This page is a draft. It may be missing essential content covering basic aspects of the topic. Do not rely upon it without input from more complete resources.

Do NOT follow the advice below if any of it will place you at risk of further harm should you be discovered. We are not domestic abuse experts and cannot make judgement calls regarding advisability of resisting the perpetrator given the prospect of further abuse. If you need further non-technical support, please reach out to one of the resources listed on this page.

Purpose of this guide is to help victims of technological domestic abuse resist surveillance and recover from privacy or security compromise by the perpetrators of abuse, whether romantic, familial or otherwise.
Technologically savvy perpetrators have more options than ever before to keep tabs on their victims, take away control or agency and continue abuse from afar. We will try to give you the tools and knowledge to resist technological aspects of the abuse, and once you're able to leave the abusive situation, recover from the privacy compromise.

Main takeaways Technology enables new avenues of domestic abuse. Beware of Stalkerware, programs designed to spy on you Internet connection control and Man-in-the-Middle attacks Account compromise Consider setting up a trusted computing environment, via Tails Once safely away from the perpetrator, follow the check-list to restore control over your privacy

Core assumptions

In this guide we are assuming following:

• The perpetrator is somebody who has physical access to you and to the devices (and potentially accounts) you use.
  • The perpetrator also controls your internet access, either by controlling the router or controlling the ISP account.
• The perpetrator is generally more technologically savvy than you.
• The perpetrator is willing to deploy technological measures that are generally unacceptable, such as tracking your location, monitoring your search history, compromising your social media accounts and so on.

But first

If you share the device you're reading this on with the perpetrator, DO NOT allow them to use your browser history to find out about your attempts to resist.
First, do the following:

• Open this page in Private Mode/Incognito Mode.
• Go into browser's options, and delete the browsing history for approximately last hour.

This will prevent them from finding this guide in your history and being aware of the advice you're following.

Methods and countermeasures

In this section we will survey and discuss most common methods of technology-enabled domestic and familial abuse.

Stalkerware

Potentially most concerning method the perpetrator could use is installing stalkerware, also known as creepware, on your devices. Stalkerware are apps and programs that are designed to keep track of another's person's activity and report it back to the perpetrator. Many of those apps masquerade as 'parental control' or 'employee monitoring' solutions, but most make little to no effort to limit the potential for abuse.
These are very difficult to counter as they are designed to be stealthy and avoid detection, much like any other malware. There are many stalkerware products, and new shady operations sprout all the time, that it is impossible to give useful method specific advice.

Thus, the best advice we can offer you is to trust your instincts. Does the perpetrator seem to know details and pieces of information that you've never shared with them? Do they inexplicably know where you've been or who you've texted? Do they know the websites you've visited?
If you answered any of those as yes, you may be a victim of stalkerware.

Countermesures

• If you can, do not give physical access to your device. Do not leave your device unattended.
  • Use a strong screen lock method, and do not use fingerprint scan or face unlock (as those methods are rather easily fooled). There is no substitute for a good password.
• Most stalkerware programs run in the background all the time, using your battery (on the devices that use battery). Be mindful of your battery performance, particularly if it suddenly drops.
• Stalkerware programs must send the captured data to the perpetrator. Therefore, look at your data (and WiFi) usage and look for unusual patterns, like apps you don't know suddenly sending a large amount of data.
• Look for apps that you don't know and have permissions that you do not remember granting.
• Remove the apps you do not use. This will narrow down the list of apps that the stalkerware hides under.

Canary trap

One method of narrowing down how and were you're being spied upon is the use of so-called 'canary trap'.

The basic idea is that you give different version of an event, document or a plan (bait) via different methods of communication and see which one the perpetrator brings up. For example, if the perpetrator is attempting to control your social life, you might text one friend about plans to meet up for drinks, and email a completely different one to meet up for coffee at the same time. If the perpetrator now brings up you going for drinks, you know they're monitoring your texts, and probably not monitoring your email.

Device specific giveaways

Android

On Android, most stalkerware apps will not be found in the Play Store, as the are likely to be removed by Google upon identification. This means that most of the time, the perpetrator has to install an external app from so-called 'Unknown sources'. Normally, when you try to install an external app, Android phone will prevent you from doing so, unless you enable it in the settings before installing the app. Look for a setting called 'Unknown sources', and see if it is enabled for you. All Android phones come with it being turned off by default, so if it is on for you, and you did not enable it yourself, the perpetrator may have enabled it to facilitate installation of stalkerware.

iOS

Apple, like Google, also actively removes stalkeware apps from its store. To install external apps on iOS devices, generally the device has to be jailbroken (basically, unlocked to enable non-Appstore apps. Most jaibroken devices have an alternative app store on it, called Cydia. If your device has Cydia on it, but you did not jailbreak the phone and install Cydia yourself, you might be a victim of stalkerware.

Should you remove stalkerware?

We cannot say, given that this depends on your personal circumstances. The perpetrator is very likely to notice this, and if attempting to resist may result in further abuse, it may not be advisable.
Remember that in most jurisdictions wiretapping is a serious crime, it may be worth it to keep the stalkerware on the device as evidence.

Even if you cannot remove the stalkerware, just knowing it is there empowers you to make better decisions about your situation.

Connection monitoring

Account compromise

Setting up a safe computing environment

While we cannot possibly anticipate every exact combination of technology-enabled domestic abuse you may face, we can help you set up a safe working environment that you can use for your essential computing needs without the fear of being spied upon or intercepted by the perpetrator.
The basic idea is that we will setup a portable computing environment consisting of an operating system and persistent storage on an encrypted USB device. This portable computing environment will be protected by strong encryption and designed to resist even the most capable adversary. It may look a bit daunting, but if you persist, you will finally have one way of accessing the internet in a way that you can completely trust (as long as you keep your encryption password secret).

About Tails

To achieve this, we will rely on the excellent work of the Tails project. Their objective is to produce a safe computing environment for journalists, activists, human rights defenders and domestic abuse survivors. You may read more about the project on their website, but in short Tails:

• is discreet - it leaves no trace on the computer it is used on. It does not write to the hard disk, it does not leave your files or browsing history behind. Even the most skilled computer forensics professional would struggle to prove that Tails was ever used on a particular computer.
  • it does, however, leave trace on the computer where it was initially installed to the USB; remember to delete any downloaded files and to delete your browsing history or try to install it using the computer from a trusted friend
• protects your connection - all traffic to and from Tails is protected by the TOR anonymity network; it leaves not trace on the router or DNS server you're using, even if they're monitored
• strongly encrypted - once you shut down the computer that is using Tails, getting the data on the USB stick without knowing the password is, for all intents and purposes, impossible
• separate from your compromised computer - because all the files that Tails needs to run are on the USB device which you control, it does not matter if the device you're using it on is riddled with stalkerware; Tails uses it's own trusted operating system, and can be used safely on computers that are actively monitored
  • because all the contents are encrypted, it also cannot be tampered with while in the shut down state
• amnesiac - by default, when shut down after use, Tails will forget and discard all the files that may have been generated (such as browsing history) which leaves less opportunity to somebody to compromise you further should they obtain your encryption password
  • you can, optionally, set it up to remember certain files. This is called persistence. It is generally safe to enable persistence (those files are encrypted as well), but if you do, you have to be sure to not disclose your encryption password

This point cannot be overstated, but everything really depends on the strength of the encryption password you select while creating a Tails USB stick. If you reuse a password that the perpetrator knows, you will be putting yourself at risk (particularly if you use persistence). For advice on how to come up with better passwords, see Passwords#Choosing_better_passwords.

Installing Tails

Rather than reinventing the wheel, we will instead point you to the excellent installation guide maintained by the Tails project itself.
https://tails.boum.org/install/index.en.html

Using Tails

Using Tails is much like using any other desktop operating system. You have access to a browser, email client, and an office suite. You can connect to all your normal online services. It may look slightly differently, but don't let that intimidate you. 95% of the normal use of Tails is same as Windows or Mac.

Taking back control and reasserting your privacy rights

Closing thoughts

Although facing a perpetrator of domestic abuse is always difficult, please remember that domestic abuse is primarily and (anti-)social problem. No amount of technological knowledge and intervention can solve the fact that perpetrator is committing a crime by wiretapping your communications and that you may benefit from help by specialist services with resources and knowledge to help you in dealing with the perpetrator.

In this guide we've tried to equip you regarding technological aspects of domestic abuse but more help is out there. Seek it and reach out. Do not let the perpetrator control you.
Good luck, and thank you for indulging us.