PDF

As with any technology, when developers create apps there are many considerations needed to prioritize safety and privacy for the users. Tech companies and developers do not always consider how the unique dynamics of intimate partner violence (IPV) and stalking impact safety and privacy, even though they affect large portions of the potential user base. IPV and stalking are sadly common – one in three women and one in six men in the US have been stalked, with forty percent of stalkers being current or former intimate partners. Eighty percent of these stalking survivors and victims report use of tech to stalk them. Two in five women and one in four men in the US have experienced IPV. Sexual violence survivors may have specific concerns about privacy as well, particularly as regards sexual and reproductive health.

The following are questions and considerations for developers as they work on creating or updating apps. They are organized according to the following themes:

  • Maximize safety

  • Prioritize privacy

  • Provide education

  • Work with experts

This resource is aimed at app developers regardless of the purpose of the app being developed. In addition, some of the guidance below, particularly in the “Provide Education” section, pertains to technical writers and others who write documentation. Developers designing or implementing apps for visitation and coparenting should read both this resource and our information for judges on what to consider in assessing this type of app..

Maximize Safety

Does the app use allow users to find each other’s accounts? Is a user’s information publicly available at all?

  • For safety reasons, a survivor may not want apps to be able to access their contacts, or for their account to be discoverable through other users’ contact lists. However, survivors may still want to find accounts belonging to people in their support network in order to communicate with them. Providing individualized options, such as allowing users to make their account undiscoverable, allowing users to enter a trusted person’s contact information directly into an app to search for their account, and asking for permission to access contacts rather than requiring this to use the app, provide flexibility and options for the user. These options and design decisions can be important for survivors.

    • For example, if an app only allows for contacts to be added if they are already in the phone’s contacts list, that can be a concern. If the abusive person regularly looks at the phone’s contacts and the user is trying to use the app strategically for safe communication, requiring the app’s contacts to match the phones could undermine that.

  • Survivors who have left an abusive partner or are trying to conceal details of their life from a stalker may not want their information to be indexed by search engines. Make user profiles uncrawlable by search engines by default, with users opting-in to being visible in search results rather than opting-out.

 Do users have options in how they access the app, such as a browser version so that users can access it from alternate devices such as a library computer or a friend’s computer? This is especially important if the app is meant to hold important information or be a tool in critical moments (personal safety app, communication tool, evidence collection app).

  • A common tactic of tech-facilitated abuse is to monitor phone or computer activity. Abusers can do this by manually going through the phone/device or by installing a program to monitor the activity remotely. An off-app method to access user information can help to counter this abusive tactic.

Prioritize Privacy

  • Use the Privacy by Design engineering & development concept, which ensures privacy and personal control over your own information are built in throughout the entire development process. The technology is developed so that features offering the most privacy are the default and many options for privacy are always offered. Privacy by Design is not specific to mobile applications, but apply to the development of any technology.

  • Provide options for how users can control their information or access the app. Not all survivors have the same needs. Survivors may:

    • Live with an abuser who has physical access to their devices. The abuser may also force or coerce them to unlock a device or share passwords.

    • Have relocated and need to prevent an abuser or stalker finding them.

    • Be teens who are in school or extracurricular activities with an abuser or stalker.

    • Be coparenting with an abuser. In this case the child-survivors may be taking their own devices back and forth between parents’ homes.

Consider whether and how your options account for the different needs in various scenarios. For example, does the app allow users to have pseudonyms or multiple accounts, which could make it easier for some survivors to compartmentalize some of their activity away from an abuser?

  • Have app settings default to privacy when feasible. Users should not have to be knowledgeable about app settings in order to have privacy.

  • What permissions does the app ask for? Only ask for permissions to features the app absolutely requires to function.

 Are there options available for users who may want some additional privacy and/or security?

  • Offer privacy and security settings that are easy to find, so users can use the app in a way that feels safest for them.

  • Account Security: If the user is required to create an account in order to use the app, consider offering options for additional security than just a password. Options can include multi-factor authentication or security questions. Always advise users to choose passwords and answers to security questions that someone else will not be able to guess.

  • Data control: If the app collects information about the user and stores it remotely, offer additional security measures for accessing that data. 

 Does the app make use of the device’s GPS and other location settings?

  • A common recommendation for survivors is to turn off a device’s GPS and other location settings when they are not in use to avoid abusers misusing GPS information to locate the survivor. Apps that ask users to keep their location settings on at all times conflict with this best practice. Consider what the location requirement of your app is for and how users can both maximize the app’s features and enhance their privacy. For example, if the location is only accessed to provide information about resources geographically near the user, the app can suggest that the location be turned on when the user is doing that search and then turned back off again. The app can also allow the user to manually input a location if they prefer, instead of requiring access to GPS or other location settings.

 Does the app ask the user to provide personally identifying information?

  • Privacy is extremely important to many survivors of gender-based violence. Users may feel unsafe providing personal information, either about themselves or the abuser. Before asking for any identifying information, consider the purpose for why that information is collected and whether it’s truly necessary.

  • If asking for any identifying information, be clear to the user about what the information is for.

  • Always notify users within the app of any changes to how you collect and use their information.

Does the app support the use of privacy-preserving tools in account creation?

  • Some apps flag the use of a VPN service’s IP address as indicating a bot. Some apps do not allow the use of VoIP phone numbers, such as those provided by services like Google Voice or MySudo, in account creation. Consider how these approaches to trust & safety might affect survivors who need to prevent an abuser finding their new location or contact information.

  • Do you have a privacy notice available to users? Is it transparent on what is collected, how long information is retained, when it could be released, and to whom? Is this information available in each language supported by your app?

  • If the app collects any data about the user or user’s device, the privacy notice should tell the user what information is collected and for what purposes. This notice should be available in every language the app supports, and should be in plain language.

  • Data collection, usage, and deletion policy disclosures on the Google Play Store and the App Store should be accurate and up-to-date.

Does your company/organization respond to requests from law enforcement? Do the requests have to be official court orders or subpoenas? Is the user notified of the request for their data? Does the user control whether their information is shared?

  • Be transparent about how long data on any users or their devices is retained and who may have access to that data.  

Provide Education

Does your app have clear documentation, written for a general rather than technical audience, in each language supported by the app? Does this include documentation on privacy and security settings?

  • Documentation is not helpful if users cannot read it. The average adult in the US reads at a 7th to 8th grade level (the schooling level of a 12-14 year-old). There are online tools that will test the readability of your writing and provide suggestions for improvement.

    • In addition, people with intellectual and developmental disabilities are more likely to experience gender-based violence. The Autistic Self-Advocacy Network has a guide to writing in Easy Read and Plain Language. These are styles of writing specifically designed to be accessible to people with intellectual and developmental disabilities. When possible, create Easy Read versions of documentation.

    • 773 million people around the world are illiterate. Many others are literate only in languages that are not commonly supported by apps. Since Easy Read uses pictures as well as text to convey information, using it may make your app and documentation more accessible to these populations.

  • Is your documentation accessible to users who may access the information via a screen reader or other assistive technology?

Work With Experts

  • Get help from experts on implementing best practices. The International Association of Privacy Professionals (IAPP) created a Mobile App Privacy Tool to help developers navigate the various standards, obligations, and best practices imposed by different regulators and privacy advocates in the United States, Canada, Australia, and the European Union. Also look to collaborate with experts in trauma-informed services and design.

  • Survivors and victim services professionals may be able to spot issues that others do not. Include them in your user testing (and pay them for their time).