Reporting a South Africa-based harasser from Northern Ireland

Good documentation is the backbone of every other step. It builds the pattern that proves intent, it gives police and courts something to act on, and it survives even if the perpetrator deletes accounts. The guidance below comes from official safety and policing bodies across several countries. ## Capture context, not just the bad comment Australia's eSafety Commissioner advises capturing "the full conversation (rather than the abusive comment on its own), as well as account details, dates and times," and noting the web page address (URL) and the other person's user profile. Both screenshots and screen recordings are endorsed (screen recording is useful for content that scrolls). The practical takeaway: a good capture shows the username, the URL, and the date and time together, not a bare cropped screenshot. PEN America's Online Harassment Field Manual makes the same point about why this matters over time: documenting harassment creates a record that "alerts you and others to abuse patterns and escalations." Capturing the perpetrator's own words and behavior across time is how you surface intent and escalation. ## Keep the original file, because metadata is provenance Tech Safety Canada advises that you "should always safely store the digital original" rather than forwarding or re-copying it, capture the person's profile URL and a visible date and time, and print or save "directly after you have captured it," because "opposing counsel could claim there was manipulation of evidence... if there was a delay." Saving the original file (rather than forwarding or screenshotting a copy) is the practical mechanism by which authenticating metadata survives. Canadian law-enforcement cyberbullying guidance (RCMP) reinforces recording dates and times, capturing full conversation context with visible timestamps, usernames, and platform, and saving originals. ## Back up in more than one place Accounts and content can be deleted, so keep redundant copies. Tech Safety Canada suggests you "email or text the document to a device that you will continue to have secure access to so you have an extra copy." Canadian guidance recommends backups in multiple locations (for example cloud plus physical plus a printed hard copy kept in chronological order). ## Keep a contemporaneous log UK College of Policing stalking and harassment guidance treats the victim's own diary or log of incidents, and retained correspondence from the suspect, as key evidence; officers are advised to ask victims to keep a diary and explain how to complete it, and some forces issue formal stalking and harassment diary sheets. A dated, ongoing log of incidents is recognized, valuable evidence. ## Email evidence: preserve the headers Emailing a copy of evidence to yourself or a trusted contact can give you an independent third-party (mail-server) timestamp and a redundant copy. But there is an important caveat: forwarding or screenshotting an email strips or overwrites the original metadata. As the Safety Net email-evidence guidance explains, "in a forward, the original email header is replaced with a header that contains the forwarder's information," and "it is also not possible to uncover the header with just a screenshot or photo of the email body." To preserve provenance, keep the original message and its full headers (access the original electronic version via your webmail account, device, or email server). A self-generated email timestamp is corroborating, not conclusive. ## Why a postmark (or self-mailed copy) is weak proof Mailing yourself a copy, or relying on a postmark, proves only that an item existed and was in your possession on a date. It does not prove who wrote it, that any official action was taken, or that the content is unaltered, and it is tamperable. This is the well-documented "poor man's copyright" fallacy: the US Copyright Office states "there is no provision in the copyright law regarding any such type of protection, and it is not a substitute for registration." The same logic applies to reporting: a postmark or self-mailed copy does not prove a crime was reported. The durable proof that a report exists is the official police report or file reference number issued by police, which you should keep for follow-up. (This police-report analogy is a reasoned synthesis of the poor-man's-copyright point plus the role of official report numbers, not a single direct citation.) ## New Zealand caution: preserve before you block, and do not store "objectionable" content New Zealand's Netsafe advises screenshotting harmful content; for emails, saving both the message contents (with the date and time received) and the email headers; and recording the full URL of each page. Critically, it advises: "Contact Netsafe, or the Police first before deleting any content or blocking the abuser's number or profile (as this can be important evidence)." Netsafe also warns: "Do not screenshot or store content you believe is objectionable. It's illegal in NZ to store, send or share objectionable content. Instead contact Netsafe or the Department of Internal Affairs immediately." This jurisdiction-specific caution matters for any cross-border situation, because blanket "screenshot everything" advice can backfire. General legal information, not legal advice.

Swatting is when someone makes a false emergency report (such as a hostage situation or active shooter) to send armed police to your address. If you have been doxxed or threatened, this is a real risk, and there are concrete, sourced precautions. ## What the FBI advises The FBI/IC3 swatting public service announcement (29 April 2025) advises victims to "retain all information regarding the incident, such as usernames, email addresses, websites, or names of platforms used for communication, photos, or videos," to immediately report it to local law enforcement and to IC3/FBI, and to "discuss swatting with your family members or colleagues and have a plan in place in the event of law enforcement contact" at the residence. Important: this FBI PSA does not tell victims to pre-emptively register or notify police that they are a swatting target before an incident. Its preventive advice is limited to retaining incident information and having a family or colleague plan. The proactive pre-notification step below is supported by other authoritative sources, but should not be attributed to the FBI. ## The proactive notification precaution The core proactive precaution is to give your local police context in advance, so that a later fake emergency call to your address is met with caution rather than a maximal armed response. The ACLU advises: "If you are concerned about this kind of attack and you trust your local police to be reasonable, consider calling your local police's nonemergency number to alert them to the likelihood of false reports about your address," and it links a verbal script to request that extra precautions be taken by first responders if a report is received about your address. The "if you trust your local police to be reasonable" caveat is worth keeping in mind. Mainstream security guides give the same advice in operational terms: "Contact your local police department. Tell them what you do for a living and that you might be a target for swatting attacks. Tell the police that if they get a call about an active threat at your home address, they should first contact you to confirm that it's true." The goal is to turn an unverified hostage or shooting report into one the dispatcher already knows to treat with suspicion. ## Formal registries exist in some places, but are not universal Some jurisdictions offer a formal opt-in flag. The Seattle Police Department runs an opt-in anti-swatting program (launched 2018): residents who fear being targeted register their address through the Smart911 / Rave Facility system, and "when the 911 call center receives a report of a critical incident, they can dispatch responders and simultaneously check to see if residents at the address registered a concern for swatting on Rave Facility," passing that context to responding officers. Most jurisdictions, however, have no formal swatting registry. Where none exists, the realistic fallback is the ACLU's advice: call the local police non-emergency line and give them context. Do not assume a national or standard registry exists. General legal information, not legal advice.

If a single perpetrator is harassing several people, the strongest approach is to treat it as one connected pattern rather than a scatter of unrelated, isolated complaints. A documented multi-victim pattern is powerful evidence of intent and fixation, and the law recognizes it. ## Coordinated harassment of multiple people can be one legal pattern UK Crown Prosecution Service guidance establishes that coordinated harassment of multiple victims can legally constitute a single "course of conduct." The CPS states: "Harassment may be committed against two or more persons," and "this covers collective harassment, whether directed towards members of the same family, neighbourhood, protected characteristics, trade or profession, organisation, or institution." Prosecutors are told that gathering evidence "should focus on the wider pattern of behaviour and on the cumulative impact on a victim." A campaign connected by a common motive or behavior links together as one pattern. That is precisely why a documented multi-victim pattern is strong evidence of intent and fixation. ## Why a cross-victim pattern matters Criminal harassment and stalking charges typically require demonstrating a sustained course of conduct, and often a specific intent, rather than a single offensive comment. A single instance of bad language or an opinion is generally not enough on its own. A pattern across multiple complainants helps establish the sustained conduct and the intent that a single instance cannot. (The broad legal logic here is authoritative via the CPS course-of-conduct framework; specific intake-categorization wording from non-official sources should be treated as illustrative.) ## Cross-referencing official report numbers When victims of the same perpetrator coordinate, the durable link between their cases is the official police report or file reference number, not the mere fact that they know each other. When you file a report, police give you a file or report number that you should keep for follow-up, and reports help police "identify patterns... repeat suspects." Co-victims cross-referencing each other's official reference numbers lets the forces link, retrieve, and corroborate related reports, and lets a Legat or NCB match parallel cases across borders. This cross-referencing of reference numbers is presented as best-practice reasoning grounded in two verified pillars (official report numbers exist and are kept for follow-up, and the CPS treats a one-offender, multiple-victim campaign as a single course of conduct). It is a sound operational extrapolation, not a directly quoted official instruction. General legal information, not legal advice.

When someone is harassing you, impersonating you, or spreading content about you on a social platform, it helps to understand what genuinely makes a platform take content down, and what is a waste of time. ## The three levers that actually force removal In practice there are only three things that force a platform to remove content or an account: 1. A court order or injunction. A judge orders the content removed. This requires a lawsuit and a court.

1. A law-enforcement request submitted through the platform's official legal portal. A sworn officer working your case submits a request through the platform's dedicated law-enforcement webform. This is why a police report and reference number matter: it is an officer with an open case, using the official portal, who can move this lever, not you directly.
2. The platform's own Community Guidelines enforcement after a report. The platform reviews the reported content against its rules and removes it if it violates them. Of these three, Community Guidelines enforcement is the only free, immediate lever a victim can pull directly. The first two require either a lawsuit and a court, or a sworn officer with an open case. You cannot invoke the court-order or law-enforcement levers yourself. ## Informal emails are ignored Do not waste time emailing a platform's general or legal@-style inbox, or messaging from a personal email address, to demand a takedown. Platforms route real legal and law-enforcement requests only through their official portals. TikTok's own Law Enforcement Guidelines state plainly that it "will not respond to requests for user data sent by non-law enforcement officials or when they are sent through informal channels (such as personal email addresses)." Emergency law-enforcement requests must come from a sworn law-enforcement official and from an official law-enforcement email domain. The same pattern holds across platforms: Meta requires a government-issued email at facebook.com/records; X requires a government agency to use legalrequests.x.com; Twitch requires legal process served through the Amazon Law Enforcement Request Tracker and "does not accept requests... or service of process, via e-mail or fax." The informal-email path simply is not the path that gets actioned. The officer working your case is the one who uses the portal. ## Report each item, per video and per comment On TikTok you can report any post (video), comment, account, or direct message for violating Community Guidelines, from the app or a web browser. Reporting is confidential: TikTok states it "will not disclose your identity to the person whose content or account you're reporting." To report a video: In the app, open the post, tap the Share button (or press and hold the post), tap Report, select a reason (and a subtopic if prompted), then tap Submit. On the web, hover over the More options (...) button on the video, click Report, select a reason and subtopic, then click Submit. To report a comment: TikTok has a separate, dedicated comment-report flow (press and hold the comment, then tap Report). Report harassing comments individually, per comment, rather than only reporting the video. ## Impersonation has its own separate report flow If someone is pretending to be you, that is not the same as reporting a single offensive video, and it uses a different path. TikTok provides a separate impersonation report flow: go to the impersonating profile, tap the three dots (top right), tap Report, then Report account, then select the impersonation reason ("Pretending to be someone"). There is also a web impersonation form that can require a real ID and lets you list multiple fake accounts in one report. TikTok's policy bans impersonation: it "does not allow accounts that impersonate individuals or organizations in a misleading or malicious way," while permitting clearly labeled fan or parody accounts that do not confuse users. Other platforms have their own impersonation report forms too (for example, X's impersonation reporting is filed by the impersonated person or an authorized representative). ## Do not use mass-reporting tools or organize a brigade It is tempting to rally friends or use a third-party "mass report" tool or bot to pile reports onto an impersonator. It does not work, and it can backfire. TikTok's own position is explicit: "Mass reporting content or accounts does not lead to an automatic removal or to a greater likelihood of removal" by its Safety team. Removal turns on whether the content actually violates the Community Guidelines, reviewed by human moderators, not on how many reports it receives. Mass-reporting tools violate platform policy and are the wrong move. Use the legitimate per-item report, the separate impersonation report, or the law-enforcement and court routes instead. General legal information, not legal advice.

If the person harassing you lives in a different country, the case has to move between police forces. Understanding how that works tells you what to ask for and why your role is to keep your officer supplied with what they need. ## You cannot self-start INTERPOL or an MLAT, only police can INTERPOL is the world's largest police organization, with 196 member countries. But it works through each country's National Central Bureau (NCB), and the public cannot report to it directly. INTERPOL's own NCB page states: "INTERPOL NCBs do not respond to requests from the general public. Anyone wishing to report a crime or provide information on an international investigation should contact their local or national police, who will in turn contact the NCB." The US side says the same: private citizens report crimes through their local police or law-enforcement agency, which may then contact INTERPOL Washington if international assistance is required. The same is true of formal evidence requests between countries. A Mutual Legal Assistance Treaty (MLAT) request can only be made by government authorities (prosecutors, investigating judges, criminal investigators) and must be transmitted through a country's legally designated Central Authority. "All requests made pursuant to MLATs must be submitted through the Central Authority," and MLATs "are not available for use by private parties." A victim cannot file an MLAT request, only the investigating officer or prosecutor can. So your leverage is the explicit ask. You cannot trigger INTERPOL or an MLAT yourself; you trigger them by getting your investigating officer to make the request. ## The FBI's overseas offices (Legats) coordinate, they do not police The FBI runs legal attache (Legat) offices in "dozens of locations" around the globe, "providing coverage for more than 180 countries, territories, and islands," with about 250 special agents and support personnel stationed abroad. Legats sit in US embassies and cover the countries most relevant here, including London (covering the UK, Ireland, and the Channel Islands), Ottawa (Canada), Mexico City, Canberra (Australia), and Wellington (New Zealand). The FBI opened a standalone Legat office in Wellington on 31 July 2025; it had been a suboffice of the Canberra Legat since 2017. Crucially, Legats have no law-enforcement powers overseas. "Since FBI agents do not have traditional law enforcement powers overseas, they must rely on strong, mutually beneficial relationships with their foreign counterparts." The FBI "conducts investigations abroad only when invited by the host country. In most cases, our international partners gather evidence and make arrests on behalf of, or in close cooperation with, the Bureau." Legat duties include coordinating requests for assistance and coordinating victim assistance. They are a coordination channel, not a force that swoops in. ## The US entry points: a local field office and IC3 For a US-connected victim, the practical entry points are your local FBI field office and the FBI's Internet Crime Complaint Center (IC3) at ic3.gov. IC3 itself does not investigate; "trained analysts at the IC3 review and research the complaints, disseminating information to law enforcement and partner agencies, as appropriate," and "investigation and prosecution are at the discretion of the receiving agencies." IC3 explicitly accepts cross-border reports, including from "citizens of another country or who may be reporting a subject in another country." For an ongoing crime or a threat to life, contact your local field office or call 911. ## Formal evidence channels differ by country Bilateral MLATs with the United States are in force for the UK (entry into force 2 December 1996), Canada (24 January 1990), Mexico (3 May 1991), and Australia (30 September 1999), but not for New Zealand. US to New Zealand formal assistance runs instead through multilateral conventions and non-treaty letters rogatory and comity. For multilateral cooperation, the Council of Europe Budapest Convention on Cybercrime provides a standing framework for cross-border preservation and exchange of electronic evidence, including a 24/7 contact-point network. Among the countries here, the US, UK, Canada, Australia, and New Zealand are parties. New Zealand became the 81st party (acceded 28 August 2025; in force for New Zealand 1 December 2025), so the multilateral channel is available US to New Zealand even though no bilateral US to New Zealand MLAT exists. Mexico is not a party to the Budapest Convention; for a Mexico-based perpetrator the correct formal evidence channel is the US to Mexico bilateral MLAT, not the Budapest Convention. ## The realistic playbook Putting the verified mechanics together: - Report at home and in the perpetrator's country. Each country's police are the ones who can open the NCB or MLAT channel on their end, and IC3 explicitly accepts reports about a subject in another country.

• Keep and cross-reference every reference and complaint number. Cross-referencing lets each force link to the parallel case so a Legat or NCB can match them.
• Explicitly ask each investigating officer to pursue international coordination, through the NCB/INTERPOL channel, an MLAT via the Central Authority, and/or the in-country FBI Legat. You cannot self-initiate these; only the officers can. This consolidated playbook is a reasoned synthesis; each underlying mechanism is individually verified from FBI, DOJ, INTERPOL, and IC3 sources, though no single official page states the four-part script verbatim. General legal information, not legal advice.