 [3 favorites]


What he said. We should not and will not do any such thing, and as a suggestion for the site it is outright absurd in its hostility.
posted by cortex (staff) at 7:43 AM on May 29, 2015 [10 favorites]


Thank you.

I knew that had to be your position, but it feels good to see it stated outright.
posted by zarq at 8:23 AM on May 29, 2015


« Older Deleting Mothers' Day?   |   "The Big Lebowskemoji" from the mind of mathowie Newer »

You are not logged in, either login or create an account to post comments