Technology and Violence Against Women Series – Spyware and Safety
In this blog series, we are examining the impact of technology on violence against women crimes, as identified by the National Network to End Domestic Violence (NNEDV) Safety Net Project. Our most recent post focused on Posting Content Online, and today’s post, the last of the series, will highlight spyware and safety.
Spyware is a software program or hardware device that enables an unauthorized person (such as an abuser) to secretly monitor and gather information about computer or cell phone use. Spyware can be installed on computers or cell phones to monitor the activities of those devices.
On computers, spyware can keep track of every keystroke typed, software application used, website visited, chat or instant message sent, and document opened. Some spyware software includes the ability to freeze, shutdown, or restart a computer and other versions allow the person spying to remotely turn on the webcam or make the computer talk. Spyware for cellphones can keep track of all phone calls, text messages sent or received, and even turn the cellphone into a listening device.
Computer spyware software can be installed on computers without the knowledge of the owner or even physical access to the computer. Cellphone spyware often require physical access to the device. In most jurisdictions, installing spyware on someone else’s devices without their permission with the intention to stalk them is illegal. Moreover, spyware is invasive, intrusive, and may put victims in increased danger.
Below are a few tips for agencies and organizations that assist victims.
Post a Safety Alert on every page of your website. On agency webpages that contain specific information for victims, posting a clear, but brief safety alert can make victims aware of risks. (Example: “Your computer activities might be impossible to erase. If someone might be monitoring you, please use a safer computer or call a hotline for more information.”) This is particularly important on department pages where hotline numbers, community resources, and similar information is listed.
Take steps to increase your organization's data security. Law enforcement agencies should protect any personally identifiable information collected about a victim since any data leaks or breaches could be fatal. Agencies should develop and implement policies that establish and ensure the appropriate security of all data (and the networks and infrastructure the data is stored on) to safeguard against risks of loss, unauthorized access or use, destruction, modification, or unintended or inappropriate disclosure. All access to data should be subject to specific authorization and all employees, contractors and subcontractors, and volunteers should be held accountable for complying with appropriate agency, city or county, state, and federal policies.
Protect your device. As part of safety planning, law enforcement can inform victims to protect their devices by running anti-virus or anti-spyware on them. These programs can offer limited protections against surveillance spyware. Be aware that spyware can appear to be a legitimate product, however, and anti-spyware software might not always flag those spyware products. Take further precaution by not downloading or opening links and attachments from people you don’t know or trust.
Secure your devices. Encourage survivors to have strong passwords on their devices. Passwords should be changed regularly, and they should avoid allowing others access to their personal devices.
Discuss survivor safety strategies. When investigating stalking cases that involve spyware, be aware that the abuser could be monitoring the devices, and if the survivor or law enforcement is investigating the computer or cell phone, the abuser may know. Work with the survivor to ensure that she/he have safety strategies in case the abuser becomes more dangerous at the discovery.
Inform the survivor. For investigative purposes, sometimes it may be necessary for law enforcement to take the computer or cellphone for forensic analysis. Make sure the survivor knows what the process will be during the investigation and how long the survivor may be without the computer or cell phone. Although it may be evidence, a computer or cellphone might be the only way the survivor can access support systems or support their livelihood. Help lessen the impact of losing what could be their only method of communicating by working with them to ensure that they can still live their daily lives.
For more information about spyware and safety, click here. You can also contact the NNEDV’s Safety Net Project by clicking here. Be sure to visit their Tech Safety blog for additional information on technology safety.
If you have questions about the IACP’s Violence Against Women efforts, please contact Michael Rizzo, IACP Project Manager, at [email protected], or visit the IACP’s National Law Enforcement Leadership Initiative on Violence Against Women webpage.
Spyware is a software program or hardware device that enables an unauthorized person (such as an abuser) to secretly monitor and gather information about computer or cell phone use. Spyware can be installed on computers or cell phones to monitor the activities of those devices.
On computers, spyware can keep track of every keystroke typed, software application used, website visited, chat or instant message sent, and document opened. Some spyware software includes the ability to freeze, shutdown, or restart a computer and other versions allow the person spying to remotely turn on the webcam or make the computer talk. Spyware for cellphones can keep track of all phone calls, text messages sent or received, and even turn the cellphone into a listening device.
Computer spyware software can be installed on computers without the knowledge of the owner or even physical access to the computer. Cellphone spyware often require physical access to the device. In most jurisdictions, installing spyware on someone else’s devices without their permission with the intention to stalk them is illegal. Moreover, spyware is invasive, intrusive, and may put victims in increased danger.
Below are a few tips for agencies and organizations that assist victims.
Post a Safety Alert on every page of your website. On agency webpages that contain specific information for victims, posting a clear, but brief safety alert can make victims aware of risks. (Example: “Your computer activities might be impossible to erase. If someone might be monitoring you, please use a safer computer or call a hotline for more information.”) This is particularly important on department pages where hotline numbers, community resources, and similar information is listed.
Take steps to increase your organization's data security. Law enforcement agencies should protect any personally identifiable information collected about a victim since any data leaks or breaches could be fatal. Agencies should develop and implement policies that establish and ensure the appropriate security of all data (and the networks and infrastructure the data is stored on) to safeguard against risks of loss, unauthorized access or use, destruction, modification, or unintended or inappropriate disclosure. All access to data should be subject to specific authorization and all employees, contractors and subcontractors, and volunteers should be held accountable for complying with appropriate agency, city or county, state, and federal policies.
Protect your device. As part of safety planning, law enforcement can inform victims to protect their devices by running anti-virus or anti-spyware on them. These programs can offer limited protections against surveillance spyware. Be aware that spyware can appear to be a legitimate product, however, and anti-spyware software might not always flag those spyware products. Take further precaution by not downloading or opening links and attachments from people you don’t know or trust.
Secure your devices. Encourage survivors to have strong passwords on their devices. Passwords should be changed regularly, and they should avoid allowing others access to their personal devices.
Discuss survivor safety strategies. When investigating stalking cases that involve spyware, be aware that the abuser could be monitoring the devices, and if the survivor or law enforcement is investigating the computer or cell phone, the abuser may know. Work with the survivor to ensure that she/he have safety strategies in case the abuser becomes more dangerous at the discovery.
Inform the survivor. For investigative purposes, sometimes it may be necessary for law enforcement to take the computer or cellphone for forensic analysis. Make sure the survivor knows what the process will be during the investigation and how long the survivor may be without the computer or cell phone. Although it may be evidence, a computer or cellphone might be the only way the survivor can access support systems or support their livelihood. Help lessen the impact of losing what could be their only method of communicating by working with them to ensure that they can still live their daily lives.
For more information about spyware and safety, click here. You can also contact the NNEDV’s Safety Net Project by clicking here. Be sure to visit their Tech Safety blog for additional information on technology safety.
If you have questions about the IACP’s Violence Against Women efforts, please contact Michael Rizzo, IACP Project Manager, at [email protected], or visit the IACP’s National Law Enforcement Leadership Initiative on Violence Against Women webpage.