Voted? You Got Doxed

Hey there, Joseph here. Good news: if you voted in the U.S. yesterday, you're doxed! No, seriously. Voter records are technically public records, but I doubt many people realize when they vote their name and address ends up on a website that anyone can search for free at anytime. It makes voting a privacy and security risk. Great!

If you voted in the U.S. presidential election yesterday in which Donald Trump won comfortably, or a previous election, a website powered by a right-wing group is probably doxing you. VoteRef makes it trivial for anyone to search the name, physical address, age, party affiliation, and whether someone voted that year for people living in most states instantly and for free. This can include ordinary citizens, celebrities, domestic abuse survivors, and many other people.

Voting rolls are public records, and ways to more readily access them are not new. But during a time of intense division, political violence, or even the broader threat of data being used to dox or harass anyone, sites like VoteRef turn a vital part of the democratic process—simply voting—into a security and privacy threat.

This segment is a paid ad. If you’re interested in advertising, let's talk.

Your personal data can easily be found with a simple Google search—DeleteMe is here to help. Join a growing community of privacy champions, from individuals to forward-thinking businesses, seeking to stop the leak at the source. We're offering 404 Media readers 20% off all consumer plans.

“Digitizing and aggregating data meaningfully changes the privacy context and the risks to people. Your municipal government storing your marriage certificate and voter information in some basement office filing cabinet is not even remotely the same as a private company digitizing all the data, labeling it, piling it all together, making it searchable,” Justin Sherman, a Duke professor who studies data brokers, told 404 Media in an email.

When someone visits VoteRef, they are greeted by a map of the U.S. and a search bar. All a user has to do is then search for someone by their name or lookup an address. 404 Media found many friends, colleagues, and other people in the data. In many cases this includes the address they provided when registering to vote, their age, and party affiliation. Ordinarily if someone wanted to access this voter data, they may need to go to each state body individually and purchase or request it. VoteRef bypasses that. And when someone provides their address when registering to vote, many are probably not aware that their address will end up publicly available on this website for anyone to look up.

“Services like VoteRef prove how invasive these services are. It feels inherently creepy to type a name into the VoteRef search bar and to see their entire voting history coupled with their demographic information. Most people probably don’t know that this type of personal information is available to the public, and they’d probably prefer to opt out of this service if they knew it existed. Today, privacy is less about whether the information exists, and more about people’s ability to control their own data,” Sarah Lamdan, deputy director of the Office for Intellectual Freedom and the American Library Association, and author of Data Cartels, told 404 Media in an email.

“Discrete bits of data, like whether someone has a fishing license, whether someone owns a deed to a particular plot of land, don’t seem very invasive, especially when you have to go, in person, to a different state or local agency to get each piece of information. But when all of our records are collated and collected in data dossiers, even ‘public records’ become very invasive,” Lamdan said.

The Voter Reference Foundation, which runs VoteRef, is a right wing organization helmed by a former Trump campaign official, ProPublica previously reported. The goal for that organization was to find irregularities in the number of voters and the number of ballots cast, but state election officials said their findings were “fundamentally incorrect,” ProPublica added. In an interview with NPR, the ProPublica reporter said that the Voter Reference Foundation insinuated (falsely) that the 2020 election of Joe Biden was fraudulent in some way. 404 Media has found people on social media using VoteRef’s data to spread voting conspiracies too.

VoteRefIt has steadily been adding more states’ records to the VoteRef website. At the time of writing, it has records for all states that legally allow publication. Some exceptions include California, Virginia, and Pennsylvania. ProPublica reported that VoteRef removed the Pennsylvania data after being contacted by an attorney for Pennsylvania’s Department of State.

On its website, VoteRef writes that it has the “goal of encouraging greater voter participation in all fifty states.” VoteRef did not respond to multiple requests for comment asking how publishing this information encourages greater voter participation. 

“Policymakers need to get with the times and recognize that data brokers digitizing, aggregating, and selling data based on public records—which are usually considered 'publicly available information' and exempted from privacy laws—has fueled decades of stalking and gendered violence, harassment, doxing, and even murder,” Sherman said. “Protecting citizens of all political stripes, targets and survivors of gendered violence, public servants who are targets for doxing and death threats, military service members, and everyone in between depends on reframing how we think about public records privacy and the mass aggregation and sale of our data.”