Why the Internet of Things Matters in the Fight Against Domestic Violence

Technology ramps up the potential for surveillance in the most intimate spheres of our lives — and we have no idea who’s watching

Advances in technology are both a blessing and a curse for the targets of domestic violence. New ‘smart’ technology can make it easier for them to contact help and document the abuse — but equally, it can be misused to monitor their activities, eavesdrop on their conversations and even track their location in real time. As everything from smart cars to smart kettles come online, both the benefits and risks to women targeted by abusers are magnified.

The misuse of technology in domestic violence cases is nothing new. In the pre-internet days, abusive partners would track their target’s movements by using telephone records and monitoring car odometers. As technology has evolved so too have the methods, but the underlying motive of control remains the same.

The real threat from a web of smart devices, or the Internet of Things as it’s often called, is not a change in the behaviour of abusers but rather the sheer scale of information which smart technology generates. Once upon a time, a phone number could be enough to get someone killed — so what does it mean for the targets of domestic violence when we move into a world where it’s possible for someone with access to the right devices to track every move, hear every breath, read every heartbeat on a screen?

In Australia last year there were 53,976 victims of assault related to domestic violence, and 95 murders. In four out of five of these cases, the victims were women. One in three Australian women will experience violence in her lifetime; one in four will experience violence at the hands of a current or former intimate partner. The impacts of domestic violence extend far beyond the immediate victim, impacting children, friends and family members and rippling through local communities.

A 2014 report from the US National Network to End Domestic Violence found that 97% of the organisations they surveyed, including domestic violence, trafficking and sexual assault programs, indicated that survivors they worked with were being targeted using technology. The actual number of people being monitored by abusers using technology is likely to be higher, as spyware can be difficult to detect.

“When we work with survivors, we suspect that spyware may be on a phone through a combination of things,” says Kaofeng Lee, Deputy Director of the NNEDV’s Safety Net program, “for example if the abuser seems to know a lot about what happens on the phone, they have had physical access to the phone, and other clues such as increased data usage or the battery running down quickly.”

In some cases even when a target realises that their abuser seems to have access to far more information than they should, it can be very difficult to determine exactly how they are getting it. It could be anything from spyware on the target’s computer and phone, to monitoring of social media and online bank accounts, to tracking and listening devices hidden in cars and children’s toys. Figuring out how a person is being spied on is often the first challenge in preventing it. As more and more devices in our lives become connected, with everything from our TVs to our shoes potentially collecting and transmitting data about us, this problem is likely to grow exponentially.

Take fitness wearables. On the face of it, a device which helps you to monitor your exercise, track your runs and record biometrics such as your heart rate and breathing seems innocuous enough. Seen from the perspective of an abuser, however, a fitness wearable is potentially the ideal surveillance device (second only to a smart watch, which includes all of the above plus a microphone and camera) because it knows when you take it off.

Contacting help is often very difficult for the targets of domestic violence because if their abuser discovers that they are trying to leave, the abusive behaviour may escalate. The period immediately before and after leaving is the most dangerous, and when the most murders occur. If you know your phone is being tracked in order to monitor where you go, you can still leave the phone somewhere innocuous to avoid raising suspicion whilst you walk across the street to a domestic violence service or women’s shelter. If you’re being tracked using a device which knows when you take it off, however, you’re in a more difficult situation — either there’s the risk that the abuser will see that you’ve been to the shelter, or they’ll see that you took the device off for half an hour, both of which could trigger suspicion.

To date data security on wearables is notoriously poor. At the Security Analyst Summit 2015 Kaspersky expert hacker Roman Unuchek demonstrated exactly how it was possible to hack into a fitness band and access the owner’s location tracking. Moreover as we have seen with cell phones, you don’t need to be a computer genius to stalk someone using their technology. A quick Google search turns up dozens of apps and devices designed to help you monitor your target via their phones, their computers and their cars, all with simple step-by-step instructions. It’s only a matter of time — and probably not even very much time — before similar spyware for wearables becomes readily available.

Where wearables are arguably only one step up from smart phones in terms of the potential for tracking or surveillance, other kinds of connected technology ramp it up to whole new levels. Ultimately you can throw away your phone or your FitBit if you fear its security has been compromised; if the compromised device is your home thermostat, however, or your water heater, your alarm system or even an embedded medical device like an insulin implant, disabling or getting rid of it is much more difficult.

Most of the more outlandish aspects of the ‘smart home’ promoted by technology companies remain shadowy future prospects, and many may never catch on with the general public. Rather than spending too much time worrying about smart toothbrushes, it is more important to focus on the connected devices which are likely to see mass adoption by consumers in the coming decade. A 2015 report by ‘smart home solutions’ company Icontrol Networks found that US consumers overwhelmingly favour security and home management systems such as self-adjusting thermostats as reasons to buy a smart home system. Of adults aged 25–34, the study found that over half claimed they intend to purchase connected cameras, thermostats and alarm systems in the next twelve months.

It just so happens that these two areas, security and home management, are also precisely the kinds of technologies which are best suited to enabling domestic abusers.

The surveillance potential attached to a home security system seems obvious enough — anything that can be used to watch for intruders to the house can equally be used to watch the people living in the house — but also consider the kind of data generated by a more harmless seeming device like a home thermostat. It knows when you go out; it knows when you come home; it knows who is in the house and which room of the house they’re in; it knows whether the lights are on or off; it even knows, in some cases, whether you’re awake or asleep.

“The problem — and it’s a good problem to have — is that most people don’t think like a psychopath,” says Jennifer Perry, CEO of Digital-Trust, an organisation dedicated to helping the victims of digital abuse. “They make these things and don’t think about other ways they could be used.”

There is sometimes a tendency for people outside the situation to reduce the problem to little more than the information which is uncovered — to ask, what does it matter if someone knows when you’re home, when you go to the gym or, soon enough, what time your kettle turns on and how many tomatoes are in your fridge? On the face of it that information appears banal enough, so who cares who knows it?

But the information itself isn’t the point, as Perry observes. The important thing is the inferences which an abuser might draw based on it.

“People have been murdered for changing their Facebook status,” says Perry. In an abusive or stalking situation, triggers to violence can be very small. It is not difficult to imagine a scenario in which, for example, an abusive ex-partner who still has remote access to his target’s smart fridge might notice that she is suddenly stocking beer, which she never drinks. The abuser might leap to the conclusion that there is another man in her life, leading to an escalation of his behaviour — with potentially violent or even fatal consequences.

None of which is to say that people should not use smart technology. We haven’t stopped using our phones or our computers just because they could be hacked, nor is it a straightforward case of technology being purely bad for the targets of domestic violence. Monitoring devices inside the home could provide a record of the abuse which might be used as evidence in court cases. Smart home alarms could be programmed to recognise the target’s voice, and to immediately call the police or an emergency contact when they use a particular word or phrase. There are already a variety of personal safety wearables on the market.

It’s not about trying to stop the use of smart technology, which only punishes victims and allows abusers to continue with impunity; it’s about promoting the safe use of smart technology. As with any issue which combines an entrenched social problem with a complex technical challenge, solutions to domestic abuse and surveillance using smart technology will have to be implemented at multiple levels, including:

1. Securing connected devices: Better security for connected devices would benefit everybody, regardless of whether they ever become a target of domestic violence. Data encryption, user authentication and regular security updates are all issues which will need to be addressed. The tech industry needs to recognise that an insecure Internet of Things poses real, life-threatening risks, and make security a top priority.
2. Technology training for anti-domestic violence practitioners: Anti-domestic violence groups and shelters are frequently under-funded, and struggle to find the time and resources to train staff on technological issues or keep up with the pace of technological development. There is also a lack of awareness amongst police officers and court officials about the impacts of technological abuse and how to address it. Often targets are told to simply stop using the technology which, in addition to often being unfeasible and ineffective, does not hold abusers accountable for their actions and allows them to continue to abuse with impunity. Professionals working on domestic violence cases need to understand how technology is misused by abusers and how to combat it.
3. Effective and enforced legal protections: Governments have a responsibility to ensure that legal protections keep pace with technological development, and that those protections which already exist are able to be meaningfully enforced. Law enforcement and prosecutors should also look beyond domestic violence laws to consider whether other laws, such as eavesdropping, criminal use of a computer or even privacy laws are applicable. The legal system needs to defend the rights of victims to use technology safely, and punish abusers for misuse.