South Dakota Doxxing Law: New Criminal Penalties Implemented

The digital landscape of 2026 has become a battlefield where the lines between public service and private safety are increasingly blurred. On April 27, 2026, South Dakota took a definitive stand in this escalating conflict as Governor Larry Rhoden and Attorney General Marty Jackley officially moved to implement a rigorous new legal framework designed to dismantle the practice of doxxing. Centered on the implementation of House Bill 1084 and the complementary House Bill 1298, this legislative duo represents one of the most aggressive attempts by a U.S. state to criminalize the malicious release of personal information.

The South Dakota doxxing law rollout, detailed in a series of guidelines sent to law enforcement agencies across the Mount Rushmore State, signals a paradigm shift. No longer is doxxing viewed merely as a breach of “netiquette” or a civil grievance; in South Dakota, it is now being codified as a criminal act with the explicit goal of “prevention through prosecution.” For the men and women in uniform, and the judges who preside over the state’s courts, this law provides a long-overdue shield against a “new age threat” that has seen their home addresses and private contact details weaponized by bad actors.

The Two-Pronged Strategy: Understanding HB 1084 and HB 1298

The legislative effort in South Dakota is not a singular hammer but a coordinated surgical strike. To understand the full scope of the South Dakota doxxing law, one must look at the two distinct bills that form its foundation. While they both target digital harassment, they attack the problem from different angles: administrative prevention and criminal retribution.

• House Bill 1084 (Administrative Shielding): This bill focuses on the source of the data. It amends the public availability of information within the statewide voter registration files. By removing the home addresses and personal phone numbers of law enforcement officers, federal and state judges, and legislators from these public registries, the state is effectively closing a primary vector for doxxers who harvest “legitimate” public records to fuel their harassment campaigns.
• House Bill 1298 (Criminal Prosecution): Sponsored by Representative Matt Roby, this bill establishes doxxing as a specific criminal offense. It targets the act of electronically publishing personal identifying information (PII) with the malicious intent to cause fear of death, great bodily harm, or to incite others to harass the official at their residence. This bill effectively integrates doxxing into the state’s stalking and harassment statutes, carrying heightened penalties when the victim is a public official.

Together, these laws create a “closed loop” system. HB 1084 makes it harder for the information to be found, while HB 1298 ensures that if it is found and used maliciously, the perpetrators face immediate and severe legal consequences.

The Technical Mechanics of Doxxing in 2026

To appreciate why the South Dakota doxxing law is so critical, one must understand the technical sophistication of modern doxxing. In the early days of the internet, doxxing was often limited to “script kiddies” digging through social media profiles. Today, it is a high-tech discipline involving Open Source Intelligence (OSINT) tools and the exploitation of data broker APIs.

Doxxers often use automated scrapers to pull data from thousands of sources simultaneously. These sources include property tax records, voter registration files (the specific target of HB 1084), leaked databases from prior corporate hacks, and “people search” websites. By cross-referencing a target’s name across these disparate datasets, a malicious actor can build a comprehensive profile—including the target’s home value, the names of their children, their daily commute routes, and even their genetic data (another area of privacy Governor Rhoden has recently addressed through separate legislation).

The South Dakota doxxing law recognizes that “the internet is forever.” As Katie Hruska, the governor’s general counsel, noted during the legislative hearings, a single publication can be shared hundreds of times and stored indefinitely. By the time a victim realizes they have been doxxed, the damage is often irreversible. Therefore, the South Dakota model focuses on “prevention through prosecution”—creating a deterrent so strong that the risk of doxxing outweighs the perceived “reward” for the harasser.

“Occupational Hazards”: Why Law Enforcement and Judges?

Critics often ask why these protections are not immediately extended to every citizen. The South Dakota legislature’s focus on law enforcement and judges is a strategic decision born of necessity. Governor Rhoden and Attorney General Jackley have described doxxing as an “occupational hazard” for those in the justice system. In their April 27 letter to agencies, they highlighted a disturbing trend of officers being targeted in their homes—not for their personal actions, but for their role in the state’s legal machinery.

When a judge’s home address is posted online following a controversial ruling, or when a police officer’s personal phone number is blasted on social media after an arrest, the intent is rarely “transparency.” It is almost always intimidation. By targeting the families of public servants, doxxers attempt to exert extrajudicial pressure on the legal system itself. The South Dakota doxxing law asserts that while public officials are subject to public scrutiny, their private residences and their families are strictly off-limits.

The Implementation Blueprint: A Message to Agencies

The implementation guidelines released on April 27 provide a tactical blueprint for how the South Dakota doxxing law will be enforced. Attorney General Marty Jackley has instructed the Division of Criminal Investigation (DCI) and local sheriffs to treat doxxing reports with the same urgency as physical threats. The guidelines outline several key procedural shifts:

1. Digital Forensics Integration: Local agencies are encouraged to utilize state-level cybersecurity resources to trace the origin of doxxing posts, even those masked by VPNs or encrypted platforms.
2. Intent Verification: Prosecutors are trained to identify the “intent to harm” by looking at the context of the leak—such as accompanying “call to action” messages or the use of inflammatory language.
3. Voter File Scrubbing: County auditors are now mandated to implement the safeguards of HB 1084, ensuring that protected officials’ data is purged from the “master registration file” accessible to the general public.

This proactive stance is designed to send a clear message: the state will not wait for a physical confrontation to occur before acting. If the digital matches are lit, the legal fire department will be dispatched immediately.

Navigating the First Amendment: The Legislative Tightrope

One of the most significant challenges in crafting the South Dakota doxxing law was ensuring it did not infringe upon First Amendment rights. Freedom of speech and the right to petition the government are foundational American values. To avoid “chilling” legitimate political discourse, HB 1084 and HB 1298 were narrowly tailored.

The law does not criminalize the act of disagreeing with a public official or even publishing information that is already legally and widely available in a non-malicious context. Instead, it focuses on malicious intent and the likelihood of harm. For a prosecution to be successful under the new South Dakota framework, the state must prove that the information was released with the specific purpose of inciting harassment or fear. This distinction is vital; it protects the whistleblower and the journalist while stripping the shield of “free speech” away from the digital stalker.

Practical Defense: How the General Public Can Prepare

While the current iteration of the South Dakota doxxing law prioritizes public officials, it serves as a wake-up call for the general public. The technical infrastructure used to dox a judge is the same infrastructure used to dox a private citizen. As the state moves toward a July 1, 2026, effective date for the criminal provisions of HB 1298, security experts recommend that all residents take proactive steps to “scrub” their digital presence.

Recommended Privacy Steps:

• Audit Public Registries: Use privacy tools to check what information is currently available on people-search sites and data brokers.
• Enable Privacy Settings: Ensure social media profiles are set to “private” and remove any geotagged data from historical posts.
• Use Data Deletion Services: Consider services that automatically send “opt-out” requests to data brokers to remove your PII from their databases.
• Monitor for “Drips”: Set up Google Alerts for your name and address to detect early signs of a doxxing attempt.

The implementation of the South Dakota law highlights that in 2026, privacy is no longer a passive state; it is an active defense. By scrubbing personal data from public registries before they can be weaponized, individuals can significantly reduce their risk profile.

Conclusion: South Dakota as a National Bellwether

The rollout of the South Dakota doxxing law on April 27, 2026, is more than just a local policy update; it is a preview of the future of digital governance. As more states grapple with the “wild west” of online harassment, the Rhoden-Jackley model offers a compelling, albeit aggressive, solution. By combining administrative data protection with rigorous criminal prosecution, South Dakota is attempting to restore a sense of safety to the digital age.

As Attorney General Marty Jackley aptly stated, “No one should feel unsafe in their own home.” By treating digital threats with the same gravity as physical ones, South Dakota is reinforcing the rule of law in a world where the keyboard has become as potent as any weapon. Whether this law will survive the inevitable constitutional challenges remains to be seen, but for now, South Dakota has drawn a line in the digital sand—and it is a line that other states are likely to follow.