Technological self-defense guide for victims of IPV

IPV : A unique context

In contexts other than IPV - espionage, for example - technological surveillance activities are carried out stealthily, secretly, so that the target is unaware that they are being monitored. In the case of IPV, although surveillance may indeed be stealthy, it can also be carried out explicitly, as the abuser feels that they have a right to control their partner and therefore may not necessarily hide the fact that they are monitoring the victim. This is the case, for example, of an abuser who alludes to the information at their disposal in order to gain power over a partner.

Three goals: surveillance, manipulation and harassment

Technological abuse generally serves three functions. The first is surveillance. Tools are then used to monitor online and offline activities, in order to extract information about the victim's whereabouts, actions or communications. The second function is manipulation. In this case, the tools are used to convey messages designed to influence, convince or coax the victim into changing their mind or to create confusion. The third function is harassment and intimidation. In this case, the tools are used to make intrusive contact with the victim, to force them to continue communications, to intimidate them or to put pressure on them.

Physical access to devices

Technological abuse in the context of IPV is facilitated by the fact that violent partners often have access to the victim's devices (before the break-up) and to those of the children (before and after the break-up). Through this direct contact with computers, tablets, smartphones and electronic games, they have a golden opportunity to use these tools. They can consult Internet browsing history, e-mails, text messages, social network exchanges and more. They can also modify the security or privacy settings of the devices, or install malicious software or applications (spyware) that will enable them to continue their intrusion even if they no longer have access to the devices afterwards. They may also attempt to harm the victim by deleting important documents related to work, evidence gathering or personal life.

Monitoring devices

More and more abusers are using physical devices such as cameras, microphones, locatable devices like "air-tags" or "tiles" or even certain models of "air pods" to track someone's movements. These tools can be camouflaged in fake USB wires, or slipped into a child's bag, a satchel, a diaper bag, or even camouflaged in a home or in a car.

Unauthorized access to accounts

Abusers can use the privileged information they have access to (such as passwords or details of the victim's intimate life) to gain access to the victim's personal accounts (online accounts, applications, social networks, e-mails, etc.) and keep tabs on them. They can monitor a victim's movements, e-mails, social network messages, contacts, incoming and outgoing calls, connected devices, purchases, and so on. They can also send messages or make posts on social networks posing as the victim to harm them or undermine their credibility. All types of accounts can provide useful information for perpetrators of violence: access to a bank account allows them to monitor a victim's purchases and money inflows, access to an Uber account allows them to see where the victim travels and where they get food delivered, access to an e-mail account lets them know who the victim talks to and what they are planning, access to an Amazon account gives them access to the victim's new address, and so on.

Signs of technological abuse

• Social media posts are made in the victim's name without their knowledge;
• Presence of unknown devices connected to online accounts;
• New messages are marked as "read;
• Files or applications appear or disappear from devices;
• The partner has information that is not available elsewhere;
• The partner seems to know things that have not been mentioned to them (where one has been, who one has seen, who one has talked to, what was bought, the content of private messages, who one is meeting up with, etc.);
• Having the sensation of being physically followed offline, in real time;
• Device batteries drain faster than usual;
• Applications use an unreasonable amount of data or memory;
• A device's camera icon appears when the camera is not in use.

Technological self-defense tips: During the relationship

When in a relationship with someone who uses IPV, short-term safety must be the number one priority. Any action that might signal to a violent partner that a victim suspects that a device is being monitored (changing passwords, disabling geolocation functions or removing a monitoring application or device, for example) must therefore be avoided.

• Always act as if your partner actually has access to your devices and accounts;
• Avoid using devices to which the partner has access for information retrieval, documentation or any action relating to the violent situation;
• Use "anonymous" or "private" mode, on a browser that is not connected to any account (Google or other);
• Visually inspect electronic devices and make sure that every wire or device (usb or other) is original or self-purchased;
• Check for unknown devices connected to your online accounts;
• Avoid bringing home any device, cell phone or computer provided by a place of work, in order to preserve its integrity and to be able to continue using it for empowerment purposes;
• Create a secret e-mail account on a device to which the abuser does not have access, and use only this e-mail for any communication related to the violent situation (with resources, loved ones, etc.);
• Obtain the necessary materials to create a barrier that renders certain "locatable" objects harmless and can be used when needed : a large roll of aluminum foil and a container (like a Tupperware) with a rubber seal on the lid. You can also buy a pouch identified as a "Faraday bag".
• Meet with interveners in neutral locations rather than in IPV resources (at the CLSC, for example), and prepare realistic pretexts for being in this location.

Technological self-defense tips: When leaving a violent partner

To be on the safe side, we suggest these steps be followed after leaving he home, but before arriving at a safe place or shelter, to keep its location confidential, ideally in a police station parking lot or in a public place to get help in case of danger.

• If part of a family sharing plan on mobile devices, delete the partner's account (if one is responsible for the account) or remove your account and those of your children from the family sharing plan (if one is not responsible for the account). If it's impossible to do this on a device (as is often the case if it belongs to a child), remove its battery (or discharge it completely) and avoid using it until the issue has been resolved;
• Disable the tracking functions on each device that can be tracked : cell phones, smartwatches, computers, tablets, iPods, electronic games, connected toys, etc. If necessary, remove the battery from the devices (or discharge them completely) to temporarily neutralize these functions;
• Visually inspect the car and belongings for GPS devices or other locatable items such as AirTag, Tile, AirPods or other devices;
• Use an application that detects Apple-tracked devices or Tile chips, to receive an alert if a device that doesn't belong to you moves with you;
• If a GPS, AirTag, Tile or other device is located, remove its battery to deactivate it, or wrap the item in aluminum foil (3 layers) and put it in a plastic container with a sealant on the lid to neutralize it.

Technological self-defense tips: After reaching safety

Before modifying anything, it's important to document any evidence of devices being compromised (keep screenshots, photos, locatable items, have a witness, etc.), as this could be a criminal offence that you may want to prove in court .

• Before you start, install anti-virus software and scan for viruses, spyware and malware to eliminate them from your devices and those of your children;
• Remove applications or programs that allow shared access to a device, such as Teamviewer and Anydesk;
• Restore default device settings, after backing up your data;
• Make sure you know the function of every application or program that remains on your device, and eliminate any unknown applications or suspicious files;
• Select the two-factor identification mode for all accounts you wish to keep (social networks, bank or credit card accounts, work-related accounts, certain e-mail accounts, etc.);
• Find out if unknown devices or those belonging to your partner are connected to your accounts, so that you can eject them (you can search for "connection activity" with the account name on the web to find out how);
• Change passwords, use a password manager or device (such as a Yubikey) to increase online account security;
• Close any accounts that you don't use on a regular basis (apps, online accounts like Uber, Amazon, etc.) and re-open new ones as needed;
• If you think that certain devices or services are still compromised, you can have them checked by your employer's IT department, in an electronics store, or with the provider of a service (e.g. cellular service);
• If necessary, to gather evidence and eliminate all risks, you can have your devices professionally appraised. This can be a fairly costly process, but can make it easier to lodge a criminal complaint, for unauthorized use of a computer or harassment, for example.