•  
  •  
 

Catholic University Journal of Law and Technology

Catholic University Journal of Law and Technology

Abstract

Individuals performing open source investigations can misidentify alleged perpetrators and dox innocent parties online, which can subsequently lead to threats and harassment against innocent parties and their loved ones. For example, threats were made against Sunil Tripathi’s family after he was wrongly identified as one of the Boston Marathon bombers and doxed on Reddit and Twitter. In 2020, the Berkeley Protocol on Digital Open Source Investigations was published as a guide, and it includes a set of principles to govern open source investigations. However, the Berkeley Protocol is limited to open source investigations performed by those working for organizations. It does not include situations in which organizations invite volunteers to help, also known as crowdsourcing investigations, or when individuals are performing their own investigations without any organizational support, such as when individuals Tweet people’s pictures and accuse them of crimes while asking others to help with identifying these alleged perpetrators. This gap leaves innocent parties at risk of the consequences of misidentification and doxing committed on the internet.

This article examines some of the best practices of three different organizations (Europol, Bellingcat, and Trace Labs) in their use of crowdsourcing in open source investigations and then considers how to adapt those best practices to better respect the Berkeley Protocol principles of accountability, competency, and accuracy. This article also looks at whether it is possible to adapt the Berkeley Protocol to better protect innocent parties from individuals performing investigations outside the scope of an organization. It finds that the Berkeley Protocol can and should be expanded to better guide organizations that instigate crowdsourcing, but that eliminating the risks of misidentification and doxing committed by individuals working outside the scope of an organization would be nearly impossible.

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.