A civil society member has been subjected to a hate speech campaign or other forms of harassment and gendered online violence
Edit me

FAQ - Online Harassment Targeting a Civil Society Member

How to deal with a case of online harassment against the requester, a colleague, or their organization

Problem

A case of online harassment has been reported.

  • The harassment could lead to digital, physical or psychological damage to the targeted person.
  • The suffered damage could stop the survivor from working, silence them, or compromise the activities of their entire organization.
  • In some countries, some types of harassment could cause the targeted person to be arrested.

Solution

How we should deal with the requester

When someone is being harassed, they are often in a very delicate emotional state, so we should put them at ease, treat them seriously, and ensure they know that we believe them and are on their side.

People who are targeted by harassment can often feel shame and guilt, so it’s good to let them know that they’re not alone and that what is happening is not their fault.

The best way to start handling these cases is requesting an online meeting and let the client talk, asking our questions in the most delicate way possible. Often a call with no video is preferable than video-chat, as victims of harassment might not want to show their faces. Please note that sometimes a survivor may not be willing to talk at all, or even to give details on the attack. Therefore, we should also ask them if they have someone trusted we can talk to and who can answer our questions and document the case for them.

If the client prefers not to talk and does not have someone trusted who could discuss their case with us, it can still be useful to send:

Important questions we should ask

  • The first question we should ask regards the identity of the attacker - often persons targeted by online harassment know or can imagine who the harasser is. Determining this is very important to identify the type of attack and also to define if the case is within our mandate.

  • It is useful to ask the client if they can recall any incident that happened before and might be connected to the current attacks.

  • To identify the best mitigation strategy, we should try to understand what kind of harassment we are dealing with, by answering the following questions:

    • Is the harasser a single person or a mob?
    • Is the harassment targeting an individual or a group?
    • Has the harasser hacked into personal accounts?
    • Has the harasser published details on the client’s personal life?
    • Has the harasser published private contents or images of the client?
    • Is the harasser impersonating the client?
    • Is the harassment based on attributes such as race, gender or religion?
    • Are the client and/or the harasser/s minors?
    • Has the harasser targeted the client’s website?

Based on the answers to these questions, we can identify what kind of harassment is taking place and find the best way to address it (see below, “Typologies of harassment and solutions”).

To identify what kind of harassment the client is suffering, we can use this framework by Online SOS.

One important detail we should ask about is if the targeted person has talked to their family and/or close friends. This can help us make sure that the person has some kind of support network and that they don’t feel completely alone in this situation.

Check that the case fits our mandate

After we have talked to the client and assessed the incident, we can check whether the case fits our mandate.

We should check that:

  • The targeted person is not a minor (see “Cyber bullying” below).

  • The targeted person is part of the civil society.

  • The client has been targeted by online harassment due their activism and/or opinions.

  • The harassment could damage the client’s reputation, safety, or work, or could disclose more personal information such as their identity, location, network of contacts, etc.

  • The harassment aims at silencing the client’s voice.

  • The attack is not due to private motivations (e.g. it is not being launched by an ex partner or other family members for personal reasons that are unrelated to the targeted person’s activism or work).

    If the attack is due to private motivations, but could harm the client’s reputation, safety, or work, we should still support them. Otherwise we should refer them to a specialized organization - see “Organisations handling online harassment” below).

Important: Even if the case does not fit our mandate, we should share resources with the client and possibly refer them to a helpdesk specializing in online harassment (See “Organisations handling online harassment” below).

If we refer the client to a specialized helpdesk, we should avoid the client to have a sense of revictimization by having to tell all their story from scratch again. So we should ask the client if they prefer us to send information on the incident to the helpdesk, or if they would like to go through the details again with the organization we have referred them to.

Immediate measures

It is always helpful to suggest the client to document the attacks or any other incident, and give them tips on how to take screenshots, save messages they receive, etc.

  • We can offer them some guidance on how to document the incident based on this howto.

  • If the attacks are too violent or the recipient feels overwhelmed, they can ask someone they trust to document the incidents for them for a while. Since this implies handing over access to their social media accounts, they should trust deeply the person who will manage this documentation. Once they can regain control of their account, they should change their passwords.

It is key to help the client make a risk analysis so they can make decisions on what to do next. If they don’t know who the aggressor is, we should help them try to identify who they might be, what type of resources they might have, and what might be their purpose and possible next steps. This will help them feel less immobilized, as in general they aren’t able to do a risk analysis on their own.

To prevent further damage, we should suggest the client to enable 2-factor authentication, possibly not SMS-based, on all their accounts.

If the client is part of a group, we should suggest them to inform the group about what is going on, as sometimes harassers target several members of a group, and also because the group should be warned not to follow fake social media accounts.

Typologies of harassment and solutions

Online harassment can take many forms, including:

  • Abusive videos, comments, messages
  • Revealing someone’s personal information (doxing)
  • Stalking, through OSINT research and/or through the usage of commercial spyware
  • Maliciously recording someone without their consent
  • Deliberately posting content in order to humiliate someone
  • Making hurtful and negative comments/videos about another person
  • Unwanted sexualization
  • Incitement to harass someone
  • Hacking into someone’s account
  • Reporting an account to a platform for taking it down with fake motivations

Online harassment can be divided into several types. What follows is a list of the types the Helpline can directly address:

  • Account hijacking - the appropriation of an individual’s or a group’s email or social media account.
  • Fake abuse reports - organized efforts to have an account or page on social networking platforms suspended or deactivated by sending a number of reports to the platform for an alleged abuse on part of the owner of the account or page.
  • Doxing - a form of harassment that consists in publishing an individual’s personal details, for example their physical address or official identity.
  • Non-consensual sharing of private content - a form of harassment consisting in publishing media and pictures, often nude, relating to someone’s private life. Media often label this attack as “revenge porn” - a term which we should avoid, as it highlights the attackers’ point of view.
  • Impersonation - the impersonation of an individual’s or group’s identity, generally through the creation of fake profiles.
  • Hate speech - this form of harassment consists in speech aimed at causing harm, demeaning or attacking a person or group on the basis of attributes such as race, religion, ethnic origin, sexual orientation, disability, or gender.
  • Censorship - attempts at silencing a person or organization by making their website unreachable, for example through DDoS attacks or defacement.
  • Malware infection - stalkers and other harassers can infect their target’s devices with commercial spyware, also called stalkerware or spyware.

Types and tactics of online harassment are described more extensively here .

In general, if the harasser is using a web service, the targeted person or our contact point can find information on how to report the attack in the relevant web pages:

There are however more specific measures that can be taken, depending on the type of attack:

Doxing and Non-Consensual Sharing of Private Content

See Article #298: Doxing and Non-Consensual Publication of Pictures and Media.

Impersonation
Hate Speech

Besides reporting the posts or pages through the official channels listed above, we should suggest the client to report and block the user.

In some cases, though, particularly if the client knows who the attacker is, the targeted person might choose not to block the attacker, so that they can keep track of what they share or say about them. We could ask the client if they have friends or supporters who could keep track of this for them, so they can stop exposing themselves to the aggressions.

To be alerted about hate speech against them, we might recommend the client to set up a Google alert to be informed if something is published with their names.

Cyber bullying (out of mandate)

Some cases of harassment are out of mandate. The main example is cyber bullying, which affects minors. The Helpline cannot deal with minors and we should refer these cases to recognized organizations that work with minors.

Most platforms have strict policies against bullying:

Censorship
Malware / Stalkerware / Spouseware

If the client’s device may be infected by malware, we can follow the relevant steps in Article #258: Advanced Threats Triage Workflow. If the client’s device is a Windows computer, see Article #133: How to clean a malware-infected Windows machine.

Also see the following resources:

If the harasser is using a website/server, either to send malicious emails or to upload harassing content, the client may need to contact the administrators or the hosting provider in order to stop or mitigate the attack.

The Helpline team can help identify the contact point using WHOIS to identify the server/website owner.

Inform the police

In some cases the targeted person may need to inform the police. The Helpline should assist the client to determine whether this would help or further damage their situation. Especially if the adversary is a part of or is linked to the government, contacting the authorities could only make things worse.

If the website/server used by the harasser does not accept to collaborate, the targeted person may need to contact the authorities of the host country to stop the harassment.

Organisations handling online harassment

If the case is out of mandate, for example because the attack is connected to private motivations and the client is not a member of civil society, we can refer them to an organization that focuses on protecting users from online harassment:


Comments

Additional resources

English
Spanish