top of page


Doxing (from dox, abbreviation of documents) is the Internet-based practice of researching and broadcasting private or identifying information (especially personally identifying information) about an individual or organization. The methods employed to acquire this information include searching publicly available databases and social media websites, hacking and social engineering.

Doxing may be carried out for various reasons, including to aid law enforcement, business analysis, risk analytics, extortion, coercion, inflicting harm harassment, online shaming and vigilante justice. 

This term surfaced prominently in the ongoing protests in Hong Kong. The Privacy Commissioner for Personal Data (PCPD) in Hong Kong said it had received 683 complaints of “doxing”, and had transferred 608 cases to the police.

In Malaysia, unfortunately there is no legal provision that caters specifically to such acts. It is an offence, for example, for someone to have come across personal data which is processed according to the Personal Data Protection Act and then reveals that data to the public, but it does not cover instances where the information is obtained through public searches. Doxing on its own is not a criminal offence, although it could fall under Section 233 of the Communications and Multimedia Act 1998 that handles improper use of network facilities or network service.

Malaysians are also not spared from this. We have several cases of doxing reported. A quick google search would reveal these cases.

We do not condone this as we are of the view that doxing is a very harmful and dangerous form of cyberbullying. We hope the public would practice more decency and abstain from this activity.


bottom of page