Officials urge public to refrain from 'box-opening'
China's top internet regulator said on Tuesday it is taking a zero-tolerance approach to the online practice known as "box-opening", or doxing, a form of cyber-enabled privacy invasion that has drawn widespread concern over online abuse and personal information leaks.
Box-opening, a term originating from Chinese cyberspace, refers to the malicious act of publicly disclosing others' personal information such as names, ID numbers, phone numbers, home addresses and social media accounts, often followed by inciting netizens to launch verbal attacks or harassment.
According to a release by the Office of the Central Cyberspace Affairs Commission, a recent notice was issued requiring local cyberspace authorities and online platforms to intensify efforts to combat the practice. These measures include blocking the spread of related content, strengthening early-warning systems, increasing penalties and optimizing protection mechanisms.
The commission also convened a special meeting, calling on major platforms such as Weibo, Tencent, Douyin and Xiaohongshu, also known as RedNote, to strictly implement the new directive and adopt a zero-tolerance stance.
A senior official from the commission said the issue directly affects people's vital interests. In recent weeks, cyberspace authorities have cleaned up large volumes of illegal or noncompliant content related to box-opening, shut down accounts and groups involved, and imposed penalties on three major platforms, the official said.
The commission has also organized key websites to publish typical cases and report relevant criminal clues to law enforcement.
Obtaining and publicly disclosing others' personal information via box-opening potentially constitutes a crime, the official said, calling the practice "extremely egregious".
In the next phase, authorities will continue to urge platforms to remove content that discloses personal data, incites privacy leaks or encourages attacks, ridicule or abuse of others. Content that promotes box-opening tutorials or services will also be removed.
The regulator also ordered platforms to establish fast-track reporting channels for box-opening incidents and to promptly handle user complaints and reports.
Public concern over box-opening escalated in March after a 13-year-old girl and others used the method to launch online attacks against a pregnant woman and her family. The incident began after the woman posted a non-offensive opinion about a South Korean celebrity idolized by the girl.
The girl's Weibo profile indicated her father was Xie Guangjun, a vice-president at search giant Baidu. In a comment on another post, the girl claimed the private information she exposed came from her father.
Xie later apologized on his semipublic WeChat account but said the data had been sourced from overseas social media sites. Baidu denied any internal leak, stating at a news conference that the information came from "social engineering databases "circulated in Telegram groups and other overseas platforms — containing data obtained by hackers through website breaches and fraud.
jiangchenglong@chinadaily.com.cn
