Information for media
Definition
The Coalition Against Stalkerware defines stalkerware as software, made available directly to individuals, that enables a remote user to monitor the activities on another user’s device without that user’s consent and without explicit, persistent notification to that user in a manner that may facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence. Note: we do not consider the device user has given consent when apps merely require physical access to the device, unlocking the device, or logging in with the username and password in order to install the app.
Some people refer to stalkerware as ‘spouseware’ or ‘creepware’, while the term stalkerware is also sometimes used colloquially to refer to any app or program that does or is perceived to invade one’s privacy; we believe a clear and narrow definition is important given stalkerware’s use in situations of intimate partner abuse. We also note that legitimate apps and other kinds of technology can and often do play a role in such situations.
The scale of the issue
The Coalition considers stalkerware to be a growing problem.
Non-profit organizations are experiencing a growing number of survivors seeking help with the problem:
- Findings of the Second National Survey on technology abuse and domestic violence in Australia launched by WESNET with the assistance of Dr Delanie Woodlock and researchers from Curtin University, are that 99.3% of DV practitioners have clients experiencing technology-facilitated abuse and that the use of video cameras increased by 183.2% between 2015 and 2000.
- According to a study on cyberviolence in intimate relationships, conducted by the Centre Hubertine Auclert in France, 21% of victims have experienced stalkerware at the hands of their abusive partner and 69% of victims have the feeling that their personal information on their smartphone has been accessed by their partner in a hidden way.
- In Germany, for several years, Women’s Counselling Centres and Rape Crisis Centres (bff) have noticed an increasing use of stalkerware in conjunction with partner relationships.
- In the United States, stalking impacts an estimated 6-7.5 million people in a one-year period in the United States and 1 in 4 victims report being stalked through some form of technology, according to the Stalking Prevention Awareness & Resource Center (SPARC).
Cybersecurity companies are detecting a consistent increase in these harmful applications (Status Nov’ 2020):
- With Covid-19 spreading early 2020 and more and more countries going into lock-down to combat the pandemic F-Secure saw a significant increase in Stalkerware detections starting in March. While detections declined during early summer they shot up again towards the end of the holiday period and we noticed almost four times as many Stalkerware detections during August and September compared to the previous months. Cerberus is the most detected Stalkerware with 52 percent of the detections across unique mobile devices. Advertised as an anti-theft app it allows a stalker to hide on an Android device, prevent its deletion and also tracks the location of the device, takes pictures and screenshots as well as records audio.
- In 2019, Kaspersky detected a 67% year-on-year increase of stalkerware usage on its users’ mobile devices at a global level. The number of stalkerware installations worldwide during the first 10 months of 2020 (from January to October) totaled more than 48,500, which is close to the total (almost 52,000 installations) observed over the same period in 2019.
- According to Malwarebytes, while these apps have always presented a significant threat to users, the shelter-in-place orders that began taking effect in March 2020 resulted in a dramatic uptick in usage. Malwarebytes recorded a peak increase from January 1 to June 30, finding a 780 percent increase in monitor apps detections, and a 1,677 percent increase in spyware detections. Though detections waned starting in July, the numbers never dropped to their January levels. From January 1 to October 31, Malwarebytes recorded a 584 percent increase in monitor app detections, and a 1,044 percent increase in spyware detections. Overall, this represents more than 43,000 monitor app detections in the first 10 months of 2020.
- Additionally, a recent UK survey run by Certo Software shows that only 31% of people surveyed thought that spying on someone else’s phone was illegal.
Non-profit organizations are concerned about the trend:
- Clémence Pajot, Director, Centre Hubertine Auclert (France): “Stalkerware is an important source of danger and distress for victims. The Coalition is a great opportunity to bring together the expertise of the IT security sector and NGOs specializing in violence against women. This synergy on an international level will be fruitful to create the best solutions possible to protect victims.”
- Eva Galperin, Cybersecurity Director, Electronic Frontier Foundation (USA): “What I learned is that data leaks. It’s like water. It gets in places you don’t want it. Your friends and family give away information about you. You go to a party, somebody tags you as having been there. And this is one of the ways in which abusers pick up information about you that you don’t otherwise want them to know.”
- Alessandra Pauncz, Executive Director, European Network for the Work with Perpetrators of Domestic Violence (WWP EN): “The effects of cyber violence on women and girls are devastating, all-consuming and never ending, because they are part of a continuum of violence (offline and online) that deprives them of their freedom. We need to stop this. And we need to take these deadly weapons out of perpetrators’ hands. We need to start seeing stalkerware as a weapon and remove it!”
- Kim Tipsord, Executive Director, Illinois Stalking Advocacy Center (USA): “Stalking is unpredictable and can be dangerous which is why it is imperative for stalking advocates to thoroughly safety plan with their clients. The use of stalkerware in stalking cases often complicates efforts to safety plan with victims because it is often undetectable and even when stalkerware is suspected, there are often little resources available to remove stalkerware and prevent it from being reinstalled. Collaborating with the Coalition Against Stalkerware is an important first step to connect advocates and IT security professionals so we can work together to combat this growing problem.”
- Deborah J. Vagins, President and CEO, National Network to End Domestic Violence (NNEDV) (USA): “The National Network to End Domestic Violence (NNEDV) is thrilled to partner with the Coalition Against Stalkerware. Through the work of our Safety Net Project, we know that many victims of domestic violence experience harassment, monitoring, stalking, and fraud from partners who use stalkerware as a tool of abuse, which can have lasting impacts on survivors’ safety and security. As a founding member of the Coalition, we reaffirm our commitment to understanding and addressing this tactic of abuse and ensuring that everyone, including survivors, can use technology without fear of violence.”
- Horst Hinger, Deputy Managing Director, WEISSER RING (Germany): “As a victim support organization, we know that many people suffer from cyberstalking. Those who are affected rarely seek help, because they feel ashamed and blame themselves. Stalkerware victims suffer particularly because of the far-reaching digital opportunities that are available to abusers today. There are hardly any shelters left for victims when cyberstalking pervades their digital lives. This not only limits their quality of life but also creates a feeling of powerlessness and the sense that they are completely and utterly at somebody’s mercy. Even if stalking does not always leave visible scars, victims often suffer from strong psychological stress symptoms and we often help these types of survivors in our work. According to police crime statistics, there were almost 19,000 cases of stalking in Germany in 2018, 500 more than in the previous year. That is why we have developed the NO STALK app together with WEISSER RING Stiftung, to provide victims with an effective tool for documenting stalking. For us at WEISSER RING, it is important to offer support to those who are affected by stalking. We do so via the app to report on actions but mainly in personal conversations and support, for example, when we accompany them to the police. WEISSER RING is available to help over 700 stalking victims every year. Our civic engagement helps people rebuild their lives after being victimized.”
Stalkerware as a gendered problem
- The European Institute for Gender Equality’s 2017 research report, Internet Violence Against Women and Girls, states that “Seven out of ten women (70%) who have been cyber-stalked have also experienced at least one form of psychological or/and sexual violence by an intimate partner.” This is a continuation of the troubling trend of gender-based violence, facilitated by the misuse of technology and the Internet.
- More research is needed on the gendered nature of stalkerware. However, the data available to date clearly show that it is mostly women who are affected by this type of technology abuse, while men are most often the perpetrators of violence.
- The link between partner violence of gendered and technological abuse, e.g., through stalkerware, needs to be clearly echoed in policy, prevention, prosecution of perpetrators, and victim assistance, and accompanied by campaigns, training, and research that raise awareness.
Writing About Stalkerware
The use of stalkerware is one type of abuse (some prefer: intimate partner violence) that a survivor may experience, and can be one of the most pervasive. When giving advice and strategies to victims and survivors of stalkerware or speaking or writing about the subject publicly, it is crucial that you have some basic understanding of domestic abuse, as well-intentioned but ill-informed interventions can put the safety of victims at risk. A good place to learn about this is the website of NNEDV or those of similar organisations in other countries. Below, we list several of the most important safety considerations that must be kept in mind when communicating with stalkerware victims.
Intimate Partner Violence is rooted in power and control that goes far beyond jealousy. Survivors of abuse often feel as if they do not have many choices to leave, to seek help, or to know what to do, because of the control that their abuser often exerts over them. This includes leaving the relationship (or cutting ties with an abusive ex-partner) but also taking full control of their personal devices. Often times, leaving an abusive relationship or trying to take back control can be the most dangerous time for a survivor, and can often lead to violence or an escalation of violence. Often, survivors share not only a relationship but access to their devices with a partner, especially if they have shared accounts. While it may be good practice to not share a device’s pin code with anyone else, for many survivors it is not safe to refuse.
Security software, such as anti-virus, can play an important role in making a user aware of stalkerware being present on their device, but for many victims, removing the malicious software may not be safe, since abusers may be monitoring them and the abuse could escalate. It is often hard to detect stalkerware and suggesting a security lockdown may not be an easy solution to a complicated problem. This suggestion could also give a false sense of security.
For these reasons, it is important to remember that security software cannot serve as a one-size-fits-all “solution” for individuals who believe that stalkerware is installed on their devices.
If you or your organization are asked directly about “advice” or “suggestions,” you should be upfront: there is no single solution to this nuanced problem. Instead, for those who have questions or want to speak with an advocate, please connect them in the U.S. to the National Domestic Violence hotline or an equivalent organization in your country, and remind them that these resources should be accessed from a safe device.
It is also good to note that the distinction between stalkerware and other methods of tracking mobile phones (such as shared accounts or find-my-phone apps) isn’t always clear to users.
Because stalkerware often includes the ability to track the user’s browsing history and location, urging the user to go to the police, or telling them to visit a website for more information, isn’t always a good idea.
Finally, sometimes stalkerware is grouped together with spyware used by governments to spy on specific individuals (for example NSO’s Pegasus spyware). Though this is a big problem in itself, the methods and techniques available to governments are often considerably more sophisticated than those available to abusers who buy off-the-shelf stalkerware. Conflating the two could make stalkerware victims and survivors unnecessarily paranoid.
Report shows stalkerware is not declining
Nearly 30000 people globally were affected by stalkerware, accor...
Read moreCoalition Against Stalkerware calls on Apple to mitigate abuse of WiFi Sync
UK cybersecurity firm Certo, a partner of the Coalition Against ...
Read moreStalkerware maker fined in the US and required to notify victims
The Coalition Against Stalkerware is very happy with the news th...
Read more