Sharing personal data for the purpose of intimidation to be made a criminal offence

Sharing personal data for the purpose of harassing someone, also called doxing, needs to be made prosecutable under criminal law. This includes sharing personal data in order to scare someone. Minister Yeşilgöz-Zegerius (Justice and Security) is therefore sending a bill on this issue to the Council of State for an opinion. The phenomenon of sharing address details in chat groups so that others can then frighten someone at their home, for example, has skyrocketed in recent years. The victims feel unsafe and intimidated.

Emergency services providers, police officers, journalists and politicians often become victims of doxing, but scientists, opinion makers and municipal employees are also affected by people who distribute or forward their personal information in order to scare them. The Lower House of Parliament and employers such as the police have also previously expressed concerns about their employees and argued for a criminal justice approach to this problem.

‘You don’t go after emergency services providers, police officers, journalists and other people who work to protect our free society in whatever way that may be. Within this free society, we cannot tolerate the fact that some individuals think they have to intimidate others by sharing their personal information. People and their families should be safe at home. People should be able to freely express themselves at all times and do their job unimpeded. That is why we are drawing the line here and laying down in the law that we do not accept this. Our decision also lets online platforms know that they must take action and cannot allow this behaviour to go unanswered. And whoever crosses that line deserves to be punished.’

says Minister Yeşilgöz-Zegerius. 

Many types of intimidating behaviour are already criminal offences, such as threats and stalking. In practice, it is often not possible to prosecute for sharing personal information. This is the case, for example, because no threat has been made of a serious offence, or the victim's privacy has not been systematically invaded. The bill that Minister Yeşilgöz-Zegerius is sending to the Council of State for an opinion would allow for earlier intervention by the police. It is also clear that Internet platforms have a responsibility to address this behaviour, for example by removing or blocking the content. Once the Council of State has issued its opinion, the bill will be presented to the Lower House of Parliament as soon as possible.

A maximum prison sentence of one year will be imposed for the provision, dissemination or otherwise making available of identifying personal data of another person or a third party with the intention of scaring or seriously inconveniencing them, seriously hindering them in the performance of their duties or in the course of their profession or assisting someone else in causing such harm. The new provision explicitly stipulates that people who can assume in good faith that the disclosure of the information is in the public interest are not punishable by law. This means the provision cannot be invoked against journalists and whistleblowers who disclose news items and wrongdoing.

Minister Yeşilgöz-Zegerius’ proposal is expected to provide the police and the Public Prosecution Service with a firmer basis for taking action against doxing. Victims themselves will also be able to initiate civil proceedings if the identity of the person who posted the contested content online is known. Compensation could then be demanded, and the individual would be required to take the unlawful content offline. If the perpetrator’s identity is not known, then the offence could be reported to the intermediary who hosts the content. Intermediaries such as providers and online platforms have a responsibility to take action if they are aware that their platforms or servers contain criminal or unlawful content.