When the threat is in your home: Online privacy, security and domestic violence

Posted on Jul 29, 2018 by Danica Sergison
Share Tweet

As digital citizens, we often think about how to secure our internet activity and communications from external sources, including Internet Service Providers, governments, and malicious hackers.  For some, including journalists and dissidents, maintaining privacy and security from third parties is an essential part of protecting their lives and liberty, and breaches can have dire consequences.  However, these risks are not always external, and for victims of abuse and domestic violence, the source of the threat may even live in the same home.  For victims of abuse and domestic violence, taking steps to protect their privacy and ensure their online security can be an essential part of successfully escaping and surviving their abusers.

Chris Cox, founder of the Operations Security Professionals Association (OSPA), spoke with PIA this week to discuss ways that victims of abuse and domestic violence can protect themselves from a threat in their home.  The cause is an important one to Chris, and to OSPA:  OSPA has launched an initiative called “Operation Safe Escape“, with the goal of ensuring that every victim of domestic violence has the resources, information, and confidence that they need to leave their abusive partner.

Operation Safe Escape uses OPSEC principles and interdisciplinary partnerships to develop guides, applications, resources and training programs to support victims of domestic violence and to provide safety and security support to domestic violence shelters and safe houses.

Below, we’ve highlighted some practical tips & advice from our conversation with Chris.  For more resources, please visit Operation Safe Escape’s website, GoAskRose.com.

Preparing to leave an abuser

  • Use private browsing mode.  Most major browsers have a private browsing or “incognito” mode.  Use this mode when you are searching for information that you don’t want others to see.
  • Review and edit your browser history.   Although a fully cleared browser history may appear suspicious, you can also remove individual sites from your browsing history.  For a guide on how to do this, check out this guide on GoAskRose.com, a website that Operation Safe Escape has developed for victims of domestic violence.
  • Use a VPN.  While Chris notes that that traditionally, VPNs are used to protect from external threats, VPNs can also encrypt and hide the nature of local internet traffic, which can be useful if an abuser is monitoring internet activity at the router level.   A properly configured VPN also prevents DNS leaking, and can disconnect internet access if VPN service is disrupted.
  • Develop a safety plan, and keep it somewhere safe.  Frequently, guides for victims of domestic abuse include a safety plan that can be printed out, completed and stored.  However, a physical plan may be more easily discovered by an abuser, and can’t be accessed remotely if it isn’t readily accessible in a time of crisis.  Operation Safe Escape offers a tool for individuals to complete their plan electronically, and send it to a secure email address unknown to the abuser.  Operation Safe Escape has also been working to develop discreet apps for Android and iOS where a safety plan can be created and stored on an encrypted server, behind a password-protected login.
  • For more detailed guides and resources, visit GoAskRose.com.

Securing devices & your home appliances

  • Wipe your phone and restore it to factory settings.  Especially if your abuser has had access to your phone, may know your passwords, or may be able to guess the answers to your password reset questions, it can be important to fully wipe and restore your device.  Many phones have “Find Your Phone” or device management settings that can allow tracking by third parties.  For assistance in fully wiping and resetting a device, you can often turn to the device manufacturer.  Ideally, even after wiping your device, you will be able to leave your phone behind and access either a temporary “burner” or a new device that has never been accessed by the abuser – however, this may not always be possible.
  • Reset your router, and change the access settings for any appliances with internet connectivity.  If you have been successful in getting the abuser to leave your home, it’s important to assess whether they may have access to internet-connected devices in the home.  A recent article in the New York Times highlighted how internet-connected “smart home” appliances can be used abusively.  As a first step, it’s recommended to reset your router to factory settings.  If you’re unsure on how to do so, the device’s manufacturer may be able to assist – look at the brand names listed on your router and your smart devices, and reach out to their customer service lines for further guidance.
  • Review and secure your social media accounts.  While you should consider whether it’s possible to delete social media accounts entirely, at the very least, it’s worth removing any content that could be used to locate you and adapting your privacy & security settings.  You should also review your secret questions and ensure that your abuser cannot gain access to your account by requesting a password reset.  Enabling two-factor authentication (2FA) is another way to protect your accounts, even if your password becomes compromised.   The Crash Override Network also offers a step-by-step guide to help you lock down your online accounts.

Privacy & security at home

Even if you are fortunate enough to live free from domestic violence, the information and resources provided above can be important to integrate into your privacy & security practices.   If you live in shared accommodation with other adults, including family or roommates, it can be good practice to review the access and security settings of devices in your home, both periodically and after someone leaves your home.

 

Disclaimer

It was our pleasure to highlight the excellent work of Chris Cox and Operation Safe Escape in this blog post.  This post is not sponsored content – Private Internet Access simply supports the work that Operation Safe Escape is doing, and believe that it is an essential part of ensuring privacy and protecting digital rights for all.   PIA has previously donated VPN licenses and made a financial contribution to Operation Safe Escape, which has been used to develop additional security guides, support development of their safety planning application, and to allow them to host a conference for domestic violence professionals this October.

About Danica Sergison

Danica is a Canadian lawyer, online community manager, and tech enthusiast. She writes about the law, privacy and the intersections between tech and social issues. Twitter: @DanicaSergison

VPN Service