The legal position relating to cyber abuse is very much nascent and in flux – there is a huge opportunity for development in this area and for global cohesion on this important issue. For now, the global legal position on addressing cyber abuse is patchy. A great resource on cyberlaws by geography can be found here.
Some American states have introduced laws specifically on cyber abuse, making it a crime to harass or bully another person online. Those laws can be relied upon by adults as well as for children.
In the UK, there is no one piece of legislation which covers this sensitive subject and cyber abuse is not a specific criminal offence. However, there are a number of pieces of legislation that can be relied upon.
For threatening behaviour or persistent harassment, the Protection from Harassment Act 1997 and the Crime and Disorder Act 1998 can be applied. The police have used the Protection from Harassment Act to address email abuse. Sending offensive messages is also a criminal offence under Malicious Communications Act 1988.
Persistent harassment by mobile device can be an offence under the Protection from Harassment Act. If phones are also used, the Telecommunications Act 1984 makes it a criminal offence to make abusive or anonymous calls.
In addition, it is a criminal offence under the Communications Act 2003 to send grossly offensive, indecent, obscene or menacing messages. Re-sharing such illegal content is considered to break the law in the same way as sending the original message (although this is currently untested).
Defamation laws employ the same concept: if you re-post/re-publish a defamatory remark, that re-publication is a new act of defamation. The UK law on defamation was recently updated in the form of the Data Protection Act 2013. To avoid liability themselves, operators have to act quickly to remove defamatory content when they have been told of its existence. Defamation laws can also be useful if you have the means to bring a civil action – the criminal elements of the law have fallen out of use. The test is whether a statement made about you to a third party is likely to bring your reputation into disrepute or make others think less of you. Bringing a defamation claim yourself in the courts would be very expensive, although it could be fruitful, for example a judge may order the disclosure of data about your abuser held by e.g. the abuser’s email provider, if the abuser is hiding behind a veil of anonymity.
If someone is using your photograph or image without your consent you can rely on data protection laws and potentially also copyright laws if you took the photo, to demand that they stop. The Data Protection Act 1988 can also be used where people are misusing any data that identifies you. These laws come from a European Directive. The recent UK referendum to leave the EU may result in changes in this area in due course, however for the foreseeable future, the laws apply in all EU countries. Contact your local regulator for support – for the UK that is the Information Commissioner.
The law enforcement authorities cannot help you with copyright infringement, but you can highlight this cause of action to relevant operators (e.g. the social media platform) as the basis for a request that they take action.
Legal jurisdiction is a major constraint in this area. UNICEF, the Human Rights Commission and the United Nations are working towards collaboration between governments around the world, which is much needed. Police powers are currently limited when offences are committed by people in other countries.
This is where the social media platforms come in. Twitter and Facebook, for example, have polices on handling abuse and they should be held to enforcing them.
SO, WHAT CAN I ACTUALLY DO?
1. Keep records
For abusers to be brought to account, there needs to be a record of what they have done. SAVE EVERYTHING. Take screenshots, keep a journal of dates and times, write down how you feel. Keep the journal to give to the police if it comes to that. It’s easier to record it as it happens than to do it all in one go.
2. Tell people
Cyber abuse can be extremely hurtful. Tell someone what you are going through. If you can, lean on those close to you for support.
3. Know how to respond.
It is generally unwise to communicate with an online troll. However, it can be helpful when building a case, to put beyond doubt that they are acting maliciously so, once it is clear you are being harassed and or abused, respond calmly to tell them to stop. Do not explain why, just state that you do not want them to contact you. You can copy this message and send it to their internet or phone provider or social network if you can establish who that is. Have NO further contact with the abuser and do not have others contact them. And beware the trap of retaliation – do not react.
4. Use ‘report abuse’ buttons/reporting mechanisms liberally!
Facebook’s help page on reporting problems is here. If abuse is persistent, also send them a full list of the abuse with dates and screenshots at firstname.lastname@example.org and by registered post to their US or UK address below. Always also send to the legal department in your country if they have an office there, as they are obliged to consider the risks posed – they cannot ignore you because the company is clearly within the jurisdiction of the local law. It is where there is no local office is where things become more difficult. They do not make it easy to contact them, but there are some additional contact resources you can try here.
Set out in your complaint all the elements that may be relevant: harassment, obscenity, maliciousness, defamation, use of personal data without consent, breach of confidence, copyright infringement. If you are famous, you may also be able to claim infringement of your image rights and possibly also trade mark infringement.
UK address: The General Counsel, Facebook UK, 10 Brock Street, London NW1 3FG
US address: The General Counsel, Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94303, USA
Twitter’s information page is here. There is a simple flow for reporting abuse and look out for report abuse buttons next to specific tweets. The contact resources for them are here.
They use a law firm as their UK registered office, but you can send your correspondence by post to them there – the law firm will forward it to Twitter’s legal department.
UK address: The General Counsel, Twitter UK Ltd, 100 New Bridge Street, London EC4V 6JA
US address: The General Counsel, Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103
5. Next and if the abuse is persistent or heinous, contact law enforcement.
If there is a central point in your country, use it e.g. if the police have a cyber crime department. If not, contact your local police force and be bold about asking them to take action. What you want is for the abuse to stop and the perpetrators to be held to account.
If you are being abused anonymously, the first step is to find out your abuser’s identity. The police can help with this by making a request for data from the social media or telecommunications provider. They will be looking for an ‘IP address’ (or mobile equivalent identifier) in the first instance and from there they will usually be able to track back to the individual. However, it’s not guaranteed at this point what kind of law enforcement can be provided as highlighted above.
The Crown Prosecution Service in the UK has issued a set of guidelines on how they will assess and handle cases of cyber abuse. They are committed to take action but they need your help and determination.
If you receive death threats or believe there to be an immediate physical danger, please dial your local emergency number immediately e.g. 999 for the UK, 911 for the US.
6. Help us take action in the world by making steps 1-5! We can only make change together…