An anonymous reader quotes a report from Ars Technica: Last Friday, Illinois became one of the few states to pass an anti-doxxing law, making it possible for victims to sue attackers who “intentionally” publish their personally identifiable information with intent to harm or harass them. (Doxxing is sometimes spelled “doxing.”) The Civil Liability for Doxing Act, which takes effect on January 1, 2024, passed after a unanimous vote. It allows victims to recover damages and to request “a temporary restraining order, emergency order of protection, or preliminary or permanent injunction to restrain and prevent the disclosure or continued disclosure of a person’s personally identifiable information or sensitive personal information.”
It’s the first law of its kind in the Midwest, the Daily Herald reported, and is part of a push by the Anti-Defamation League (ADL) to pass similar laws at the state and federal levels. ADL’s Midwest regional director, David Goldenberg, told the Daily Herald that ADL has seen doxxing become “over the past few years” an effective way of “weaponizing” the Internet. ADL has helped similar laws pass in Maryland, Nevada, Oregon, and Washington. […] The law does not involve criminal charges but imposes civil liability on individuals who dox any Illinois residents. Actions can also be brought against individuals when “any element” of a doxxing offense occurs in the state. […]
Goldenberg told Ars that the Illinois law was written to emphasize not how information was found and gathered by people seeking to dox others, but on what they did with the information and how much harm they caused. The law might need less updating as the Internet evolves if it doesn’t focus on the methods used to mine personally identifiable information. “The reality is that those who are using the Internet to spread hate, to spread misinformation, to do bad are pretty nimble and technology changes on a near daily basis,” Goldenberg told Ars. “The law was crafted in a way that ensures that if technology changes, and people use new technologies to share someone’s personally identifiable information with the intent to do harm and that harm actually happens, this law remains relevant.”
