{"id":22,"date":"2023-04-01T16:05:20","date_gmt":"2023-04-01T16:05:20","guid":{"rendered":"https:\/\/live-digitalscholarship-library-cornell-edu.pantheonsite.io\/?p=22"},"modified":"2025-10-15T19:59:40","modified_gmt":"2025-10-15T19:59:40","slug":"privacy-consultations-and-resources","status":"publish","type":"post","link":"https:\/\/digitalscholarship.library.cornell.edu\/?p=22","title":{"rendered":"Self-defense Against Digital Harassment"},"content":{"rendered":"\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Introduction: Individual and Collective Harms<\/h2>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>It\u2019s easy to mistake coordinated harassment as a problem affecting only individuals, since the immediate purpose of these attacks is to silence, humiliate, and isolate individual researchers.<\/p>\n\n\n\n<p>But the <em>ultimate<\/em> goal of harassment campaigns is to undermine and delegitimize higher education and public trust in academic expertise <em>overall<\/em>, with a particular focus on \u201chigh prestige\u201d institutions.\u00a0<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-alpha-channel-opacity has-background\" style=\"background-color:#9d2361;color:#9d2361\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Part I: <strong>Doxing Self-Defense<\/strong><\/h2>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">1. <strong>Find what&#8217;s out there<\/strong><\/h3>\n\n\n\n<div style=\"height:16px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Google your name. Google your name + \u201caddress\u201d (not your actual address, but the word &#8220;address.&#8221;) Google your name + \u201cphone number.\u201d<\/li>\n\n\n\n<li>Then try those searches with a <em>non-tracking search engine<\/em> like <a href=\"https:\/\/duckduckgo.com\/\">DuckDuckGo<\/a>, <a href=\"https:\/\/search.brave.com\/\">Brave Search<\/a>, or <a href=\"https:\/\/www.qwant.com\/\">Kagi<\/a><\/li>\n\n\n\n<li>Search for your old handles, usernames, and social media profiles. <\/li>\n\n\n\n<li>Search for yourself in a <a href=\"https:\/\/pimeyes.com\/en\">facial recognition database<\/a>. You will need to update a photo of yourself.&nbsp;<\/li>\n\n\n\n<li>Repeat for close family members, or others you want to protect, especially if they share an address with you.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">2. <strong>Remove your data from public-facing broker sites<\/strong><\/h3>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>Data brokers collect your address(es), phone numbers, family and household members, and other personal information, and then publish and sell profiles of you. <strong>Removing yourself from these databases is one of the most important things you can do to mitigate the harm of doxing.<\/strong><\/p>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\">Option A: DIY<\/h5>\n\n\n\n<p>Use one of these guides to request your name be removed from each data broker:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/yaelwrites\/Big-Ass-Data-Broker-Opt-Out-List\">Big Ass Data Broker Opt Out List <\/a>, Yael Grauer&nbsp;<\/li>\n\n\n\n<li><a href=\"https:\/\/inteltechniques.com\/workbook.html\">IntelTechniques&#8217; Data Removal Guide<\/a>, Michael Bazzell<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<p>Repeat the process every 6-12 months, or when you have a big life event, e.g. move house, or professional event, e.g. publish a paper, appear in a news interview. The process will be faster after the first time you do it!<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\">Option B: Hire a Service<\/h5>\n\n\n\n<ul class=\"wp-block-list\">\n<li>First, review the pros and cons: <a href=\"https:\/\/www.consumerreports.org\/electronics\/personal-information\/services-that-delete-data-from-people-search-sites-review-a2705843415\/\">Services That Delete Your Data from People-Search Sites Don&#8217;t Work Very Well, Study Finds<\/a> (<em>Consumer Reports,&nbsp;<\/em>Aug. 24, 2024)<\/li>\n\n\n\n<li>Then, consider hiring a service like <a href=\"https:\/\/joindeleteme.com\/\">DeleteMe<\/a><\/li>\n\n\n\n<li>After a couple of months of subscribing to a service, do your own searches to catch anything that the service didn&#8217;t. <\/li>\n<\/ul>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">3.<strong> Decide what to keep &amp; what to ditch<\/strong><\/h3>\n\n\n\n<div style=\"height:14px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Do you want your office address available on the campus website? Photo?&nbsp;If not, ask for them to be taken down.<\/li>\n\n\n\n<li>Consider leaving alone some outdated information if it is useful for misdirection and poses no harm.&nbsp;<\/li>\n<\/ul>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">4<strong>. Tackle your social media content<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Did you find old social media accounts or discussion forum accounts you don&#8217;t use anymore? Delete them. <\/li>\n\n\n\n<li>Set your personal social media accounts to private.<\/li>\n\n\n\n<li>Decide what information you will keep on your professional social media or public webpage(s). Delete images that include private places or people in the background.<\/li>\n\n\n\n<li>If photos or information about you appears on social media friends&#8217; pages, ask them to take down anything you don&#8217;t want to be public.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h4 class=\"wp-block-heading\">Automated Tools for Managing Social Media<\/h4>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\">\n<ul class=\"wp-block-list\">\n<li>You can back up old tweets and then delete them from X with <a href=\"https:\/\/cyd.social\/\">the free tool Cyd<\/a>. Then, if you want, you can migrate them to an open platform like Bluesky with a premium plan. There are many customization options. Save a spreadsheet of your old tweets for personal archiving, if you want. The developers of Cyd plan to add more social media platforms soon.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You can use the <a href=\"https:\/\/www.blockpartyapp.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Block Party app<\/a> to review all privacy settings for multiple social media platforms, to untag yourself from other people&#8217;s photos and posts, and\/or to activate useful tools on multiple platforms, such as proactive blocking of known bad actors, and quarantining of harassing messages. <br>For free, Block Party will review your social media accounts and point you to settings and tools that you can activate yourself. OR, for a monthly fee, the app will make changes for your automatically.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div style=\"height:32px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>5. Web Content You Can&#8217;t Remove<\/strong><\/h3>\n\n\n\n<div style=\"height:16px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>If you find personal information posted by bad actors (e.g. &#8220;watchlists&#8221;), <a href=\"https:\/\/support.google.com\/websearch\/answer\/9673730?hl=en\">you can ask Google to remove it from its search results<\/a>. This won&#8217;t remove online content completely. But it will make it harder to find, especially for casual searchers.<\/li>\n\n\n\n<li>Another way to push harasser-created material further down in the list of search results is to make sure there is plenty of good, recent information out there about you available online on &#8220;high-quality&#8221; websites. In other words, good content can help push down bad content further down in the results list. Examples of &#8220;good content&#8221; that will rank high in search results include: well-curated social media profiles, your Cornell faculty page (or any page with a .edu domain), news articles, and press releases. <\/li>\n\n\n\n<li>Consider asking your college&#8217;s or unit&#8217;s university relations contact to help with the creation of content on the cornell.edu domain that will help push other hits down in search rankings.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:52px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Background reading on doxing self-defense<\/strong><\/h3>\n\n\n\n<div style=\"height:14px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Public-Facing Data Brokers<\/strong><\/h5>\n\n\n\n<p><a href=\"https:\/\/www.nytimes.com\/2019\/08\/15\/technology\/personaltech\/i-shared-my-phone-number-i-learned-i-shouldnt-have.html\">I Shared My Phone Number. I Learned I Shouldn&#8217;t Have.<\/a> (B. Chen, <em>NYTimes. <\/em>Aug. 15, 2019.)<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>On the Failures of &#8220;Anonymized&#8221; Data<\/strong><\/h5>\n\n\n\n<p><a href=\"https:\/\/www.nytimes.com\/interactive\/2019\/12\/21\/opinion\/pasadena-smartphone-spying.html\">Where Even the Children Are Being Tracked<\/a> (C. Warzel &amp; S. Thompson, <em>NYTimes. <\/em>Dec. 21, 2019)<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Phone Apps<\/strong><\/h5>\n\n\n\n<p><a href=\"https:\/\/www.nytimes.com\/2019\/09\/24\/opinion\/facebook-google-apps-data.html\">The Loophole That Turns Your Apps Into Spies<\/a> (C. Warzel, <em>NYTimes. <\/em>Sept. 24, 2019<em>)<\/em><br><a href=\"https:\/\/themarkup.org\/ask-the-markup\/2022\/02\/24\/who-is-policing-the-location-data-industry#2022-app-store-illustrated-explainer_numbered-list\">Who Is Policing the Location Data Industry?<\/a> (A. Ng &amp; J. Keegan,,<em>The Markup. <\/em>Feb. 24, 2022)<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>How Your Data Gets Passed Around&nbsp;<\/strong><\/h5>\n\n\n\n<p><\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-alpha-channel-opacity has-background\" style=\"background-color:#159f7b;color:#159f7b\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Part II: <strong>Secure Your Accounts<\/strong><\/h2>\n\n\n\n<p>Ideally, <em>each<\/em> of your accounts will have a unique, hard-to-guess password. Creation and storage of most of these passwords are best left to a password manager.<\/p>\n\n\n\n<p>But for your most important accounts, you may want to create your own memorable, strong passwords, and keep them out of your password manager. You may also want to enable two-factor authentication for these most important accounts.&nbsp;<\/p>\n\n\n\n<p>Don&#8217;t forget to create a strong, memorable password for your password manager itself!<\/p>\n\n\n\n<p><a href=\"https:\/\/haveibeenpwned.com\/\">Have I Been Pwned?<\/a> A safe, free tool that allows you to see if your email address(es) has been a username in any known credential hacks.<\/p>\n\n\n\n<p><a href=\"https:\/\/dehashed.com\/\">DeHashed \u2014 #FreeThePassword<\/a> A more explicit version of HaveIBeenPwned. It will show leaked passwords, credit card information, and other details. This is a site regularly used by harassers to find information.<\/p>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">1. <strong>Choose and maintain a third-party password manager<\/strong><\/h3>\n\n\n\n<p><a href=\"https:\/\/www.nytimes.com\/wirecutter\/blog\/why-you-need-a-password-manager-yes-you\/\">Why You Need a Password Manager. Yes, You.<\/a>, A. Cunningham (2021). <em>Wirecutter: The New York Times<\/em><\/p>\n\n\n\n<p>Here are three easy-to-use options:<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\">Bitwarden<\/h5>\n\n\n\n<p><em><strong>Pros<\/strong><\/em>: Open source. Well-designed and easy to use. Free for individuals. The only password manager that offers free sharing of passwords among two-person families. <\/p>\n\n\n\n<p><em><strong>Cons<\/strong><\/em><em>: Slightly<\/em> less user-friendly than 1Password<\/p>\n\n\n\n<p><em><strong>Cost: <\/strong><\/em>Free for <strong>up to 2 individuals <\/strong>sharing an account. $40\/year for families larger than two.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/bitwarden.com\/\">Bitwarden Sign Up<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/bitwarden.com\/help\/\">Official Help Docs<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=qzuut0-noHk\">An unofficial video introduction<\/a><\/li>\n<\/ul>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\">Proton Pass<\/h5>\n\n\n\n<p><em><strong>Pros<\/strong><\/em>: Open source. Free for individuals. If you use other Proton tools (like Proton Mail or Proton VPN), Proton Pass will integrate well.&nbsp;<\/p>\n\n\n\n<p>We haven&#8217;t evaluated Proton&#8217;s usability.<\/p>\n\n\n\n<p><em><strong>Cost: <\/strong><\/em>Core services are free for individuals. $60\/year for families.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/proton.me\/pass\">Proton Pass Sign Up<\/a><\/li>\n<\/ul>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\">1Password<\/h5>\n\n\n\n<p><em><strong>Pros:<\/strong><\/em> The absolute simplest to use, in our opinion.<\/p>\n\n\n\n<p><em><strong>Cons<\/strong><\/em><em>:&nbsp;<\/em>No free tier<\/p>\n\n\n\n<p><em><strong>Cost: <\/strong><\/em>$36\/yr for individuals, $60\/yr for families<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/1password.com\/\">1Password Sign Up<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/support.1password.com\/\">Official Help Docs<\/a><\/li>\n<\/ul>\n\n\n\n<div style=\"height:29px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\">LastPass<\/h5>\n\n\n\n<p><a href=\"https:\/\/it.cornell.edu\/password-mgmt\/sign-cornell-lastpass-account\">Cornell offers a free Enterprise LastPass account to students, staff, and faculty.<\/a> This account offers family sharing and other advanced features. If you are already using LastPass, and like it, great! It is a much more secure option than not using a password manager. It&#8217;s also great if you want free access to a family password manager.<\/p>\n\n\n\n<p>That said, LastPass isn&#8217;t our favorite password manager. It is currently owned by private equity sponsors, which sometimes signals that quality and security may be de-prioritized in multiple ways. And in fact, <a href=\"https:\/\/blog.lastpass.com\/posts\/notice-of-recent-security-incidentut-lastpass-security-breach\">LastPass suffered a security breach<\/a> in late 2022, the only password manager that is known to have been breached in this way. In addition, LastPass software is based on closed-source code, which in general is less secure than open-source code. Finally, be aware that when you leave Cornell (unless as emeritus faculty), your enterprise LastPass account will convert to a free personal account, without family sharing capability and other advanced features.&nbsp;&nbsp;<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\">Setting up your password manager<\/h5>\n\n\n\n<p>If you already have password instructions stored in a browser, look for instructions on how to &#8220;import passwords&#8221; from your browser into your new password manager.&nbsp;<\/p>\n\n\n\n<p>After importing your passwords, delete them from your browser, and turn off any automatic saving features.<\/p>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-a89b3969 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-fill\"><a class=\"wp-block-button__link has-text-align-center wp-element-button\" href=\"https:\/\/www.library.cornell.edu\/about\/staff\/central-departments\/digital-scholarship\/colab-programs\/co-working\/\">Problems setting up your password manager? <br>Come to Digital CoLab drop-in hours!<br>or<br>Make an appointment: digitalcolab@cornell.edu<\/a><\/div>\n<\/div>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">2. <strong>Remember-able passwords for your most important accounts<\/strong><\/h3>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>Keep some passwords out of your password manager (including the passwords for your password manager itself!) <\/p>\n\n\n\n<p>These important passwords\/passphrases should be:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Long<\/li>\n\n\n\n<li>Easy to remember<\/li>\n\n\n\n<li>Hard to guess<\/li>\n<\/ul>\n\n\n\n<p>They do NOT need:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>capital letters \/ numerals \/ special characters<\/li>\n\n\n\n<li>to be changed regularly<\/li>\n\n\n\n<li>(<a href=\"https:\/\/www.bbc.com\/news\/technology-40875534\">The federal advisor who created those rules in 2003 now regrets them!<\/a>)<\/li>\n<\/ul>\n\n\n\n<p>How to create a long, hard-to-guess password:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use the <a href=\"https:\/\/diceware.dmuth.org\/\">Diceware Password Generator<\/a>. Choose 4, 5, or 6 random words.<\/li>\n\n\n\n<li>OR Use physical dice and look up random words on the <a href=\"https:\/\/www.eff.org\/files\/2016\/07\/18\/eff_large_wordlist.txt\">EFF&#8217;s random word list<\/a>.<\/li>\n\n\n\n<li>Here&#8217;s <a href=\"https:\/\/ssd.eff.org\/module\/animated-overview-how-make-super-secure-password-using-dice\">a great video from the Electronic Freedom Foundation<\/a> explaining how and why to create strong random passwords\/passphrases.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">3. <strong>Enable multi-Factor authentication<\/strong><\/h3>\n\n\n\n<p>For your most important or most sensitive accounts, enable multi-factor authentication (MFA) with an authenticator app, a hardware token &#8212; or both &#8212; which lets each act as a backup for the other.<\/p>\n\n\n\n<p>The easiest and often default MFA method is plain text SMS. But this is also the least secure method, as a <em>determined<\/em> adversary can spoof your phone number if they know it, and intercept plain SMS texts. That&#8217;s why we recommend an authenticator app or hardware token if possible. But SMS is still much more secure than no MFA!&nbsp;<\/p>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Authenticator apps<\/strong><\/h5>\n\n\n\n<p>Authenticator apps are free for individual end users (like you) because their profit comes from the tech companies that pay for them to be compatible with their sites, and by enterprise customers (like Cornell).<\/p>\n\n\n\n<p>Authenticator apps explained: <a href=\"https:\/\/www.vox.com\/recode\/22419794\/authenticator-apps-and-you-authy-google-authenticator\">There&#8217;s a Better Way to Protect Yourself from Hackers and Identity Thieves<\/a>, S. Morrison (2021). <em>Vox recode.<\/em><\/p>\n\n\n\n<p>You probably already use one authenticator app &#8212; Duo Mobile &#8212; to access your Cornell account. <a href=\"https:\/\/guide.duo.com\/third-party-accounts\">Follow these instructions to add additional third-party accounts to Duo Mobile<\/a>.<\/p>\n\n\n\n<p><a href=\"https:\/\/authy.com\">Authy<\/a> is another free and trustworthy authenticator app.&nbsp;<br>Some 3rd-party password managers also offer authenicator apps.&nbsp;<\/p>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Authentication with a hardware token<\/strong><\/h5>\n\n\n\n<p>A hardware token is the most secure form of 2FA. It&#8217;s a small physical item that looks slightly like a thumb drive. Keep it with you &#8212; on your keychain, for example &#8212; and plug it into your device&#8217;s USB or Lightning drive when you need authentication. It&#8217;s particularly useful if you need 2FA access when you don&#8217;t have reliable cellular service, or if you use burner phones.<\/p>\n\n\n\n<p>Hardware tokens explained: <a href=\"https:\/\/www.wired.com\/story\/how-to-use-a-yubikey\/\">Simplify and Secure Your Online Accounts with a Yubikey<\/a>, J Colt (2018). <em>WIRED.<\/em><\/p>\n\n\n\n<p>The <a href=\"https:\/\/www.yubico.com\/\">Yubikey<\/a> is the most popular brand of authenticator hardware token<\/p>\n\n\n\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Part III: <strong>More Considerations<\/strong><\/h2>\n\n\n\n<div style=\"height:16px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">1. <strong>Personal websites<\/strong><\/h3>\n\n\n\n<p>If you maintain a personal website, use a contact form rather than publishing your personal email address.<\/p>\n\n\n\n<p>If you use a dynamic content management system (CMS), e.g. WordPress, be sure to keep security patches updated. Or, build your site using a static site generator; static sites are more resistant to denial-of-service attacks and other attempts to cause harm. <a href=\"https:\/\/www.library.cornell.edu\/about\/staff\/central-departments\/digital-scholarship\/colab-programs\/co-working\/\">Talk to Digital CoLab staff for help with building a static site.&nbsp;<\/a><\/p>\n\n\n\n<div style=\"height:34px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">2. Your academic work<\/h3>\n\n\n\n<p>Be aware that your email correspondence with colleagues at state universities may be obtained and published via public records requests.<\/p>\n\n\n\n<p>If you maintain a profile on a third-party host of preprints\/postprints, be cautious with commercial surveillance sites such as Academia and ResearchGate. Instead, consider repositories and networks built, owned, and maintained by scholarly communities, such as <a href=\"https:\/\/orcid.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">OrcID<\/a>, <a href=\"https:\/\/arxiv.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">ArXiv<\/a>, <a href=\"https:\/\/hcommons.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">Humanities Commons<\/a>, <a href=\"https:\/\/ecommons.cornell.edu\/\" target=\"_blank\" rel=\"noreferrer noopener\">eCommons<\/a>, or others in your field.&nbsp;<\/p>\n\n\n\n<p>When a library database vendor pushes you to create an account while using it, avoid doing so, unless you have a specific reason for wanting to do so.&nbsp;<\/p>\n\n\n\n<p>Consider adding a copyright statement to your syllabus that prohibits students&#8217; posting course materials publicly. <a href=\"https:\/\/theuniversityfaculty.cornell.edu\/dean\/academic-integrity\/students-buying-and-selling-course-materials\/\">This Faculty Senate page offers suggested language<\/a>. If you find your work posted on third party sites, you can request removal. Cornell Library Copyright Services offers <a href=\"https:\/\/guides.library.cornell.edu\/copyright\/course-material\">a guide for finding re-posted course material and requesting its removal.<\/a><\/p>\n\n\n\n<div style=\"height:31px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\">Early warning system<\/h3>\n\n\n\n<p><a href=\"https:\/\/support.google.com\/websearch\/answer\/4815696?hl=en\" target=\"_blank\" rel=\"noreferrer noopener\">Set up a Google alert for your name<\/a>, so that you will have a heads-up if you become a target.<\/p>\n\n\n\n<p>Proactively request colleagues and family not share your contact information, schedule, or other personal details with cold callers or e-mailers. Speak with:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Departmental faculty and staff<\/li>\n\n\n\n<li>Anyone who is connected with your name in your academic work<\/li>\n\n\n\n<li>Anyone (usually family members or roommates) who you find linked to you in data-broker records<\/li>\n<\/ul>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h3 class=\"wp-block-heading\"><\/h3>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Make a Plan in Advance:<\/strong> Prepare in case of an attack<\/h2>\n\n\n\n<p>Some questions to consider <em>before<\/em> an attack:<\/p>\n\n\n\n<div style=\"height:10px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Is there a friend you would trust to screen your email for you, so that you don&#8217;t have to read the messages in the moment? Talk to them in advance.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Will you want to save abusive materials in order to have documentation later? What kind of system might work best for that, for you and\/or for your email screener?<\/li>\n<\/ul>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Who in your personal or professional networks could you tap to report social media abuse? Threatening posts have a better chance of being taken down if reported by someone other than the target.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Consider starting a conversation with colleagues in your unit, department, lab, or other group about the collective harm of targeted and network harassment. As a group, consider whether and how you might respond collectively to cases of sustained and severe harassment.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:15px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Consider contacting <a href=\"https:\/\/health.cornell.edu\/services\/victim-advocacy\">Cornell Health&#8217;s Victim Advocacy Program<\/a> for mental health and other support.<\/li>\n<\/ul>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Collective Harms &amp; Collective Responses<\/strong><\/h2>\n\n\n\n<p>It&#8217;s important to remember that, while the largest burden of targeted or networked harassment is borne by individuals, the goal of such harassment is to discredit and delegitimize higher education, the academy, the research process, academic freedom, and academic institutions <em>collectively.<\/em><\/p>\n\n\n\n<p>Therefore, the problem can never be solved by individual responses alone. Here are some resources to consider if you are planning collective defenses with your department, professional organization, or other group.&nbsp;<\/p>\n\n\n\n<p>The American Association of University Professors (AAUP), informed by years of research and practice, <a href=\"https:\/\/www.aaup.org\/issues-higher-education\/political-attacks-higher-ed\/targeted-harassment-faculty\/what-you-can-dosment-faculty#.YU_bI6ApDfY\">recommends <\/a>clear and forceful condemnations of harassment and intimidation from institutions, boards, and faculties, individually and collectively.<\/p>\n\n\n\n<p><a href=\"https:\/\/facultyfirstresponders.com\/administrators\/\">Resources for Administrators<\/a> I. Kamola, Faculty First Responders Project<\/p>\n\n\n\n<p>&#8220;<a href=\"https:\/\/tressiemc.com\/essays-2\/academic-outrage-when-the-culture-wars-go-digital\/\" target=\"_blank\" rel=\"noreferrer noopener\">Academic Outrage: When the Culture Wars Go Digital<\/a>&#8221; [blog post], T. MacMillan Cottom, 2017.&nbsp;<\/p>\n\n\n\n<p>A Model <a href=\"https:\/\/news.syr.edu\/blog\/2021\/09\/13\/message-from-chancellor-kent-syverud-and-dean-david-van-slyke\/\">Public Message in Support of Targeted Faculty Member <\/a>, Syracuse University, Sept. 2021<\/p>\n\n\n\n<p><a href=\"https:\/\/news.stanford.edu\/stories\/2021\/11\/statement-stanford-president-humanities-sciences-dean\">Another model message of support from a university president<\/a>, Stanford University, November 2021.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.aaup.org\/sites\/default\/files\/Cherniavsky-.pdf\">Against the Common Sense: Academic Freedom as a Collective Right <\/a>&nbsp;E. Cherniavsky,&nbsp; <em>Journal of Academic Freedom. <\/em>2021<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Understanding Harassment<\/strong><\/h2>\n\n\n\n<p>A collection of essays, research, and journalism.<\/p>\n\n\n\n<p>This reading list has not yet been fully updated for developments in 2025.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Attacks on academic freedom: understanding the current landscape<\/h4>\n\n\n\n<p><a href=\"https:\/\/pen.org\/report\/americas-censored-classrooms-2024\/\"><strong>America\u2019s Censored Classrooms 2024: Refining the Art of Censorship<\/strong><\/a>.<br>A report from PEN America, October 2024<\/p>\n\n\n\n<p><a href=\"https:\/\/www.aaup.org\/article\/manufacturing-backlash\"><strong>Manufacturing Backlash: Right-Wing Think Tanks and Legislative Attacks on Higher Education<\/strong><\/a><br>Isaac Kamola. A report from the AAUP\u2019s Center for Academic Freedom, May 2024.<\/p>\n\n\n\n<p><strong><a href=\"https:\/\/www.aaup.org\/sites\/default\/files\/Cherniavsky-.pdf\">Against the Common Sense: Academic Freedom as a Collective Right<\/a> &nbsp;<\/strong><br>E. Cherniavsky,&nbsp; <em>Journal of Academic Freedom. <\/em>2021<br>Academic freedom itself is often viewed as an individual right \u2013 the right of individual faculty to speak freely. But Cherniavsky usefully reframes academic freedom as the <em>collective<\/em> right of the faculty of a department, discipline, and\/or institution to set academic standards, determine the quality of one another\u2019s academic work, define the boundaries of a discipline, determine what academic topics are taught, and more.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">First-person accounts by targeted academics<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.uproot.space\/features\/confronting-anti-asian-racism\">Confronting Anti-Asian Racism: A Statement on (In)visibility and Online Targeted Harassment<\/a>, R. Esmail (2021), <em>Up\/\/root.<\/em><\/p>\n\n\n\n<p><a href=\"https:\/\/www.facebook.com\/haymarketbooks\/posts\/a-statement-from-keeanga-yamahtta-taylor-concerning-my-public-talks-this-weekit-\/1494045207312386\/\">A Statement Concerning My Public Talks This Week<\/a>, K. Taylor, posted on Facebook by Haymarket Books, 2017.<\/p>\n\n\n\n<p><a href=\"https:\/\/doi.org\/10.1177\/0891243218766831\">&#8220;Are You Willing to Die For This Work?&#8221; Public Targeted Online Harassment in Higher Education: SWS [Sociologists for Women in Society] Presidential Address<\/a>, A. L. Ferber (2018), <em>Gender &amp; Society <\/em>32(3)<em>.<\/em><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">US-based far-right&nbsp;<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.aaup.org\/article\/data-snapshot-whom-does-campus-reform-target-and-what-are-effects#.Yji_gJrMLFw\">Data Snapshot: Whom Does Campus Reform Target and What Are the Effects?<\/a> H. Tiede, et.al., <em>American Association of University Professors Reports &amp; Publications.<\/em> Spring 2021<\/p>\n\n\n\n<p><a href=\"https:\/\/www-tandfonline-com.proxy.library.cornell.edu\/doi\/full\/10.1080\/07393148.2021.1996837\">Sensationalized Surveillance: Campus Reform and the Targeted Harassment of Faculty<\/a> S. McCarthy &amp; I. Kamola<em>, New Political Science.<\/em> Nov. 2021<\/p>\n\n\n\n<p><a href=\"https:\/\/theintercept.com\/2021\/04\/10\/campus-reform-koch-young-americans-for-freedom-leadership-institute\/\">A Billionaire-Funded Website with Ties to the Far-Right Is Trying to &#8220;Cancel&#8221; University Professors<\/a> A. Speri, <em>The Intercept. <\/em>April 2021<\/p>\n\n\n\n<p>Guide: <a href=\"https:\/\/facultyfirstresponders.com\/\">Faculty First Responders: Understand Right Wing Attacks on Faculty<\/a>, from political scientist Isaac Karmola<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Science-denialism<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.science.org\/content\/article\/overwhelmed-hate-covid-19-scientists-face-avalanche-abuse-survey-shows\">In the Line of Fire <\/a>&nbsp;C. O&#8217;Grady, <em>Science<\/em>, March 2022<br>On the networked harassment of scientists, particularly those working on COVID-19 research.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Foreign Affairs<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.washingtonpost.com\/world\/2021\/10\/03\/india-us-universities-hindutva\/\" target=\"_blank\" rel=\"noreferrer noopener\">Under Fire from Hindu Nationalist Groups, U.S.-based Scholars of South Asia Worry About Academic Freedom<\/a> N. Masih, <em>The <\/em><em>Washington Post,<\/em> Oct. 3, 2021<\/p>\n\n\n\n<p><a href=\"https:\/\/www.hrw.org\/report\/2021\/06\/30\/they-dont-understand-fear-we-have\/how-chinas-long-reach-repression-undermines\" target=\"_blank\" rel=\"noreferrer noopener\">&#8220;They Don&#8217;t Understand the Fear We Have&#8221;: How China&#8217;s Long Reach of Repression Undermines Academic Freedom at Australia&#8217;s Universities<\/a> <em>Human Rights Watch,&nbsp;<\/em>June 30, 2021<\/p>\n\n\n\n<p>Guide: <a href=\"https:\/\/www.hindutvaharassmentfieldmanual.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">Hindutva Harassment Field Manual<\/a>, from the South Asia Scholar Activist Collective<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Our sources <\/strong><\/h2>\n\n\n\n<p><a href=\"https:\/\/www.privacyguides.org\/en\/\"><strong>Equality Labs&#8217; Anti-Doxing Guide for Activists<\/strong><\/a><br>Equality Labs is a South Asian Dalit civil rights organization. One of their priorities is research and teaching on digital security.&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/www.privacyguides.org\/en\/\"><strong>Privacyguides.org<\/strong><\/a><br>Trustworthy recommendations and analysis for a wide range of digital software, including browsers, search engines, password managers, VPNs, email services, and more.&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/freedom.press\/digisec\/guides\/\" data-type=\"link\" data-id=\"https:\/\/freedom.press\/digisec\/guides\/\"><strong>Freedom of the Press Foundation&#8217;s Digital Security Guides &amp; Resources<\/strong><\/a> <br>Includes timely posts on new and emerging digital security issues.<\/p>\n\n\n\n<p><a href=\"https:\/\/onlineharassmentfieldmanual.pen.org\/\"><strong>PEN America&#8217;s Online Harassment Field Manual<\/strong><\/a> and <a href=\"https:\/\/pen.org\/digital-safety-snacks\/\"><strong>Digital Safety Snacks<\/strong><\/a><br>PEN America supports journalists and writers.&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/facultyfirstresponders.com\/\"><strong>Faculty First Responders: Understanding Right-Wing Attacks on Faculty<\/strong><\/a><br>A peer-to-peer faculty collective founded by political scientist Isaac Kamola<\/p>\n\n\n\n<p><a href=\"https:\/\/researchersupport.org\/\"><strong>Researcher Support Consortium<\/strong><\/a><br>Includes a <a href=\"https:\/\/researchersupport.org\/resources\/\">Toolkit for <\/a><a href=\"https:\/\/researchersupport.org\/wp-content\/uploads\/2024\/09\/RSC_Toolkit_V2.pdf\">Institutions<\/a> to support researchers who are under attack or threat of attack.&nbsp;<\/p>\n\n\n\n<p><strong>AAUP&#8217;s<a href=\"https:\/\/www.aaup.org\/sites\/default\/files\/Targeted%20Online%20Harassment.pdf\"> Statement on Targeted Online Harassment of Faculty<\/a> (2017)&nbsp;<\/strong><br><strong><br>AAUP&#8217;s <a href=\"https:\/\/www.aaup.org\/issues\/targeted-harassment\/what-you-can-do-about-targeted-online-harassment\">What You Can Do About Targeted Online Harassment<\/a><\/strong><\/p>\n\n\n\n<p>Our brilliant colleagues and collaborators at <a href=\"https:\/\/libraryfreedom.org\/\"><strong>Library Freedom Project<\/strong><\/a><\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Get help<\/strong><\/h2>\n\n\n\n<p>Have questions about any of the above? We&#8217;re here to collaborate as you plan, implement, and troubleshoot. Email us anytime at <a href=\"mailto:digitalcolab@cornell.edu\">digitalcolab@cornell.edu.<\/a><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction: Individual and Collective Harms It\u2019s easy to mistake coordinated harassment as a problem affecting only individuals, since the immediate purpose of these attacks is to silence, humiliate, and isolate individual researchers. But the ultimate goal of harassment campaigns is to undermine and delegitimize higher education and public trust in academic expertise overall, with a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1947,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[22],"tags":[],"class_list":["post-22","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-privacy"],"_links":{"self":[{"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=\/wp\/v2\/posts\/22","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=22"}],"version-history":[{"count":76,"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=\/wp\/v2\/posts\/22\/revisions"}],"predecessor-version":[{"id":2872,"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=\/wp\/v2\/posts\/22\/revisions\/2872"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=\/wp\/v2\/media\/1947"}],"wp:attachment":[{"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=22"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=22"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digitalscholarship.library.cornell.edu\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=22"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}