So, You Wanna Build an App? App Security

This post is part of the “So You Wanna Build an App” series. The other posts include: “What to Consider Before Developing an App,” “Know Your Audience,” and “Safety First.” This series is based on lessons we learned when developing the NNEDV Tech Safety App, and in reviewing dozens of apps created for victims of domestic violence, sexual assault, and stalking. Our reviews can be found in the App Safety Center.

 In the “Safety First” post, we talked about how to minimize risks for users when you build the app. Another concern that app developers must be aware of is security—both security of the app itself and security of the data that the app collects from users.

Minimize User Data & Secure What You Store

User data can include anything from asking users to create an account with a username and password to asking users to upload and store evidence of abuse. The first step to data security is to only collect the information needed in order to provide the service. Don’t ask for data you don’t need. For example, some apps require users to create an account when there is no obvious need for an account. Other apps require access to information on the device, such as the user’s contact list and calendar, even when that information has no relevance to the functionality of the app.

Also remember that some types of data are more sensitive than others. Sensitive data includes personally identifying information like name, birthdate, location, health/mental health information, and documentation of abuse. The exposure of sensitive data can have dangerous consequences for the survivor if it’s discovered by the abuser. For this reason, securing sensitive data from unintentional disclosure is crucial.

Develop your app in a way that doesn’t require users to share personal information, or that offers users multiple ways they can opt into or out of sharing personal information. For example, some safety apps allow users to contact someone through the app. Develop the app in a way that lets the user manually type in the contact information, rather than requiring that the app be connected to their contact list. Also remember - if your app is designed so that it can inform 2 or 3 contacts when the survivor needs help, the app does not need access to the entire address book. This is also helpful, because some users may want to input a safety contact, such as their domestic violence advocate or private attorney, who isn’t in their contact list.

App Security

For apps that collect no or minimal data from their users, the security issues are more about the app itself. Some apps are built to function fully on the device, where all the content is accessible via the downloaded app. Other apps require users to retrieve information online. Depending on how the online content is hosted, if someone was covertly watching the internet traffic, they might be able to find out the names of the websites and other content that’s being accessed. Think about where your online content is hosted and how that information is retrieved. As an example, in order to protect survivors, all of the videos on our Tech Safety App are hosted on a secure server, and the files are named in a way that obscures what they are in case someone is covertly watching the internet traffic.

Have a Security Framework and Policy

Anytime you ask users to share personal information with you, you need to know (and let them know) how you’ll keep that data secure. The security framework should encompass every level of engagement – from the time they share their information (account creation, uploading/downloading content) to when you store that information (on secure and encrypted servers) to how (and how often) you destroy content. Your security policy should be clear, and posted where users can easily review. It should also be very clear about when and how you might share their information with third parties such as law enforcement or courts.

Educate Users on Security

If your app encourages people to use third-party cloud storage like Dropbox to store personal information gathered via your app, provide tips and education on good security practices. Where appropriate, teach users to use strong passwords and multi-factor authentication. The better they understand the risks, and how to minimize those risks, the better they can navigate them and develop stronger safety strategies.

Thanks for reading this blog series! If you’re still curious for more, you can find great information on our website:

·       Technology Safety and Privacy: A Toolkit for Survivors

·       Agency’s Use of Technology: Best Practices & Policies

·       App Safety Center

Speaking of apps – check out NNEDV’s Tech Safety App! DC-based company 3Advance developed the CMS infrastructure and created the multi-platform mobile apps to bring to life the NNEDV Tech Safety App. If you’re an app developer or a victim service provider working with an app developer, be sure to check out our Considerations for App Developers resource!

So, You Wanna Build an App? Safety First

This post is part of the “So You Wanna Build an App” series. The other posts include: “What to Consider Before Developing an App,” “Know Your Audience,” and “App Security.” This series is based on lessons we learned when developing the NNEDV Tech Safety App, and in reviewing dozens of apps created for victims of domestic violence, sexual assault and stalking. Our reviews can be found in the App Safety Center.

Minimizing safety risks for victims of abuse who use your app is a daunting but crucial process. Remember that survivors may be in crisis, in danger, or have someone monitoring their device when they’re using your app. This post discusses how you can address and minimize some of these safety risks.

Your App Could Be a Safety Risk

Victims of abuse are most at risk when they attempt to leave their abusive partner or try to limit the abuser’s control. Simply having a safety app on their device could indicate that the victim is seeking information or help, and the abuser could escalate his/her control and abuse. While you can’t remove that risk entirely, it’s important to consider ways you can address and minimize those risks.

Inform the User

The first step is to inform the user of possible dangers and risks they might face if they download your app. Some survivors may be aware that their devices are being monitored and know to be careful about what they download, but others may have never thought that about risk before, and may not have considered that the abuser may see the app and discover that they are seeking help.

This reminder should take place before they download the app. It should be noted in the app store description, and in other places that describe the app. For example, the Tech Safety App provides notices about potential monitoring by abusive partners and suggests that users only access the app from a safer device. These notices are available on the app’s informational website, in the app description in both the Apple App & Google Play stores, and as part of the onboarding process after someone downloads the app. These reminders both inform potential users of the related risks when downloading the app, and encourages them to wait until they are on a safer device.

Other Safety Strategies That May or May Not Work

·       Quick Escape – Most websites for survivors of abuse have a “Quick Escape” or “Exit” button so that they can leave the site quickly if they’re worried that someone is monitoring their internet use. However, this can be a challenge for apps, since having an exit button can take up valuable screen space. It’s also unnecessary because it’s often very easy to quickly close an app. Since building an “Exit” button throughout an app isn’t practical, the best way to inform users of possible monitoring is to inform them before they download the app.

·       Disguised Apps – Some apps have been designed to look like something else, such as a news app or a calculator, but are actually apps to help domestic violence or sexual assault survivors. While it might be helpful for the icon to be disguised so that it doesn’t raise the suspicions of an abusive partner, there can also be significant challenges with this strategy. The Apple App Store doesn’t allow these types of apps, or they require an explanation of what the app actually is in the app description, which may defeat the purpose of it being disguised. App users also won’t be able to find the app unless they know exactly what it’s called and what the icon looks like. If the icon changes as a part of the update process and the survivor doesn’t notice, this may make the app hard to find, or may lead to accidental deletions. Survivors may also forget the fake name if they download the app and don’t use it regularly, making it difficult to find in a time of crisis.  Moreover, if someone happens to open the app on the phone, they’ll know that it isn’t whatever the app is pretending to be.

In some cases, app developers may actually build the disguised app and hide domestic violence/sexual assault content within the app. While this might minimize the risk of someone opening the app and immediately seeing the domestic violence/sexual assault content, it might be harder for users to access hidden content easily and quickly.

·       Passwords – Some apps will use a password to protect the app (or parts of the app) so that only someone with the password can access it. This strategy does work to a certain extent, particularly if there’s private or sensitive information the survivor wants to keep protected in case someone goes through the device. Just keep in mind that a password protected app might raise the suspicions of the abusive person if he or she is used to having full control over the device. This strategy might be best for someone whose abuser generally doesn’t have access to the device, but who wants additional privacy protection for the information she/he is accessing or storing. Having this as a security option rather than a default setting can be helpful for survivors, because it lets them individualize the app based on their unique circumstances.

Be Aware of Unintentional Access to App Content

There are many ways that app content can be accessed without the knowledge of the survivor, simply by the way the device may be connected to other technologies. For example, some devices are set up to automatically connect to smart TVs, speakers, or cars via Bluetooth. If your app contains multimedia, build the app so that files don’t automatically start playing when the device connects to a speaker or other technology. Also consider naming multimedia files in a way that doesn’t reveal anything if someone happens to see the file name on a media player.

Safety and Privacy When Collecting Sensitive Information

Some safety apps encourage users to store personal information either on the app itself or to the cloud via the app. This might include contact information, a journal logging the abuse, and photographic/video/audio evidence of abuse. It’s critical that users of these apps are notified of the related safety risks involved in storing information this way. If the information is stored on the device, users should be warned that anyone with access to the device might be able to see the content.

Additionally, if your app collects and stores any private information connected to its users, you should have a privacy and security policy that clearly explains what information the app is collecting, why it is being collected, and who has access to it. If your app is using a third-party service to store the information, or if it shares the information with another company, it’s vital to let users know how to find that third-party’s privacy and security policies.

In cases where personal information is being stored on the user’s own cloud-based service, such as Dropbox, they should be notified of the related privacy and security risks. Many users don’t know how easily cloud-based services can be accessed. If the abusive person knows the victim’s password or has access to a device the account syncs with, all of the information stored could be easily accessed, manipulated, or deleted. If your app encourages users to use their personal cloud storage service, provide them with information about how they can increase their privacy and security when using these services.

Speaking of apps – check out NNEDV’s Tech Safety App! DC-based company 3Advance developed the CMS infrastructure and created the multi-platform mobile apps to bring to life the NNEDV Tech Safety App. If you’re an app developer or a victim service provider working with an app developer, be sure to check out our Considerations for App Developers resource!

So, You Wanna Build an App? Know Your Audience

This post is part of the “So You Wanna Build an App” series. The other posts include: “What to Consider Before Developing an App,” “Safety First,” and “App Security.” This series is based on lessons we learned when developing the NNEDV Tech Safety App, and in reviewing dozens of apps created for victims of domestic violence, sexual assault, and stalking. Our reviews can be found in the App Safety Center.

 If you’re building an app for survivors of abuse, your mantra should always be: first, do no harm. Survivors of abuse may be using your app in the middle of a crisis, or while looking for help to escape a violent situation. Although you can’t predict how someone will use your app, you can minimize harm by building an app that takes the unique needs of your audience into consideration. Below are some tips for doing just that.

Don’t Create a False Sense of Security

Because survivors may rely on your app to help them find safety or to get time-critical information, the app needs to work as it’s intended. Unfortunately, many apps that have been created for survivors are so complex they often don’t work the way the designers intended. We tested dozens of apps whose sole promise was to locate a victim when they’re in danger, but many of them didn’t always show exact location. Sometimes it was off by a few houses and sometimes it was off by a few miles. If your app promises personal security and safety as a key function, you have to make sure it works accurately every time, and in every environment (rural/suburban/urban).

Don’t Overpromise

Carefully market your app, and be sure not to imply that it does more than it’s actually able to. We’ve seen many safety apps created for victims of abuse that are marketed with claims that are blatantly false, and that (unethically) try to appeal to the victim’s need for safety. Some of these marketing ploys include: “#1 Prevention of Sexual Assault!”, “You’ll never be in danger again,” and “It’s like having a police officer in your pocket.” Even though the developers may have had good intentions, not only are these claims unrealistic, they can be dangerous if someone were to accept them as true.

Such claims may keep the user from thinking through other safety measures they could take. If users believe that your app is the only safety strategy they need, you’ve likely created a false sense of security that can result in unintended danger to the victim. Moreover, if someone has the app and does get assaulted, it can contribute to victim blaming – accusations that the victim had a safety app that could have prevented the assault, if only they’d used it properly. Simply put: don’t tell victims the app will keep them safe. There is no app that can stop an abusive partner from trying to harm their victim – the only thing that can stop that from happening are abusers themselves.

Be Accurate About Your Information

Because the app is created for someone who might be in danger, make sure that the information in your app is accurate. Resources should link to accurate phone numbers or websites, and be appropriate for your intended audience. For example, if your app is for victims of domestic violence, list local domestic violence programs in the resources section, rather than listing general health services. Remember that even if your app is meant for a specific location (such as your city) or population (such as teens), anyone can download the app, so resources should be applicable to all users (you can include the National Hotline in addition to the local hotline numbers), or clearly state who can use the resources. Double and triple check the information you’ve listed (websites, phone numbers, and other contact information) to make sure it’s correct, and make this a part of your ongoing maintenance plan.

Be Accurate in Your Language

If you don’t have expertise in the dynamics of domestic violence, sexual assault, or stalking, work with experts in those respective fields to develop your content and to ensure your language is correct and appropriate. Domestic violence, sexual assault, and stalking are all very nuanced issues. Users of your app could be in a traumatized state of mind when they’re using your app, and your content needs to be sensitive. Victims may not yet have the words or definitions to explain what they’re experiencing, and the way you describe it may have a major impact on their understanding. Work with domestic violence, sexual assault, and stalking victim experts to help you write content that is appropriate.

 Speaking of apps – check out NNEDV’s Tech Safety App! DC-based company 3Advance developed the CMS infrastructure and created the multi-platform mobile apps to bring to life the NNEDV Tech Safety App. If you’re an app developer or a victim service provider working with an app developer, be sure to check out our Considerations for App Developers resource!

 

So, You Wanna Build an App? What to Consider Before Developing an App

This is the first post in a series for victim service providers who are considering developing an app. In this post, we’ll talk about whether an app is the right platform for what your agency wants to do. The next posts will be: “Know Your Audience,” “Safety First,” and “App Security.” This series is based on lessons we learned when developing the NNEDV Tech Safety App in reviewing dozens of apps created for victims of domestic violence, sexual assault, and stalking. Our reviews can be found in the App Safety Center

As more survivors are using smartphones and downloading apps, many local domestic violence and sexual assault programs are considering whether they should build an app. There are many reasons why they might want to—apps give users immediate access to information and can harness built-in features of smartphones (like GPS), giving additional safety tools to survivors. However, before starting the development process, there are lots of things to think about. This series discusses key issues and concerns programs should consider before developing an app.

Is an App the Best Format?

It’s important before developing an app to assess if it’s really the best medium for what you want to accomplish. There are many innovative ways to distribute information without developing an app (like websites, podcasts, and videos, to name a few). Another reason why you might want to develop an app is because what you want to accomplish requires the unique benefits smartphones and tablets offer, like GPS, messaging, video cameras, and audio recorders. Or perhaps your goal is to make use of the immediacy apps offer. Most people have their phones with them all the time, so if you want to create something that will be at someone’s fingertips anytime they need it, an app may be the way to go.

Is Your Idea Unique?

So now that you’ve looked at whether an app is the best way to help you accomplish your goal, it’s time to find out if your idea already exists. Even though you may think your app is unique, take the time to do some research and check the app stores to see if similar tools already exist. Creating an app is a very resource intensive process (as you’ll find out in the paragraphs below), so the one you want to build should be different or add new value to what’s already out there. If it doesn’t, consider holding off or going back to the drawing board.

Will the App be Useful?

Your primary goal shouldn’t be to build a cool, new tool (though of course those are important characteristics), it should be to create a useful resource for survivors. To do that, you’ll need to evaluate whether survivors will find your app useful. You can do this by talking to potential users and asking what it is they would find helpful in an app - organizing a focus group is ideal. By doing this, you can identify what will be important for survivors (again, ensuring that it’s not something that already exists, or can actually be done easier in a different format).

Apps are Expensive & Require Ongoing Maintenance

Creating apps—the good ones, anyway—can be an expensive undertaking. To build an effective, functional, and useful app, you could spend more money than what you’d pay to create a new website, implement a communications campaign, or in some cases even hire a new staff person. Building an app is more than just coming up with the content that goes into it. You’re building a product that requires the work of engineers, designers, and project managers with specific expertise.

Depending on what you want your app to do, you’ll need to factor in the costs of your staff’s time, developer fees, and app management/upkeep expenses. (As a reference point, in building our Tech Safety App our development team included an iOS developer, an Android developer, a database builder, a graphic designer, and a project manager.) And that’s just what it takes to create the app.

Apps also require a commitment to ongoing maintenance and regular software updates. The level of maintenance an app will need depends on the kind of app you create. Each time there’s a major operating system update to iOS, Android, or any other platform your app is available on, you’ll need to roll out a new update to keep it working.

The Key to it All

Most importantly, any app that is intended to be used by survivors should prioritize safety and privacy. If your app creates safety or privacy risks for survivors, those risks will likely outweigh any potential benefit, and could potentially put survivors in danger. To learn more about how to prioritize privacy and safety in the app you create, be sure to check out our upcoming posts in this series: “Know Your Audience,” “Safety First,” and “App Security.”

Speaking of apps – check out  NNEDV Tech Safety App If you’re an app developer or a victim service provider working with an app developer, be sure to check out our  Considerations for App Developers! **

It’s a Wrap!! Another Successful Tech Summit in the Books!

Last week we welcomed almost 300 people to our 5th Annual Technology Summit in San Francisco. For four days we laughed, strategized, and built new ways to think and talk about how privacy and tech safety impact the lives of survivors of abuse and harassment.

We had over 30 brilliant and passionate presenters from around the world, including representatives from Google, Facebook, Twitter, Snapchat, Uber, Mozilla, and Niantic. A wide array of content was presented, such as: the Internet of Things, the intersection between technology and human trafficking, cutting edge technology legislation, online gaming and dating, teens and tech, innovative uses of technology to address abuse, and many more.

In addition to our world class presenters, this year we had our largest group of participants ever, including from partner agencies in Australia, Finland, the Netherlands, and Canada. Technologists, advocates, lawyers, and survivors enriched the conversation as participants and presenters. Many participants came from programs providing emergency shelter, transitional housing, non-residential services, and crucial legal assistance. Others teach coding and tech skills to survivors to help them gain financial freedom. All of them make a difference every day.

Throughout the conference, participants discussed all aspects of Technology Safety for survivors, including:
·         How abusers misuse tech,
·         How survivors can strategically use tech to maintain their safety and privacy,
·         How agencies can use tech to increase accessibility and ensure privacy, and
·         The importance of designing technology with survivors in mind.

At NNEDV we work and play hard, and the 2017 Tech Summit was no different. Receptions, dinners, snacks, networking opportunities, and informal discussions provided a chance for participants and presenters to connect and collaborate. Tech Summit is ultimately a tech conference, so we also had ample time to try out tech, including learning how to opt-out of data brokers at our Opt-Out Station and testing out the virtual gaming system, Oculus.

We are thrilled that the conference was a success and we look forward to taking back many great ideas on how to make next year’s conference even better. The conference was filled with ideas on how technology safety can improve the lives of survivors of abuse and harassment. We are excited to provide that information in the coming year through technical assistance, new written materials, and our ever expanding training catalogue.

We are already gearing up for Tech Summit 2018, so send along ideas for what you want to see in 2018! If you were unable to join us for Tech Summit this year, you can see a little of the fun by looking at the Program Book, checking out our Storify and Twitter Moment feeds, or by searching for #TechSummit17 and #TechSafetyMeans: 
·         On Twitter: #TechSummit17 and #TechSafetyMeans
·         On Instagram: #TechSummit17 and #TechSafetyMeans
·         On Facebook:  #TechSummit17 and #TechSafetyMeans

¡¡La App de Seguridad Tecnológica: ¡Actualizada y Ahora en Español!! / Updated Tech Safety App Launches in Spanish!!

¡Estamos muy emocionados/as de anunciar el lanzamiento de la versión en español de la App de Seguridad Tecnológica! Esta app educativa móvil les explica a sus usuarios/as cómo las formas particulares de tecnología pueden ser abusadas para acosar y acechar a alguien, lo que se puede hacer cuando suceda y cómo mejorar la seguridad y la privacidad.

La versión actualizada ahora tiene todo el contenido, incluyendo el texto y el audio, en español. También es más accesible, según las recomendaciones de usuarios/as del Instituto de Justicia Vera que la probaron, a quienes les agradecemos muchísimo por su apoyo durante el proceso de pruebas. También hay una versión nueva de la app en un sitio web para que haya acceso a todo el contenido de la app en línea, algo que le puede ser especialmente útil si alguien no cree que sea una opción segura para él/ella descargar la app. Además, la app ahora está optimizada para tabletas para una mejor experiencia en la pantalla más grande.

Esta app educativa y de recursos explora seis categorías: el acoso, la suplantación de identidad, la seguridad de los teléfonos celulares, la seguridad de los aparatos, la seguridad y la localización y la seguridad en línea. Bajo cada categoría, se proporciona más información con explicaciones específicas sobre lo que alguien puede hacer si están siendo acosado/a y sugerencias sobre la privacidad que se ofrecen para aumentar la privacidad y la seguridad. La app también incluye recursos adicionales sobre la cómo documentar el abuso, hablar con un/a intercesor/a en un programa de violencia doméstica, contactar a la policía, conseguir a un/a abogado/a y adónde llamar para conseguir ayuda.

La App de Seguridad Tecnológica fue creada por el Proyecto Red de Seguridad de NNEDV, que tiene más de 15 años de experiencia trabajando en la intersección de tecnología, seguridad y abuso. Red de Seguridad les ha proporcionado consejo experto, capacitaciones y consultas sobre este asunto a miles de sobrevivientes de abuso, proveedores/as de servicios para víctimas y compañías de tecnología. Esta app es otra manera de poner información en manos de sobrevivientes y añadir una versión en español con más accesibilidad les ayudará a más sobrevivientes y profesionales a utilizarla. La App de Seguridad Tecnológica fue creada con fondos de la Oficina para Víctimas de Crimen (OVC) de la Oficina de Programas de Justicia de la Iniciativa Visión 21 del Departamento de Justicia. 3Advance, basado en DC, desarrolló la infraestructura de CMS y creó las apps móviles multi-plataformas.

Si cree que alguien está monitoreando su teléfono o tableta, en vez de descargar la app, es mejor conseguir acceso a la información de manera más segura en línea. También hay una versión de la app en un sitio web en www.techsafetyapp.com donde es posible leer todo el contenido de la app en línea, algo que le podría ser especialmente útil si cree que descargar la app no es una opción segura. Para más información sobre la app, visite TechSafetyApp.org. También se puede encontrar información legal sobre estados específicos e información sobre la inmigración federal en español e inglés en WomensLaw.org.

-----

We are excited to announce the release of the Spanish language version of the Tech Safety App! This educational mobile app walks users through how particular forms of technology could be misused to harass and stalk someone, what can be done about it, and how to enhance safety and privacy.

The updated version now has all content, including both text and audio, in Spanish. It also has increased accessibility, based on recommendations from test users from the Vera Institute of Justice, who we thank profusely for their support throughout the testing process. There is also a new website version of the app so the entire app content can be accessed online, which is especially helpful if someone does not believe that downloading the app is a safe option for them. Additionally, the app is now tablet-optimized for better experience on the larger display.

This educational and resource app explores six categories: harassment, impersonation, cellphone safety, device safety, location safety, and online safety. Under each category, more information is provided with specific explanations about what someone can do if they are being harassed, and privacy tips are offered that can be used to increase privacy and security. The app also includes additional resources on documenting abuse, talking with an advocate at a domestic violence program, contacting police, getting an attorney, and where to call for help.

The Tech Safety App was created by NNEDV Safety Net Project, which has more than 15 years of experience working on the intersection of technology, safety, and abuse. Safety Net has provided expert advice, trainings, and consultation on this issue to thousands of survivors of abuse, victim service providers, and technology companies. This app is another way to get information into the hands of survivors, and adding a Spanish-language version and increasing accessibility will enable more survivors and professionals to use it. The Tech Safety App was funded by Office for Victims of Crime (OVC), Office of Justice Programs, Department of Justice Vision 21 Initiative. DC-based 3Advance developed the CMS infrastructure, and created the multi-platform mobile apps.

If you believe that your phone or tablet may be monitored by someone else, take caution before downloading the app and access the information online in a safer way. There is also a website version of the app at www.techsafetyapp.com where you can access the entire app content online, which is especially helpful if you believe downloading the app is not a safe option. For more information about the app, visit TechSafetyApp.org. You can also find state-specific legal information for survivors and federal immigration information in Spanish and English on WomensLaw.org.

This app was funded through award #2014-VF-GX-K017 from the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice (DOJ). The opinions, findings, and conclusions or recommendations expressed are those of the contributors and do not necessarily represent the views of DOJ.

To Us, #TechSafetyMeans…

Technology allows us to quickly and easily connect with other people. Technology can be a valuable resource for survivors, granting them access to information, resources, emergency services, and networks of support. However, technology is also often misused by perpetrators to stalk, harass, and control victims. For example, offenders can manipulate technology to track and stalk victims. They can also install spyware on survivors’ devices to secretly monitor and harass them. By hacking or inappropriately accessing a survivor’s webcam, hard drive, or online accounts, abusers can gain access to personal information which can be used to locate the survivor or as blackmail.

The Safety Net project at the National Network to End Domestic Violence (NNEDV) addresses the intersection of technology and domestic violence, stalking, sexual assault, and dating violence. Since technology permeates many aspects of our lives, we at NNEDV strive to ensure that survivors and advocates can utilize technology safely, effectively, and securely.

To us, #TechSafetyMeans...

  • Supporting survivors at the local level.
  • Making connections and serving survivors through strong statewide networks.
  • Advocating for privacy and digital safety at the national level in government, with tech companies, and other allied agencies.
  • Ensuring survivors know how to safeguard their privacy and maintain safety on all their devices.
  • Creating communities where perpetrators cannot use technology to their advantage.
  • Advocating for change that benefits all survivors!

What’s the Deal with Snap Map?

snap map image

Snapchat recently released a new feature called Snap Map. It was immediately met with a flurry of negative feedback and concerns for user privacy and safety. As with any technology, device, platform, or service, new features can have an unexpected impact on user safety and privacy. The following is our assessment of potential privacy issues and possibilities for misuse within Snap Map.

The Snap Map feature allows users to share their location with other friends on Snapchat and to share Snaps on a map. The ability for others to see your location can definitely sound a little creepy, particularly if you’re concerned about your privacy. While there are a few things to consider and be aware of to protect your privacy, there are also a few features that make us a little less worried about Snap Map.

1.     The user controls the feature, and therefore controls their privacy.
Snap Map is an opt-in feature, not an opt-out feature; meaning it is off by default until a user chooses to turn it on. Opt-in by default is an important safety feature, but it is noteworthy that a person with access to the account could still turn on location sharing without the account owner’s knowledge. Because of this, it’s important that users know how to find the location sharing setting so that they can check to see if someone has turned it on without their permission.

2.     Users also control the audience, even if the feature is on.
If you choose to use Snap Map, you can keep it in Ghost Mode. Ghost Mode means that your location isn’t shared with anyone at all, but that you are able to see yourself on the map. You can also choose between sharing your location with all of your friends, or with just a few select friends. Ghost Mode is the default setting when you have opted into using the Snap Map feature, that way you don’t share your location with anyone unless you choose to, even if you open the feature to check it out. If you decide to no longer share your location, even with a few selected friends, you last location is removed from the map.

3.     Submitted Snaps don’t show username, but images can still be identifying.
You can submit a Snap to “Our Story” to be shared on the Snap Map, although not all submitted Snaps are accepted to be on the Snap Map. Ones that are accepted do not show the username of the person who submitted it, but it will show up on the Snap Map at or near your location. Certain information in the Snap could make it more identifying (signs or landmarks can identify exact location, and clothing or tattoos can identify a person, even if their face isn’t shown). Also, users should be aware that Snaps submitted to “Our Story” may show on Snap Map regardless of their chosen location setting. This is important to consider, especially if other people are in your Snaps and you don’t have their permission to share.

4.     Notifications for the win!
We are always fans of user notifications when there is a feature that could be a potential safety and privacy risk. Snapchat will send reminders if location sharing has been left on for a period of time; making sure that users know their location is being shared. These notifications can also greatly decrease the chance that someone could turn on someone else’s Snap Map without their knowledge.

5.     When you’re sharing, you’re always sharing.
It’s really important to understand that once you opt-in and choose an audience to share your location with, that audience will continually be able to see your updated location every time you open the app, whether or not you are engaging with them or sending anyone a Snap. This might be the biggest concern, since if people don’t clearly understand this they may inadvertently share their location without realizing it.

Overall, Snap Map definitely makes it easier for people to share—and to receive—information about another person’s location. As with similar features on other platforms, users should be cautious and make informed, thoughtful decisions on how to protect their privacy; including if, when, and how they use it. It’s also really important to consider the privacy of others. You might not know what could be a safety or privacy risk for each of your friends, so you should never share images, videos, or location information about others without their consent. The good news is that this feature does have some built-in privacy options and gives users control over what is shared. Learn more about manage your location settings in Snap Map and check out SnapChat’s Approach to Privacy

NNEDV Resource Highlight: Safety on Social Media

Social Media Harassment
Online Harassment

It’s Social Media Day!

 

Technology, including social media, has a major impact on survivors of domestic violence, stalking, sexual assault, and dating violence. While it can be used to access resources, remain connected to family and friends, and hold offenders accountable, it can also be misused by perpetrators to abuse, harass, stalk, and harm victims. 

NNEDV’s Safety Net project provides resources for survivors to recognize signs of technology-facilitated abuse, increase safety online, and learn about legal actions that can be taken against technology misuse.

Learn more about the ways that survivors can increase safety on social media:

When in doubt, download our Tech Safety App! 

The Tech Safety App helps users identify and address technology-facilitated abuse, including the misuse of social media. Download it from Google Play and the iTunes App Store – it’s free! (We will also be launching a Spanish version of this app in July!)

If you have additional questions about helping survivors stay safe on social media – or any other technology safety questions, please reach out to our Safety Net team: safetynet@nnedv.org.

Safety Net Project's International Work Expands

We are thrilled to announce a new international partnership! The Safety Net Project is teaming up with a coalition of domestic violence programs in the Netherlands to assist in building and launching SafetyNED - a national project focused on supporting online privacy and security for victims of domestic violence.

Next week, NNEDV’s Executive Vice President and founder of NNEDV’s Safety Net Project Cindy Southworth and Safety Net Technology Safety Specialist Corbin Streett will spend the week meeting with key stakeholders and technology companies, training new tech advocates, and participating in the 2017 Combine Congress.

In our 17 years of working on this issue, we’ve learned how critical it is for everyone to be working together and to be a part of this conversation. From advocates and service providers to law enforcement, policymakers, and technology companies, the collective knowledge, skills, and expertise of everyone is needed to address the multifaceted needs of survivors and move forward towards an end to violence. We’re delighted to be part of this new project and to be coming together on June 22 for the Combine Congress. Working in partnership, our collective efforts can truly make a difference!