Reader question: What can I do to fight online stalking?

Reader question: What can I do to fight online stalking?

Summary: After his family was stalked and abused using commercially available data, a ZDNet reader emailed Violet Blue to ask what he can do to fight the problem.


After his family was severely stalked using commercially available online data, a ZDNet reader emailed to ask if there's anything he can do about the lack of a legal safety net for victims.

The experience revealed to our reader just how much personal information is available to anyone and is readily used for harm, thanks to the proliferation of personal data by for-profit corporations.

He told ZDNet that his family was surprised to learn how easy -- too easy -- the personal data monetization industry makes stalking and harassment.

His unsuccessful experience trying to get help from law enforcement only compounded his family's ordeal.

Hi Violet,

I have been reading some of your articles about online privacy. My sister-in-law is a victim of extreme harassment and stalking by her ex-husband, this was an eye opener to all of us that our information was so public online.

After researching more about this, it is extremely disappointing that there are no laws being drafted or even talked about in congress for this serious privacy issue.

I was wondering if you know of any proposed bills I can support or politicians I can contact to help push for more protection of American citizens.


ZDNet Reader

While researching his question further, I emailed to offer support and understanding. I also asked permission to relate his question publicly.

Our ZDNet reader responded, saying that he'd shared my email with his wife, and she was moved to tears. "She was just happy that someone would listen, as so many people in our experience, including law enforcement will not listen or act when it comes to stalking or protecting privacy."

He continued,

It is such a irresponsible thing to publish public records online and terrible that people actually make big profits off of this as well.

I want people to start talking about it and if you can contribute another article at least others will be able to relate to my family's situation and know they are not alone.

I would also hope that if more people are aware, that some kind of action can be done to stop this.

Attorney Erica Johnstone, Co-Founder and Vice President of Without My Consent told ZDNet, "Once the information is out there, and the information is being misused to harass and stalk, then, the recourse will vary from state to state."

Johnstone explained that when facing online stalking and harassment,

Victims should look to state stalking and harassment laws and consider whether to file: (1) a domestic violence restraining order (if there’s a prior dating relationship between the perpetrator and the victim); or (2) a civil harassment restraining order (if not); or (3) a civil lawsuit.

Second, this strategy has the added benefit of teeing up a criminal case because law enforcement are likely to take the violation of a restraining order seriously, whereas the initial complaint might have been ignored.

It's scary to contemplate our lack of control over what happens to our personal information online. It has been literally terrifying for our reader and his family, who related that no authority seemed to understand the psychological implications of what his family is going through.

Ms. Johnstone addressed this, suggesting our reader consider work that revises abuse definitions to include emotional abuse, in light of inadequate stalking laws.

Join the teams that lobby the legislature for adequate laws. For example, if your state does not recognize emotional abuse as a form of domestic violence, then contact your state’s branch of the National Network to End Domestic Violence (NNEDV), and join the team working to revise “abuse” statutes to include emotional abuse.

If your state’s stalking law is inadequate, then contact the National Center for Victims of Crime to learn about the State Model Stalking Code, and how you can volunteer to bring those revisions to your state.

Tell your state government that the prosecution of technology-related crimes is an issue that matters to you. Contact your state’s Attorney General and let him/her know that the residents of your state believe privacy matters. Begin a dialogue in your state. There is already a model in place, developed by the state of California. In 2011, the California DOJ created an eCrime Unit that: (1) trains police and prosecutors in light of new technologies; and (2) prosecutes criminal online invasions of privacy, among other crimes.

Unfortunately, we're probably not going to get much help for our predicament on a Federal level.

The new White House Report on Big Data and Privacy, released this month, recommends that data collection be left alone in regard to policy -- that data collection should continue as-is.

The President's Council of Advisors on Science and Technology (PCAST) put the report together. PCAST is the President's handpicked consultants on technology and policy, including Google's Eric Schmidt. (Google had more people involved in the report than any other company; Google's Eric Grosse and Peter Weinberger were brought in as "additional experts.")

PCAST told the President its first recommendation is "Policy attention should focus more on the actual uses of big data and less on its collection and analysis."

From the report:

PCAST judges that alternative big‐data policies that focus on the regulation of data collection, storage, retention, a priori limitations on applications, and analysis (absent identifiable actual uses of big data or its products of analysis) are unlikely to yield effective strategies for improving privacy.

(...) The related issue is that policies limiting collection and retention are increasingly unlikely to be enforceable by other than severe and economically damaging measures.

Your privacy and personal safety hurts their bottom line

The online information used to terrorize our reader's family is the result of what many regard as the online data dealing industry spinning out of control. Monetizing user data is a business that made an estimated $40 billion in 2013, of which Google comprised 40%.

Read this

Microsoft updates service terms; follows in Google's footsteps

Microsoft updates service terms; follows in Google's footsteps

While Microsoft's has clearly learned from Google's privacy policy disaster, the Redmond giant's new service agreement skirts close to the edges.

How the commercial data sellers (such as "people finder" sites) get your personal information has a methodology that exists in a legal twilight.

All the online companies we have contact with are feeding the data sales industry. Your public records are obtained and combined with your data that has been bought, sold or traded from social media sites, apps "monetizing" user information, as well as online stores and companies selling anything they can to third-parties (like ad networks). Then it's sold on any number of websites such as Spokeo -- though there are hundreds of such sites.

We're persistently tracked, bought, and sold out the back door of every social media platform as a speculative commodity. Google's majority revenue is from selling ad data, and few people ever believed that Google Plus and its role in Google's sign-in unification was anything more than a pretense to collect more of our data.

Gone is the system of public records requiring in-person access, a predication of maintaining our privacy. Also gone is the individual's ability to exercise refusal. Refusal was once a way of "staying out" -- labor strikes, product and establishment boycotts, and refusal was a functional exercise of individual rights and agency when it left critical parts of your life unaffected.

At this time, there is no way for an ordinary individual to completely refuse data collection and the sale of their information while using the Internet.

Ms. Johnstone told ZDNet that readers should engage in privacy self-defense regardless of their situation, and to consult this blurb on privacy and consumer profiling for information.

It’s with this sentiment I also sent our reader a copy of my ebook guide to online privacy self-defense. He said his family was putting it to use.

Like him, I still lie awake at night wishing there was more I could do.

Disclosure: Violet Blue is on the advisory board for Without My Consent and the author of The Smart Girl's Guide to Privacy.

Topics: Privacy, Google, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • PII doesn't collect itself

    There is a widespread cynicism -- amongst non technologists especially -- that it's too late to limit the collection of Personally Identifiable Information (PII). They seem to think that PII collects itself, like so much lint, as an inevitable by product of how the Internet works or something. In fact no PII is ever collected without a deliberate act of programming. Sure our computers and databases collect way too much today: we have flabby APIs that disclose too much, web forms that ask too much, event logs that track too much. But these sub-systems do what they do because they're programmed that way, by folks that are either innocent of privacy principles, or else are trying to get away with a data Gold Rush. We could curb these practices almost over night.

    So it's frankly distressing to see the Big Data authors give up like this:

    "PCAST judges that alternative big‐data policies that focus on the regulation of data collection, storage, retention, a priori limitations on applications, and analysis ... are unlikely to yield effective strategies for improving privacy."

    What about the idea of "Privacy By Design"? What about sitting down at the start of any IT project and working out what PII is needed for the application, and designing how to collect what's needed, and nothing more? The number one Privacy Principle is Collection Limitation. It makes good sense on every level to collect only what's needed. Collection Limitation doesn't mean collection prohibition: it's about the discipline of "need to know". I can't see how "Privacy By Design" can be honestly followed without it.

    And PCAST observes that "policies limiting collection and retention are increasingly unlikely to be enforceable by other than severe and economically damaging measures". Well, so be it! Isn't the public sick to the back teeth of unfettered private sector surveillance by facial recognition? Or the surreptitious uploads of contact lists by smartphone apps? Or covert predictions of pregnancy through data mining shopping habits? These are not accidental side effects, or inevitable features of web systems; they are deliberate acts, readily detected, and well able to be prosecuted given the right laws. Look at the EU action against Facebook's unlawful automatic tag suggestions: one of the biggest companies in the world was ordered to shut down facial recognition in Europe and delete all biometric data.

    Privacy enforcement is just a matter of legislative will.
    • Best option

      at the moment would be to move to the EU. Companies cannot pass on any PII without your consent. Even then there are strict limits on what they can do with it and the buyer is also bound not to give it to a third party without your written consent.
  • Strange

    No comments? This whole country is going down hill with Internet data and privacy. Nothing will change with the current administration or congress. Cross your fingers in 2016 IF there is any privacy left!
  • Largely fantasy protections

    Unfortunately, unless there is physical violence, protections are largely fanciful. Realistically, even if there are stalking and harassment statutes, they're generally misdemeanors with a low-dollar fine. As far as incarceration, "Okay, which robber, burglar, car thief, etc., do you want us to put back out on the street to make room for this non-violent alleged stalker to be incarcerated?"

    Even if a case WERE prosecuted, in the vast majority of cases it would be a first offense. Prosecutors ROUTINELY are willing to plea-bargain non-violent first offenses WAY down.

    Regarding "emotional abuse", proving that is incredibly difficult. An easy response to "emotional abuse" is, "S/he's too thin-skinned. Are we going to make every minor annoyance a crime?" Proving "abuse" would require producing experts. Are prosecutors who don't have enough resources to prosecute felonies going to spend money hiring psychologists to testify? And ESPECIALLY -- for a MISDEMEANOR?

    Also, prosecutors don't like to handle any TYPE of case where there frequently is "lack of follow-through". That is one reason why historically police and prosecutors didn't want to pursue domestic violence charges. They KNOW that one person will file charges, then the parties will reconcile and the complaining party will not want to follow through.