FalseOS
Expose the lies. Report the abuse.
General legal information
Not legal advice
Online harassment reporting guide

Reporting online harassment in Scotland

Step-by-step, source-backed guidance: where to file, the exact offences to name, and how to escalate until your case is assigned.

URGENTIn immediate danger? Call 999 now.

999 (112 also works across the UK/EU). Use 999 if a crime is happening now, there is a threat to life, violence is being used or threatened, or a suspect is nearby. Textphone users dial 18000; an emergency-SMS service (register first by texting "register" to 999) is available for those who cannot make a voice call.

Most people here are not in an active emergency. To start an official record, use the non-emergency steps below.

STEP 1

Start the paper trail

File a non-emergency report, and do the single most important thing: get your report / reference / occurrence number. That number is the key that unlocks platforms, prosecutors, employers and protective orders.

Police Scotland non-emergency phone line (101) - lead paper-trail channel

Call 101 to report a crime that does not need an emergency response, to speak to your local officer, or for advice on whether online behaviour is a crime. Ask the call handler to RECORD the report and to give you the crime reference / incident number, and write it down. The crime reference number is your official paper-trail anchor for follow-up and insurance.

101 (24/7). Textphone: 18000.Official source · scotland.police.uk ↗
Police Scotland online reporting portal (stalking, harassment, domestic abuse, hate crime, other non-urgent crime)

Use ONLY for non-urgent matters; the form is reviewed and progressed in slow time by the relevant department. Complete all detail fields (dates, times, accounts/URLs, evidence held). This starts an official record. Do not use the online form if you need police urgently; dial 999 or 101. Keep screenshots of submission.

scotland.police.uk →Official source · scotland.police.uk ↗
In person at any police station

Attend in person to make a statement; request the crime/incident reference number before you leave.

Any Police Scotland station (find local station via scotland.police.uk)Official source · scotland.police.uk ↗
STEP 2

File with the national cybercrime body

File here in addition to, not instead of, your local police report.

Police Scotland (Cybercrime / via 101 and online portal)

Primary investigator and intake for cybercrime, online harassment, online fraud and online harm in Scotland. IMPORTANT: unlike the rest of the UK, fraud and cybercrime in Scotland are reported directly to Police Scotland on 101, NOT to the England/Wales/NI national fraud portal. Police Scotland records and investigates the report.

scotland.police.uk →101 (non-emergency); 999 (emergency)
CyberScotland Partnership (CyberScotland Portal)

Signposting / advice hub only. Does NOT investigate. It directs individuals to the correct body: Police Scotland (101/999) for cybercrime and fraud; NCSC for cyber-security incidents and phishing; ICO for data breaches. Useful for figuring out where to report, not a substitute for a police report.

cyberscotland.com →No direct reporting line (signposts to 101/999)
National Cyber Security Centre (NCSC, part of GCHQ)

UK-wide technical body. Intake/triage for cyber-security incidents and scams; does not handle individual harassment. Suspicious emails: forward to report@phishing.gov.uk; suspicious texts: forward to 7726; scam websites and incident reporting via its portal. Refers/handles at a national-infrastructure level; not a personal-harassment investigator.

ncsc.gov.uk →Online reporting only (no public phone hotline for individuals)
Information Commissioner's Office (ICO)

UK data-protection regulator. Relevant to doxxing where personal data was unlawfully obtained/disclosed (Data Protection Act 2018 s.170). Intakes data-protection complaints and can investigate/enforce, but is a regulator, not a criminal police force; serious criminal doxxing should still go to Police Scotland. Helpline Mon-Fri 9am-5pm.

ico.org.uk →0303 123 1113
Report Fraud (City of London Police) - England, Wales & Northern Ireland ONLY (formerly Action Fraud)

NOT for Scotland. The national fraud and cyber-crime reporting service for England, Wales and Northern Ireland, run by City of London Police. It replaced Action Fraud: the service went live on 4 December 2025, with old Action Fraud traffic redirecting to it over the following months and full public launch in January 2026. A Scottish victim should NOT use it; report fraud/cybercrime to Police Scotland on 101. Listed here only to correct a common misdirection. Phone number 0300 123 2040 is unchanged from Action Fraud.

reportfraud.police.uk →0300 123 2040 (not applicable to Scotland)
What to report it as

The offences in Scotland

Use the right words. Lead with threats, stalking and doxxing, not “someone is being mean.” Tap any offence for the full elements and the official source.

Criminal harassment / threatening or abusive behaviour (single act or course of conduct)Criminal Justice and Licensing (Scotland) Act 2010Max penalty: On indictment: up to 5 years imprisonment and/or a fine. On summary conviction: up to 12 months imprisonment and/or a fine not exceeding the statutory maximum.

What it covers. Behaving in a threatening or abusive manner likely to cause a reasonable person fear or alarm, with intent or recklessness as to causing fear or alarm. Expressly covers things said or communicated (including online), and can be a single act OR a course of conduct.

Section. Section 38 · Criminal (Scottish statute)

Key elements. (a) threatening or abusive behaviour; (b) would be likely to cause a REASONABLE person to suffer fear or alarm (objective test); (c) intent to cause fear/alarm OR recklessness. Defence: behaviour was, in the particular circumstances, reasonable. Covers communications and single incidents (unlike stalking, no 'two occasions' requirement).

Official source · legislation.gov.uk ↗
StalkingCriminal Justice and Licensing (Scotland) Act 2010Max penalty: On indictment: up to 5 years imprisonment and/or a fine. On summary conviction: up to 12 months imprisonment and/or a fine not exceeding the statutory maximum.

What it covers. Engaging in a course of conduct (e.g. following, contacting, monitoring electronic communications, publishing statements, watching/spying, loitering) that causes the victim to suffer fear or alarm.

Section. Section 39 · Criminal (Scottish statute)

Key elements. 'Course of conduct' = conduct on at least TWO occasions. The conduct must actually cause the victim fear or alarm (SUBJECTIVE test - the victim's actual reaction matters, unlike s.38). Mens rea: intent to cause fear/alarm OR the accused knew or ought to have known it would be likely to. Defences: authorised by law; for preventing/detecting crime; or reasonable in the circumstances.

Official source · legislation.gov.uk ↗
Criminal threats / threatening or menacing communications (online or by phone)Communications Act 2003Max penalty: Summary only: up to 6 months imprisonment and/or a fine not exceeding level 5 on the standard scale (in Scotland level 5 = GBP 5,000).

What it covers. Sending, by means of a public electronic communications network, a message or other matter that is grossly offensive or of an indecent, obscene or menacing character (covers menacing/threatening online messages, texts, emails, social media). NOTE: the s.127(2) persistent-misuse limb (sending false messages / persistent use to cause annoyance, inconvenience or anxiety) was repealed on 31 January 2024 by the Online Safety Act 2023; s.127(1) remains in force.

Section. Section 127(1) · Criminal (UK-wide statute - applies in Scotland)

Key elements. (1) message sent via a public electronic communications network; (2) grossly offensive OR indecent/obscene/menacing in character; (3) the message need not reach the recipient; sender must intend it to be offensive/menacing or be aware it might be taken that way. Applies across England, Wales, Scotland and Northern Ireland (s.127(6) expressly allows summary proceedings in Scotland).

Official source · legislation.gov.uk ↗
Criminal threats (death/serious-harm threats) - Scots common lawScots common law (crime of uttering threats / threatening behaviour)Max penalty: Common-law crime: at large (no statutory maximum); on indictment in the High Court, penalty is at the court's discretion up to life depending on gravity. Most cases are charged under s.38 (max 5 years on indictment).

What it covers. Serious threats, including threats to kill or cause serious injury, are a crime at Scots common law. In practice prosecutors most often charge threatening communications under s.38 of the 2010 Act or s.127 Communications Act 2003, but the common-law crime of uttering threats remains available for grave threats (e.g. death threats).

Section. Common law (no statutory section) - in modern practice such threats are most often charged under Criminal Justice and Licensing (Scotland) Act 2010 s.38 or Communications Act 2003 s.127 · Criminal (Scots common law)

Key elements. A threat (express or implied) of harm; serious threats such as death threats are aggravated. Tried on indictment in serious cases.

Official source · legislation.gov.uk ↗
Threatening / false communications (death or serious-harm threats) - NOT available in ScotlandOnline Safety Act 2023Max penalty: (In England/Wales/NI only) s.181 either-way: up to 5 years on indictment. Not applicable in Scotland.

What it covers. These create offences of sending threatening communications (s.181) and false communications (s.179). CRITICAL: contrary to a common assumption, these Online Safety Act 2023 communications offences do NOT apply in Scotland (statute extent is E+W+N.I.). A Scottish victim's threatening-communications case is instead prosecuted under Communications Act 2003 s.127, the Scots common-law crime of uttering threats, and/or s.38 of the 2010 Act. The only OSA 2023 communications offence that does extend to Scotland is s.184 (encouraging or assisting serious self-harm).

Section. Section 181 (threatening communications) and section 179 (false communications) - extent England, Wales & Northern Ireland ONLY; these sections do NOT extend to Scotland · Criminal, but these sections do NOT apply in Scotland

Key elements. A message conveying a threat of death or serious harm, sent with intent that the recipient fear it would be carried out, or recklessness as to that. The Online Safety Act 2023 communications offences apply across the UK; in Scotland, threatening or abusive behaviour is also prosecuted under s.38 of the Criminal Justice and Licensing (Scotland) Act 2010 and s.127 of the Communications Act 2003.

Official source · gov.uk ↗
Extortion / blackmailScots common law (crime of extortion)Max penalty: Common-law crime: no fixed statutory maximum; penalty at large. On indictment in the High Court it can attract a very substantial custodial sentence. Exact maximum is not statutorily capped.

What it covers. Extortion is the common-law Scots crime of using illegitimate threats to obtain money, property or some advantage. Scots law uses 'extortion' as the umbrella term (English-law 'blackmail' = Scots extortion). The demand can be legitimate (e.g. money genuinely owed) and it is STILL extortion if backed by an illegitimate threat. Covers 'sextortion' (threats to release intimate images unless paid).

Section. Common law (no statutory section) · Criminal (Scots common law)

Key elements. (1) a demand for money/property/advantage; (2) backed by an illegitimate threat of harm (physical, reputational, disclosure of images/info, etc.). The legitimacy of the underlying claim does not matter; the illegitimacy of the threat is what criminalises it.

Official source · scotland.police.uk ↗
Identity theft / identity fraud / online impersonationScots common law of fraud (the UK Fraud Act 2006 does NOT apply in Scotland); supported by Identity Documents Act 2010 and Data Protection Act 2018 where relevantMax penalty: Common-law fraud: no fixed statutory maximum (at large); serious cases on indictment attract multi-year custodial sentences. Identity Documents Act 2010 s.4: up to 10 years on indictment. Data Protection Act 2018 s.170: a fine (no custodial penalty); on indictment effectively unlimited, on summary conviction in Scotland capped at the statutory maximum.

What it covers. 'Identity theft' is not itself a standalone offence; using someone's identity becomes criminal when used to commit fraud. Criminal fraud in Scotland is a COMMON-LAW crime (the Fraud Act 2006 does NOT extend to Scotland). Where a false/stolen identity document is used, the Identity Documents Act 2010 applies. Online impersonation, where it forms a course of conduct causing fear/alarm, can also be charged as stalking (s.39) or threatening/abusive behaviour (s.38).

Section. Common-law fraud (no statutory section); Identity Documents Act 2010 s.4-6 for false identity documents; Data Protection Act 2018 s.170 for unlawful obtaining of personal data · Criminal (Scots common-law fraud) + statutory support

Key elements. Common-law fraud: (1) a false pretence/dishonest representation; (2) achieving a definite practical result (gaining goods, money, services, or causing loss). Identity Documents Act 2010: possessing/using a false identity document with improper intention. Online impersonation alone (without fraud) may be prosecuted via harassment/communications law rather than fraud.

Official source · gov.scot ↗
Doxxing (publishing private/personal information)No standalone 'doxxing' offence. Prosecuted via: Criminal Justice and Licensing (Scotland) Act 2010 (s.38/s.39) and/or Data Protection Act 2018 s.170Max penalty: Data Protection Act 2018 s.170: a fine, no custodial sentence available (penalty set by s.196(2): on indictment a fine with no statutory cap, hence effectively unlimited; on summary conviction in Scotland a fine not exceeding the statutory maximum). Via s.38: up to 5 years on indictment. Via s.39: up to 5 years on indictment.

What it covers. There is NO standalone doxxing offence in Scotland. Doxxing is prosecuted through existing law: (a) if part of a campaign causing fear/alarm, as threatening/abusive behaviour (s.38) or stalking (s.39); and/or (b) where personal data was unlawfully obtained or disclosed without the data controller's consent, under Data Protection Act 2018 s.170 (UK-wide, applies in Scotland). The ICO handles s.170 data-protection complaints; the police handle the harassment dimension. Where a single grossly offensive/menacing message publishes someone's details, Communications Act 2003 s.127 may also apply.

Section. Data Protection Act 2018 s.170 (unlawful obtaining/disclosing personal data); Criminal Justice and Licensing (Scotland) Act 2010 s.38 / s.39 · Criminal (via harassment/stalking statute and/or data-protection statute)

Key elements. DPA 2018 s.170: knowingly or recklessly obtaining, disclosing, procuring, or retaining personal data without the consent of the data controller; also an offence to sell unlawfully obtained data. Defences include crime prevention, legal authorisation, or public interest. For the harassment route, the s.38/s.39 elements above apply.

Official source · legislation.gov.uk ↗
Defamation / defamatory libelDefamation and Malicious Publication (Scotland) Act 2021 (civil law). Defamation is CIVIL-ONLY in Scotland.Max penalty: Not applicable (civil). Remedies are damages and interdict, not imprisonment.

What it covers. There is NO crime of defamation or defamatory libel in Scotland. Defamation is purely a CIVIL matter, now governed by the Defamation and Malicious Publication (Scotland) Act 2021 (in force 8 August 2022), which modernised the civil law and abolished common-law verbal-injury claims relating to injury to feelings. A victim pursues defamation by raising a civil action for damages/interdict (injunction), not by reporting a crime. If defamatory material is part of a harassment/stalking campaign or is grossly offensive/menacing, the CRIMINAL route is s.38/s.39 of the 2010 Act or s.127 Communications Act 2003.

Section. N/A - no criminal defamation offence in Scotland · CIVIL ONLY (no criminal offence)

Key elements. Civil claim: a false statement communicated to a third party that causes (or is likely to cause) serious harm to reputation. Remedies: damages and interdict. Police will NOT take a defamation report as a crime; the victim is directed to a solicitor for civil action, OR the matter is reframed as harassment if a course of conduct exists.

Official source · legislation.gov.uk ↗
Doxxing status in Scotland

No standalone doxxing offence in Scotland. Doxxing is prosecuted via existing law: (1) as part of a course of conduct, under stalking (Criminal Justice and Licensing (Scotland) Act 2010 s.39) or threatening/abusive behaviour (s.38); and/or (2) under Data Protection Act 2018 s.170 where personal data was unlawfully obtained or disclosed without the data controller's consent (UK-wide, applies in Scotland; enforced by the ICO; penalty a fine, with no custodial term). Where a single grossly offensive/menacing message publishes someone's details, Communications Act 2003 s.127 may also apply. Report the harassment dimension to Police Scotland (101/portal) and the data dimension to the ICO in parallel.

Recording your calls

One-party consent is effectively lawful: a private individual may lawfully record a telephone or in-person conversation they are themselves a party to, for their own personal use, without informing the other party.

Source ↗
If the person is in another country

Report at home, and trigger action where they are

If the person is in the United States

Keep doing everything above in Scotland. At the same time, the fastest leverage often sits in the United States, where the person actually is.

Fastest lever in the United States

The fastest practical levers against a U.S.-located perpetrator are: (a) platform reporting and content removal directly to the host service (the U.S. has no general government takedown order against a private individual's speech, and platforms have Section 230 immunity for user posts, so the platform's own abuse/terms process is the front-line removal tool); and (b) a state civil or criminal protective / restraining order (a stalking or harassment protection order, process varies by state), which once issued is enforceable against the U.S.-located respondent and makes any further contact a new, more readily charged offense. Where the conduct is interstate threats or cyberstalking, a U.S. federal case (18 U.S.C. § 875(c), § 2261A) opened via the FBI is the route to criminal action and to compelling evidence from U.S. providers.

How the case reaches them

A foreign victim whose harasser is located in the United States does not file with U.S. federal agencies from abroad and wait. The reliable inbound path is police-to-police: report the matter to your own national police / cybercrime unit in your home country and ask them to channel it to U.S. authorities. Two official conduits carry it: (1) INTERPOL, where your country's National Central Bureau transmits the request to INTERPOL Washington (the U.S. NCB inside the DOJ, the U.S. contact point for the 196-member INTERPOL network), and (2) a Mutual Legal Assistance Treaty (MLAT) or letter rogatory, the formal government-to-government request handled on the U.S. side by DOJ's Office of International Affairs, used to compel evidence such as subscriber records and content from U.S. platforms. U.S. platforms (where most of the abusive content sits) are themselves in the U.S., so a U.S.-based investigation or valid U.S. legal process is the lever that reaches them. In parallel, a victim can and should file directly with the FBI Internet Crime Complaint Center (https://www.ic3.gov) and the FBI tip line (https://tips.fbi.gov); IC3 accepts international complaints and may refer them to the appropriate U.S. or partner agency.

There is no single U.S. government body that will unmask an anonymous account or order a takedown on a foreign victim's request without a U.S. investigation or U.S. legal process. The most effective sequence is: preserve evidence (dated screenshots, URLs, usernames, headers), report to your home-country police so they can engage INTERPOL Washington / the MLAT process, file directly with the FBI/IC3, and pursue platform removal plus a state protective order against the named or identified U.S. perpetrator.

The honest truth: you cannot contact Interpol yourself, only police can. Ask your own investigating officer to pursue international coordination, and keep them supplied with your evidence.
If the person is in Canada

Keep doing everything above in Scotland. At the same time, the fastest leverage often sits in Canada, where the person actually is.

Fastest lever in Canada

The fastest practical relief against content or conduct from a Canada-based perpetrator runs through (a) the Canadian police service of jurisdiction, which can investigate and charge under the Criminal Code (criminal harassment s.264, uttering threats s.264.1, extortion s.346, identity theft/fraud s.402.2/403, and for intimate-image exposure s.162.1), and (b) platform-level takedown plus provincial civil remedies. Canada has no single national takedown regulator equivalent to Australia’s eSafety or the UK’s Ofcom. For intimate images there is a Criminal Code removal/forfeiture pathway tied to s.162.1, and victims can seek provincial civil and protective remedies (peace bonds, restraining orders, provincial intimate-image laws) while a criminal investigation proceeds.

How the case reaches them

When the perpetrator is located in Canada and the victim is abroad, the foreign victim does not contact Canadian police directly. The victim reports to their OWN national police, who route a police-to-police request to Canada through INTERPOL. Canada's international channel is the INTERPOL National Central Bureau (NCB) Ottawa, run by the RCMP at National Headquarters and operating 24/7; it receives, evaluates and processes assistance requests to and from the 195 INTERPOL member countries and administers the Foreign Criminal Investigators in Canada Protocol. For obtaining EVIDENCE in Canada or extradition FROM Canada, the foreign state's central authority works through a Mutual Legal Assistance Treaty (MLAT), coordinated on the Canadian side by the federal Department of Justice International Assistance Group. For US requests, the counterpart is INTERPOL Washington (USNCB) plus FBI Legal Attache channels; NCB Ottawa and INTERPOL Washington have a standing memorandum of cooperation. The local Canadian police service of jurisdiction is the one that actually investigates a perpetrator on Canadian soil.

A victim cannot invoke INTERPOL or MLAT channels personally; the investigating police service and the Crown initiate INTERPOL notices and MLAT requests. The realistic victim action is to file with their own national police and provide the Canadian police service or the foreign police with the file/occurrence numbers and preserved evidence.

The honest truth: you cannot contact Interpol yourself, only police can. Ask your own investigating officer to pursue international coordination, and keep them supplied with your evidence.
If the person is in Australia

Keep doing everything above in Scotland. At the same time, the fastest leverage often sits in Australia, where the person actually is.

Fastest lever in Australia

The fastest protection lever against a perpetrator located in Australia is the eSafety Commissioner's civil removal scheme under the Online Safety Act 2021. eSafety can issue REMOVAL NOTICES to platforms and end-users under the Adult Cyber Abuse Scheme (18+), the Image-Based Abuse Scheme, the Cyberbullying Scheme (under-18) and the Online Content Scheme; non-compliant services can face civil penalties of up to 500 penalty units. For most schemes the victim must first report to the platform or service, then lodge at https://www.esafety.gov.au/report. This is a civil takedown route that runs alongside, and does not replace, a criminal police report. Note the deliberately high 'serious harm' threshold for the Adult Cyber Abuse Scheme. In parallel, where the victim fears ongoing harm, an Apprehended Violence Order (AVO) / personal safety intervention order can be sought against a locally-located perpetrator via the local court or police.

How the case reaches them

When the perpetrator is located in Australia and the victim is overseas, the foreign victim's own police refer the matter to Australian law enforcement through police-to-police channels: the foreign country's INTERPOL National Central Bureau contacts the AFP-hosted INTERPOL National Central Bureau (NCB) Canberra (within AFP International Operations, operating 24/7), which channels notices, information-sharing and assistance requests. The matter is then assessed and, for an individual harassment case, typically referred to the relevant Australian state or territory police where the perpetrator is located. For evidence-gathering or prosecution that needs formal cooperation, a Mutual Legal Assistance (MLAT) request is coordinated by the Commonwealth Attorney-General's Department under the Mutual Assistance in Criminal Matters Act 1987. A victim cannot trigger these channels directly; they ask the investigating police to route the matter through INTERPOL Canberra or MLAT.

eSafety is a civil regulator and does not prosecute, award damages, or replace police. The criminal route remains state/territory police (or the AFP for serious/transnational matters), reachable from abroad only via the police-to-police INTERPOL Canberra channel described above.

The honest truth: you cannot contact Interpol yourself, only police can. Ask your own investigating officer to pursue international coordination, and keep them supplied with your evidence.
If the person is in New Zealand

Keep doing everything above in Scotland. At the same time, the fastest leverage often sits in New Zealand, where the person actually is.

Fastest lever in New Zealand

The fastest practical lever against a perpetrator located in New Zealand is the Harmful Digital Communications Act 2015 civil route: complain to Netsafe (the Approved Agency, https://netsafe.org.nz/report, 0508 638 723), and if it cannot resolve the matter, use Netsafe's written summary to apply to the District Court for an HDCA order (takedown, cease publication, correction, right of reply, or identity disclosure). For serious threats or criminal conduct, NZ Police can act under the Crimes Act / HDCA s 22 directly because the offender is locally located and within jurisdiction. NOTE: where the poster is offshore the HDCA's real limit is service-of-process (no statutory provision for serving an overseas defendant; leave of the District Court under District Court Rules Part 6 is required); that limit does not bite when the perpetrator is in New Zealand.

How the case reaches them

When the perpetrator is in New Zealand and the victim is overseas, the foreign victim should report through their OWN local/national police, who relay the matter police-to-police to INTERPOL Wellington (the NZ National Central Bureau hosted at Police National Headquarters). Neither the public nor a foreign victim can contact INTERPOL or the NCB directly: 'INTERPOL NCBs do not respond to requests from the general public... contact their local or national police, who will in turn contact the NCB.' NZ Police can also be reported to directly via 105 (https://105.police.govt.nz) for the criminal record. For evidence held in or action needed in New Zealand, the foreign authority uses a Mutual Legal Assistance (MLAT) request handled under New Zealand's Mutual Assistance in Criminal Matters Act 1992 via the Crown central authority. New Zealand is also a Party to the Budapest Convention on Cybercrime (in force for NZ 1 December 2025), which provides additional cross-border cooperation channels for electronic evidence. An FBI Legal Attache now operates a standalone office in Wellington (opened 31 July 2025) for liaison with US authorities.

Because the perpetrator is locally located, NZ Police and the District Court can act without the cross-border MLAT or INTERPOL delays that slow cases where the offender is abroad. If Netsafe’s role changes, NZ Police on 105 is the fallback intake.

The honest truth: you cannot contact Interpol yourself, only police can. Ask your own investigating officer to pursue international coordination, and keep them supplied with your evidence.
If the person is in South Africa

Keep doing everything above in Scotland. At the same time, the fastest leverage often sits in South Africa, where the person actually is.

Fastest lever in South Africa

The fastest live protection/unmasking lever against a locally-located perpetrator is the Protection from Harassment Act. A South African magistrate's court can, under s.4, direct a South African electronic communications service provider to FURNISH the unknown harasser's name, identity number and address - identifying an SA-based harasser without any extradition - and then issue an interim and final protection order (s.10), breach of which is a crime (up to 5 years, s.18(1)(a)). This means a victim does NOT need extradition to get relief: the SA courts act directly against SA-based persons and SA-licensed service providers. IMPORTANT CORRECTION: the Cybercrimes Act s.20 takedown order and s.21 unmasking direction are NOT yet in operation (Part VI of Chapter 2 has not been commenced as of 2026), so there is currently no operative Cybercrimes Act statutory takedown order; content removal goes through the protection-order conditions plus direct reporting to the platform/host. A foreign victim typically needs a local contact (e.g. SA-based counsel, or coordination via SAPS once a docket exists) to drive the magistrate's-court application, since these orders are made by SA courts against SA-licensed providers.

How the case reaches them

When the perpetrator is located in South Africa and the victim is abroad, the inbound police-to-police route runs through INTERPOL NCB Pretoria. A foreign victim reports to their OWN national police, who route a request through their INTERPOL National Central Bureau to NCB Pretoria (which sits inside SAPS Crime Intelligence). NCB Pretoria is the channel for international investigations requiring SAPS cooperation and triggers SAPS action against a South Africa-based suspect. For formal evidence-gathering and execution, requests run as Mutual Legal Assistance under the International Cooperation in Criminal Matters Act 75 of 1996, with the South African Department of Justice & Constitutional Development as the Central Authority; dual criminality is not a strict requirement for incoming requests. NOTE: the Cybercrimes Act's 's.52 designated point of contact' and the Chapter 5 mutual-assistance provisions (ss.46-52) are enacted but NOT yet in force as of 2026, so they cannot currently be relied on - use INTERPOL NCB Pretoria and the 1996 MLA Act.

For US-nexus matters the FBI maintains a Legal Attache (Legat) office at the U.S. Embassy in Pretoria; confirm current contact details with the U.S. Embassy Pretoria.

The honest truth: you cannot contact Interpol yourself, only police can. Ask your own investigating officer to pursue international coordination, and keep them supplied with your evidence.
Dedicated cross-border guides
If the person is in the United States →If the person is in Canada →If the person is in Australia →If the person is in New Zealand →If the person is in South Africa →
Keep climbing

If you are brushed off, do this next

You are entitled to be heard. Work up this ladder until your case is assigned.

  1. 1FRONT-LINE INTAKE: Report via Police Scotland 101 or the online portal (https://www.scotland.police.uk/secureforms/c3/), or 999 if urgent/threat to life. INSIST on a crime reference / incident number and write it down - this is your paper-trail anchor. Keep all evidence (screenshots, headers, dates, account URLs).
  2. 2ASSIGNED OFFICER / LOCAL POLICING TEAM: Once a reference exists, ask which officer or team owns the case and request their name, collar/shoulder number, and a contact route. Provide a single organised evidence bundle. Ask specifically for a referral to the Cybercrime / online-harm capability if the offending is online.
  3. 3CYBERCRIME UNIT / SPECIALIST: For online stalking, doxxing, sextortion, impersonation or fraud, ask that the report be routed to Police Scotland's cybercrime/specialist resource. If fraud is involved, confirm it is being handled by Police Scotland (NOT the England/Wales/NI Report Fraud portal, which does not cover Scotland).
  4. 4SUPERVISOR / SERGEANT OR INSPECTOR: If the case stalls or you are not getting updates, ask to speak to the investigating officer's line manager (sergeant, then inspector). Reference your crime number and the dates of prior contact. Request a written update and a review of the recording/investigation decision.
  5. 5FORMAL COMPLAINT / PROFESSIONAL STANDARDS: If handling is poor, make a formal complaint via Police Scotland's complaints process; unresolved complaints can go to the Police Investigations & Review Commissioner (PIRC, https://pirc.scot/). Separately, COPFS (the prosecutor) decides on charges; if the Procurator Fiscal declines to prosecute you can ask for a review of that decision.
  6. 6NATIONAL / REGULATORY BODIES: For the data-protection dimension of doxxing, complain to the ICO (0303 123 1113). For cyber-security incidents, NCSC. These run in parallel and can add pressure and an independent record.
  7. 7ELECTED REPRESENTATIVE (CASEWORK PRESSURE-VALVE): Your constituency MSP (Scottish Parliament) and/or MP (Westminster) can take up your case as constituency casework and press the relevant body for a response and timeline. An MSP/MP CANNOT direct or interfere with an operational police investigation or a prosecution decision; their role is to chase responsiveness, escalate maladministration, and obtain answers, not to compel an outcome. It is reasonable to keep climbing this ladder and use the public bodies your taxes fund.
  8. 8INTERNATIONAL / CROSS-BORDER LIAISON: If the perpetrator is overseas, ask Police Scotland to route the matter through the National Crime Agency's UK International Crime Bureau (the UK Interpol/Europol channel) for cross-border action; where evidence must be obtained abroad, Mutual Legal Assistance is coordinated via COPFS as the Scottish central authority.
Cross-cutting essentials

The same for everyone: evidence, safety, platforms

Documenting and preserving your evidence

Good documentation is the backbone of every other step. It builds the pattern that proves intent, it gives police and courts something to act on, and it survives even if the perpetrator deletes accounts. The guidance below comes from official safety and policing bodies across several countries. ## Capture context, not just the bad comment Australia's eSafety Commissioner advises capturing "the full conversation (rather than the abusive comment on its own), as well as account details, dates and times," and noting the web page address (URL) and the other person's user profile. Both screenshots and screen recordings are endorsed (screen recording is useful for content that scrolls). The practical takeaway: a good capture shows the username, the URL, and the date and time together, not a bare cropped screenshot. PEN America's Online Harassment Field Manual makes the same point about why this matters over time: documenting harassment creates a record that "alerts you and others to abuse patterns and escalations." Capturing the perpetrator's own words and behavior across time is how you surface intent and escalation. ## Keep the original file, because metadata is provenance Tech Safety Canada advises that you "should always safely store the digital original" rather than forwarding or re-copying it, capture the person's profile URL and a visible date and time, and print or save "directly after you have captured it," because "opposing counsel could claim there was manipulation of evidence... if there was a delay." Saving the original file (rather than forwarding or screenshotting a copy) is the practical mechanism by which authenticating metadata survives. Canadian law-enforcement cyberbullying guidance (RCMP) reinforces recording dates and times, capturing full conversation context with visible timestamps, usernames, and platform, and saving originals. ## Back up in more than one place Accounts and content can be deleted, so keep redundant copies. Tech Safety Canada suggests you "email or text the document to a device that you will continue to have secure access to so you have an extra copy." Canadian guidance recommends backups in multiple locations (for example cloud plus physical plus a printed hard copy kept in chronological order). ## Keep a contemporaneous log UK College of Policing stalking and harassment guidance treats the victim's own diary or log of incidents, and retained correspondence from the suspect, as key evidence; officers are advised to ask victims to keep a diary and explain how to complete it, and some forces issue formal stalking and harassment diary sheets. A dated, ongoing log of incidents is recognized, valuable evidence. ## Email evidence: preserve the headers Emailing a copy of evidence to yourself or a trusted contact can give you an independent third-party (mail-server) timestamp and a redundant copy. But there is an important caveat: forwarding or screenshotting an email strips or overwrites the original metadata. As the Safety Net email-evidence guidance explains, "in a forward, the original email header is replaced with a header that contains the forwarder's information," and "it is also not possible to uncover the header with just a screenshot or photo of the email body." To preserve provenance, keep the original message and its full headers (access the original electronic version via your webmail account, device, or email server). A self-generated email timestamp is corroborating, not conclusive. ## Why a postmark (or self-mailed copy) is weak proof Mailing yourself a copy, or relying on a postmark, proves only that an item existed and was in your possession on a date. It does not prove who wrote it, that any official action was taken, or that the content is unaltered, and it is tamperable. This is the well-documented "poor man's copyright" fallacy: the US Copyright Office states "there is no provision in the copyright law regarding any such type of protection, and it is not a substitute for registration." The same logic applies to reporting: a postmark or self-mailed copy does not prove a crime was reported. The durable proof that a report exists is the official police report or file reference number issued by police, which you should keep for follow-up. (This police-report analogy is a reasoned synthesis of the poor-man's-copyright point plus the role of official report numbers, not a single direct citation.) ## New Zealand caution: preserve before you block, and do not store "objectionable" content New Zealand's Netsafe advises screenshotting harmful content; for emails, saving both the message contents (with the date and time received) and the email headers; and recording the full URL of each page. Critically, it advises: "Contact Netsafe, or the Police first before deleting any content or blocking the abuser's number or profile (as this can be important evidence)." Netsafe also warns: "Do not screenshot or store content you believe is objectionable. It's illegal in NZ to store, send or share objectionable content. Instead contact Netsafe or the Department of Internal Affairs immediately." This jurisdiction-specific caution matters for any cross-border situation, because blanket "screenshot everything" advice can backfire. General legal information, not legal advice.

Official sources
esafety.gov.au ↗onlineharassmentfieldmanual.pen.org ↗techsafety.ca ↗rcmp.ca ↗library.college.police.uk ↗techsafety.org ↗copyright.gov ↗netsafe.org.nz ↗
Swatting: protecting yourself from a fake emergency call to your home

Swatting is when someone makes a false emergency report (such as a hostage situation or active shooter) to send armed police to your address. If you have been doxxed or threatened, this is a real risk, and there are concrete, sourced precautions. ## What the FBI advises The FBI/IC3 swatting public service announcement (29 April 2025) advises victims to "retain all information regarding the incident, such as usernames, email addresses, websites, or names of platforms used for communication, photos, or videos," to immediately report it to local law enforcement and to IC3/FBI, and to "discuss swatting with your family members or colleagues and have a plan in place in the event of law enforcement contact" at the residence. Important: this FBI PSA does not tell victims to pre-emptively register or notify police that they are a swatting target before an incident. Its preventive advice is limited to retaining incident information and having a family or colleague plan. The proactive pre-notification step below is supported by other authoritative sources, but should not be attributed to the FBI. ## The proactive notification precaution The core proactive precaution is to give your local police context in advance, so that a later fake emergency call to your address is met with caution rather than a maximal armed response. The ACLU advises: "If you are concerned about this kind of attack and you trust your local police to be reasonable, consider calling your local police's nonemergency number to alert them to the likelihood of false reports about your address," and it links a verbal script to request that extra precautions be taken by first responders if a report is received about your address. The "if you trust your local police to be reasonable" caveat is worth keeping in mind. Mainstream security guides give the same advice in operational terms: "Contact your local police department. Tell them what you do for a living and that you might be a target for swatting attacks. Tell the police that if they get a call about an active threat at your home address, they should first contact you to confirm that it's true." The goal is to turn an unverified hostage or shooting report into one the dispatcher already knows to treat with suspicion. ## Formal registries exist in some places, but are not universal Some jurisdictions offer a formal opt-in flag. The Seattle Police Department runs an opt-in anti-swatting program (launched 2018): residents who fear being targeted register their address through the Smart911 / Rave Facility system, and "when the 911 call center receives a report of a critical incident, they can dispatch responders and simultaneously check to see if residents at the address registered a concern for swatting on Rave Facility," passing that context to responding officers. Most jurisdictions, however, have no formal swatting registry. Where none exists, the realistic fallback is the ACLU's advice: call the local police non-emergency line and give them context. Do not assume a national or standard registry exists. General legal information, not legal advice.

Official sources
ic3.gov ↗aclu.org ↗security.org ↗king5.com ↗
When one person targets many: treat it as one linked case

If a single perpetrator is harassing several people, the strongest approach is to treat it as one connected pattern rather than a scatter of unrelated, isolated complaints. A documented multi-victim pattern is powerful evidence of intent and fixation, and the law recognizes it. ## Coordinated harassment of multiple people can be one legal pattern UK Crown Prosecution Service guidance establishes that coordinated harassment of multiple victims can legally constitute a single "course of conduct." The CPS states: "Harassment may be committed against two or more persons," and "this covers collective harassment, whether directed towards members of the same family, neighbourhood, protected characteristics, trade or profession, organisation, or institution." Prosecutors are told that gathering evidence "should focus on the wider pattern of behaviour and on the cumulative impact on a victim." A campaign connected by a common motive or behavior links together as one pattern. That is precisely why a documented multi-victim pattern is strong evidence of intent and fixation. ## Why a cross-victim pattern matters Criminal harassment and stalking charges typically require demonstrating a sustained course of conduct, and often a specific intent, rather than a single offensive comment. A single instance of bad language or an opinion is generally not enough on its own. A pattern across multiple complainants helps establish the sustained conduct and the intent that a single instance cannot. (The broad legal logic here is authoritative via the CPS course-of-conduct framework; specific intake-categorization wording from non-official sources should be treated as illustrative.) ## Cross-referencing official report numbers When victims of the same perpetrator coordinate, the durable link between their cases is the official police report or file reference number, not the mere fact that they know each other. When you file a report, police give you a file or report number that you should keep for follow-up, and reports help police "identify patterns... repeat suspects." Co-victims cross-referencing each other's official reference numbers lets the forces link, retrieve, and corroborate related reports, and lets a Legat or NCB match parallel cases across borders. This cross-referencing of reference numbers is presented as best-practice reasoning grounded in two verified pillars (official report numbers exist and are kept for follow-up, and the CPS treats a one-offender, multiple-victim campaign as a single course of conduct). It is a sound operational extrapolation, not a directly quoted official instruction. General legal information, not legal advice.

Official sources
cps.gov.uk ↗rcmp.ca ↗
Reporting to the platform: what actually forces removal

When someone is harassing you, impersonating you, or spreading content about you on a social platform, it helps to understand what genuinely makes a platform take content down, and what is a waste of time. ## The three levers that actually force removal In practice there are only three things that force a platform to remove content or an account: 1. A court order or injunction. A judge orders the content removed. This requires a lawsuit and a court.

  1. A law-enforcement request submitted through the platform's official legal portal. A sworn officer working your case submits a request through the platform's dedicated law-enforcement webform. This is why a police report and reference number matter: it is an officer with an open case, using the official portal, who can move this lever, not you directly.
  2. The platform's own Community Guidelines enforcement after a report. The platform reviews the reported content against its rules and removes it if it violates them. Of these three, Community Guidelines enforcement is the only free, immediate lever a victim can pull directly. The first two require either a lawsuit and a court, or a sworn officer with an open case. You cannot invoke the court-order or law-enforcement levers yourself. ## Informal emails are ignored Do not waste time emailing a platform's general or legal@-style inbox, or messaging from a personal email address, to demand a takedown. Platforms route real legal and law-enforcement requests only through their official portals. TikTok's own Law Enforcement Guidelines state plainly that it "will not respond to requests for user data sent by non-law enforcement officials or when they are sent through informal channels (such as personal email addresses)." Emergency law-enforcement requests must come from a sworn law-enforcement official and from an official law-enforcement email domain. The same pattern holds across platforms: Meta requires a government-issued email at facebook.com/records; X requires a government agency to use legalrequests.x.com; Twitch requires legal process served through the Amazon Law Enforcement Request Tracker and "does not accept requests... or service of process, via e-mail or fax." The informal-email path simply is not the path that gets actioned. The officer working your case is the one who uses the portal. ## Report each item, per video and per comment On TikTok you can report any post (video), comment, account, or direct message for violating Community Guidelines, from the app or a web browser. Reporting is confidential: TikTok states it "will not disclose your identity to the person whose content or account you're reporting." To report a video: In the app, open the post, tap the Share button (or press and hold the post), tap Report, select a reason (and a subtopic if prompted), then tap Submit. On the web, hover over the More options (...) button on the video, click Report, select a reason and subtopic, then click Submit. To report a comment: TikTok has a separate, dedicated comment-report flow (press and hold the comment, then tap Report). Report harassing comments individually, per comment, rather than only reporting the video. ## Impersonation has its own separate report flow If someone is pretending to be you, that is not the same as reporting a single offensive video, and it uses a different path. TikTok provides a separate impersonation report flow: go to the impersonating profile, tap the three dots (top right), tap Report, then Report account, then select the impersonation reason ("Pretending to be someone"). There is also a web impersonation form that can require a real ID and lets you list multiple fake accounts in one report. TikTok's policy bans impersonation: it "does not allow accounts that impersonate individuals or organizations in a misleading or malicious way," while permitting clearly labeled fan or parody accounts that do not confuse users. Other platforms have their own impersonation report forms too (for example, X's impersonation reporting is filed by the impersonated person or an authorized representative). ## Do not use mass-reporting tools or organize a brigade It is tempting to rally friends or use a third-party "mass report" tool or bot to pile reports onto an impersonator. It does not work, and it can backfire. TikTok's own position is explicit: "Mass reporting content or accounts does not lead to an automatic removal or to a greater likelihood of removal" by its Safety team. Removal turns on whether the content actually violates the Community Guidelines, reviewed by human moderators, not on how many reports it receives. Mass-reporting tools violate platform policy and are the wrong move. Use the legitimate per-item report, the separate impersonation report, or the law-enforcement and court routes instead. General legal information, not legal advice.
Official sources
tiktok.com ↗tiktok.com ↗tiktok.com ↗support.tiktok.com ↗support.tiktok.com ↗support.tiktok.com ↗tiktok.com ↗newsroom.tiktok.com ↗meta.com ↗help.x.com ↗help.x.com ↗safety.twitch.tv ↗help.snapchat.com ↗
When the harasser is in another country: how cross-border police work moves

If the person harassing you lives in a different country, the case has to move between police forces. Understanding how that works tells you what to ask for and why your role is to keep your officer supplied with what they need. ## You cannot self-start INTERPOL or an MLAT, only police can INTERPOL is the world's largest police organization, with 196 member countries. But it works through each country's National Central Bureau (NCB), and the public cannot report to it directly. INTERPOL's own NCB page states: "INTERPOL NCBs do not respond to requests from the general public. Anyone wishing to report a crime or provide information on an international investigation should contact their local or national police, who will in turn contact the NCB." The US side says the same: private citizens report crimes through their local police or law-enforcement agency, which may then contact INTERPOL Washington if international assistance is required. The same is true of formal evidence requests between countries. A Mutual Legal Assistance Treaty (MLAT) request can only be made by government authorities (prosecutors, investigating judges, criminal investigators) and must be transmitted through a country's legally designated Central Authority. "All requests made pursuant to MLATs must be submitted through the Central Authority," and MLATs "are not available for use by private parties." A victim cannot file an MLAT request, only the investigating officer or prosecutor can. So your leverage is the explicit ask. You cannot trigger INTERPOL or an MLAT yourself; you trigger them by getting your investigating officer to make the request. ## The FBI's overseas offices (Legats) coordinate, they do not police The FBI runs legal attache (Legat) offices in "dozens of locations" around the globe, "providing coverage for more than 180 countries, territories, and islands," with about 250 special agents and support personnel stationed abroad. Legats sit in US embassies and cover the countries most relevant here, including London (covering the UK, Ireland, and the Channel Islands), Ottawa (Canada), Mexico City, Canberra (Australia), and Wellington (New Zealand). The FBI opened a standalone Legat office in Wellington on 31 July 2025; it had been a suboffice of the Canberra Legat since 2017. Crucially, Legats have no law-enforcement powers overseas. "Since FBI agents do not have traditional law enforcement powers overseas, they must rely on strong, mutually beneficial relationships with their foreign counterparts." The FBI "conducts investigations abroad only when invited by the host country. In most cases, our international partners gather evidence and make arrests on behalf of, or in close cooperation with, the Bureau." Legat duties include coordinating requests for assistance and coordinating victim assistance. They are a coordination channel, not a force that swoops in. ## The US entry points: a local field office and IC3 For a US-connected victim, the practical entry points are your local FBI field office and the FBI's Internet Crime Complaint Center (IC3) at ic3.gov. IC3 itself does not investigate; "trained analysts at the IC3 review and research the complaints, disseminating information to law enforcement and partner agencies, as appropriate," and "investigation and prosecution are at the discretion of the receiving agencies." IC3 explicitly accepts cross-border reports, including from "citizens of another country or who may be reporting a subject in another country." For an ongoing crime or a threat to life, contact your local field office or call 911. ## Formal evidence channels differ by country Bilateral MLATs with the United States are in force for the UK (entry into force 2 December 1996), Canada (24 January 1990), Mexico (3 May 1991), and Australia (30 September 1999), but not for New Zealand. US to New Zealand formal assistance runs instead through multilateral conventions and non-treaty letters rogatory and comity. For multilateral cooperation, the Council of Europe Budapest Convention on Cybercrime provides a standing framework for cross-border preservation and exchange of electronic evidence, including a 24/7 contact-point network. Among the countries here, the US, UK, Canada, Australia, and New Zealand are parties. New Zealand became the 81st party (acceded 28 August 2025; in force for New Zealand 1 December 2025), so the multilateral channel is available US to New Zealand even though no bilateral US to New Zealand MLAT exists. Mexico is not a party to the Budapest Convention; for a Mexico-based perpetrator the correct formal evidence channel is the US to Mexico bilateral MLAT, not the Budapest Convention. ## The realistic playbook Putting the verified mechanics together: - Report at home and in the perpetrator's country. Each country's police are the ones who can open the NCB or MLAT channel on their end, and IC3 explicitly accepts reports about a subject in another country.

  • Keep and cross-reference every reference and complaint number. Cross-referencing lets each force link to the parallel case so a Legat or NCB can match them.
  • Explicitly ask each investigating officer to pursue international coordination, through the NCB/INTERPOL channel, an MLAT via the Central Authority, and/or the in-country FBI Legat. You cannot self-initiate these; only the officers can. This consolidated playbook is a reasoned synthesis; each underlying mechanism is individually verified from FBI, DOJ, INTERPOL, and IC3 sources, though no single official page states the four-part script verbatim. General legal information, not legal advice.
Official sources
interpol.int ↗interpol.int ↗justice.gov ↗justice.gov ↗fbi.gov ↗fbi.gov ↗fbi.gov ↗ic3.gov ↗justice.gov ↗coe.int ↗