Google Fights Doxxing with Updated Personal Info Removal Policy

Google has expanded its policies to allow doxxing victims to remove more of their personally identifiable information (PII) from search engine results starting earlier this week.

Removing doxxing content (contact info shared online with malicious intent) aims to protect the victims’ privacy and substantial risks of identity theft, financial fraud, and, in some cases, the potential of physical harm.

While people already had the option to request the removal of personal data that could be used in financial fraud, such as credit card and bank account info, before this update, Google now also allows demands to delete contact information.

Also Read: 7 Key Principles of Privacy by Design that Businesses should adopt

“Under this new policy expansion, people can now request removals of additional types of information when they find it in Search results, including personal contact information like a phone number, email address, or physical address,” said Michelle Chang, Google’s Global Policy Lead for Search.

“The policy also allows for the removal of additional information that may pose a risk for identity theft, such as confidential log-in credentials, when it appears in Search results.”

In all, the company says it will allow the removal of the following types of information:

• Confidential government identification (ID) numbers
• Bank account numbers
• Credit card numbers
• Images of handwritten signatures
• Images of ID docs
• Highly personal, restricted, and official records, like medical records
• Personal contact info (physical addresses, phone numbers, and email addresses)
• Confidential login credentials

However, for this to happen, Google adds that it requires URLs submitted via content removal requests to contain your contact info.

Also Read: Things to Know about the Spam Control Act (Singapore)

Also, Google will only consider the requests if it finds the presence of “explicit or implicit threats, or explicit or implicit calls to action for others to harm or harass.”

Victims of doxxing or their authorized representatives can submit requests to remove personal information from Google search results via this link.

Once it goes through, you will get an automated confirmation and a notification of any action taken or a request for more info if there’s not enough information to evaluate the removal request.

You can find more info about the process, including the factors considered in each request’s evaluation and which URLs you need to submit for review, on this help page.

“The availability of personal contact information online can be jarring — and it can be used in harmful ways, including for unwanted direct contact or even physical harm,” Chang added.

“And people have given us feedback that they would like the ability to remove this type of information from Search in some cases.”

In October, Google also rolled out a new policy allowing people under the age of 18 (or one of their parents or guardians) to request the removal of links in Google Search results pointing to sites hosting their photos.