Digital black hole cries out for multi-pronged, effective treatment

What began as yet another clash between fans of celebrities has evolved into a potential watershed for cybersecurity reform. The recent increase in "doxing" or "box-opening", the malicious practice of cyber-enabled privacy invasion, has reached a critical inflection point, compelling society to transform fleeting public outrage into concrete systemic safeguards against this digital-era epidemic.

Like similar incidents in the past, the recent viral doxing (short for drop the documents) case stemmed from disputes among celebrities' fans, where the victim's privacy is inadvertently exposed. What sets this case apart is its dramatic twist: the underage child of a tech giant executive engaged in the online controversy, while the perpetrators or box-openers themselves fell prey to retaliatory exposure, creating a boomerang effect that turned public discussion into a high-profile social debate.

As a malignant tumor of the information age, the dangers of such acts are self-evident. In today's digital society, personal data are increasingly accumulating in cyberspace. When invasion of privacy runs rampant and cyber-violence spreads unchecked, digital footprints leave individuals exposed to potential dangers, fostering an online climate of pervasive insecurity.

Virtual defamation and insults can spill into real-world harassment. The case of an internet-famous illustrator enduring over a year of stalking after failing to mediate fandom disputes exemplifies how cyber-bullying bleeds into physical endangerment.

Public scrutiny now focuses on the alarming accessibility of the practice. Superficially, fan culture is blamed as a hotbed. Adolescent idol worship, in some cases, morphs into exclusionary tribalism, where trivial disagreements, subtle criticism of idols for one thing, are magnified into irreconcilable "us vs. them" battles, weaponizing privacy leaks for coordinated attacks.

The deeper malignancy lies in an insidious data black market. When privacy becomes a dark currency, it fuels a growing digital black hole that voraciously devours personal information. Reports indicate the recent case involved data purchased from one of the overseas social engineering databases, which operate in cyberspace's shadowy recesses as covert hubs for illegally collecting and selling private information, enabling cyber assaults based on details of personal profiles.

Combative measures didn't start today. In 2023, for instance, Chinese cyberspace authorities initiated "operation clean network" targeting malicious behaviors, from doxing to factional incitement. Last year saw more than 7,000 personal data breach prosecutions involving stolen logistics and education records.

As an emerging global pandemic, however, the new public hazard demands sustained, sophisticated treatment beyond episodic crackdowns.

First and foremost, tech platforms must take primary responsibility for the issue. Experts suggest strengthening content monitoring through AI-driven algorithms and data screening to swiftly detect and remove illegal leaks, while optimizing reporting mechanisms. Also, platforms must adhere to the principle of minimal necessity or privacy by design in user data collection, encrypt sensitive information, and establish accountability for third-party sharing with timely retroactive investigations into breaches.

With minors being the prime targets, schools and families must collaborate on comprehensive cyberethics curricula. Initiatives should be aimed at demystifying technology's dual-edged nature while addressing the root causes such as toxic para-social relationships in fan ecosystems.

Most crucially, legal frameworks must evolve from deterrent fences into fortified moats. In fact, China has been tightening its data privacy laws and regulations. Under current laws, illegally collecting and disseminating personal data can lead to imprisonment from three to seven years. However, vague standards for "serious circumstances" hinder enforcement. Making clear the thresholds via judicial interpretations is essential to turn the balance of cost for violation and the protection of rights.

Given the transnational nature of data trafficking, as evidenced in recent cases where data servers operate in legal gray zones abroad, dismantling the illegal supply chain requires cross-border collaboration. And international accords are important for reconciling jurisdictional conflicts and bridging the gaps in data protection laws.

This moment of public awakening must catalyze a comprehensive upgrade of digital civilization rules, forging a united front to build an impregnable cybersecurity defense. Only through relentless, multi-dimensional governance can we check the digital abyss and restore trust in the connected world.

The author is chief researcher at the China Watch Institute, China Daily.

The views don't necessarily reflect those of China Daily.

If you have a specific expertise, or would like to share your thought about our stories, then send us your writings at opinion@chinadaily.com.cn, and comment@chinadaily.com.cn.