Attitudes towards online abuse have undergone a sea change over the last decade. In the past, cyber-harassment – often a perfect storm of threats, impersonations, defamation, and privacy invasions directed at an individual – was routinely dismissed as “no big deal”.

So it was for one Yale law student. Starting in 2007, on an online discussion board, a cyber-mob falsely accused her of having herpes and sleeping with her dean. Anonymous posters described how they would rape her; they chronicled her daily whereabouts and prior jobs. Yet law enforcement told the student to ignore the attacks because “boys will be boys”. Officers advised her to “clean up” her cyber-reputation, as if she could control what appeared about her. Trivialising online abuse and blaming victims was the norm.

There are laws available in the UK to bring to bear against online abuse

Today, the public has a deeper appreciation of victims’ suffering. As advocacy groups like the Cyber Civil Rights Initiative have shown, and as society has come to recognise, the costs of cyber-harassment are steep. Because searches of victims’ names prominently display the abuse, victims have lost their jobs. They have had difficulty finding employment. Employers do not interview victims because hiring people with damaged online reputations is risky. Victims struggle with anxiety and depression. They withdraw from online engagement to avoid further abuse. Women, especially younger women, are more often targeted than men, but in either case, the abuse often has a sexually demeaning and sexually threatening cast.

Legal developments reflect a growing understanding of cyber-harassment’s harms. In the US, 27 states have criminalised revenge porn – also known as non-consensual pornography. California’s attorney general Kamala Harris created a first-of-its-kind online resource to train law enforcement about cyber-harassment. Her office successfully prosecuted revenge porn operators for soliciting the posting of nude photos and charging for their removal. Inspired by Harris, the Federal Trade Commission entered into a consent decree with a revenge porn operator for inducing the disclosure of confidential information for financial gain.

In the UK, cyber-harassers have been held responsible for their destruction. There are now laws to bring to bear against online abuse. Prosecutions under the Malicious Communications Act have resulted in convictions, as in the case involving death threats tweeted at Caroline Criado-Perez. In April 2015, the UK criminalised revenge pornography. What the UK still needs is better training of law enforcement and perhaps some clarification of the laws already on the books rather than a new set of laws, as the Conservative MP Maria Miller suggested this week.

Two jailed for Twitter abuse of feminist campaigner Read more

Even with better training the law is a blunt tool. Its effectiveness depends upon the discretion of the officials invoking it. We have seen law enforcement pursue frivolous cases, which undermine society’s confidence in harassment and threat laws. We have seen prosecutors pursue individuals who, by all societal accounts, are either trying to help others or are victims themselves. Prosecutorial overreaching and poor judgment are risks, no matter the crime at hand. But efforts to deter and prosecute crimes should not be abandoned because some prosecutors may abuse their power.

Then, too, law may not be able to reach some online assaults. For instance, criminal law may not cover the individual acts of a cyber-mob, even though the abuse as a whole is destructive. Each member of a mob may have contributed a little and thus no one person has transgressed harassment laws, which require repeated “course of conduct”. There is also the practical reality of dealing with a cyber-mob. As in the case of games designer Zoe Quinn, who was targeted in “Gamergate”, victims have urged prosecutors to drop cases because the attacks got worse – not better – after charges were filed. Civil claims can only be brought if victims have the resources to hire counsel or find lawyers to take on cases pro bono.

Since law cannot do it all, and should not do it all given our commitments to free expression, who else can combat cyber-harassment? Civil society should step in. Schools, community leaders, and family members should help inculcate norms of respect. Being told to avoid playground fights at school is par for the course – so too should be discussions about the responsibilities of digital citizenship. Young people must be taught about our shared responsibility for online safety.

Private companies have a role to play as well. Indeed, market forces may be pushing them in that direction. Advertisers have threatened to pull their business unless platforms ban bigoted online abuse. Whether it is thanks to commercial interests or social responsibility, some online platforms have taken a stand against cyber-harassment. Social media providers, including Facebook, Microsoft, and Twitter, now ban threats, cyber-harassment, and non-consensual pornography.

Insults and rape threats. Writers shouldn’t have to deal with this | Jessica Valenti Read more

Companies should be clear about their policies. They need to explain what they mean by “cyber-harassment”, “non-consensual pornography”, “threats” and “bullying”. Users will then have a better understanding of precisely what is and what is not prohibited. Platforms should explain whether content will be taken down or what the next step would be. To ensure the fairness of the complaint process, companies should notify users of their decisions and give them a chance to appeal.

Of course, private companies do not owe their users any formal obligation of due process. But they should have an appeals procedure, because when people perceive a process to be fair they are more inclined to accept its results. Clear policies, a means of review, and transparent enforcement decisions will help to protect users from destructive abuse and set clear norms for sites.

What about startups that lack resources to address complaints comprehensively? Users could be recruited to help enforce community norms. The multiplayer online game League of Legends has enlisted users to help address players’ abusive behaviour, notably harassment and bigoted epithets, with much success.

In short, there is no magic bullet to combat cyber-harassment. But this is an opportune moment to educate the public about the destruction wrought by cyber-harassment and the various ways of addressing it. Social attitudes trivialising it can be reversed before they become entrenched. If we act now, future generations might view cyber-harassment as a disgraceful remnant of the internet’s early history.