Intimate Data Violence

by Malath Kamaluldeen

Personal Experiences with Stalkerware

Cyberstalking has been a part of my life for almost the entirety of my ownership of an iPhone. Emigrating from Iraq to America in 2008 brought a lot of unsettling feelings for my family, there was a dichotomy of what customs my family planned to raise me with versus the culture and environment that would later shape my attitudes in life. There is a general pattern in the Middle East of women being under high surveillance, being subjected to higher rates of abuse, and there is an attitude of covert ownership in women by men. Usually this is by the “head of the household” when you are a young girl, that is your father, but when you reach the age of marriage, the power shifts to whomever you wed. The motivation between these ownership patterns boils down to control and the family “image”. Knowledge on what is occurring in someone’s device opens up a portal to the mind if the user is highly engaged in social media and technology, and with that knowledge comes the ability to control others behaviors and to feed the collective narcissistic ego of the family.

In my experience, the covert entitlement of ownership was very much overt. My father was in control of everything, he sent his brothers along to my mother’s work to surveill her before the age of cyber surveillance. But when the iPhone came out, my father took advantage of the “Find My iPhone” function, which he used to track mine and my mother’s whereabouts to intimidate and threaten us. When I got my first car, he downloaded the corresponding app and got alerts daily, as well as enacting the “panic” setting, which alerted police enforcement if I went out of a 15 mile radius from my home.

There was no such thing as privacy in our home, and in 2016 I managed to get a restraining order against him due to excessive physical abuse. Though the stalking did not end there, thus the overt cyberstalking turned into covert cyberstalking. He had purchased malware to automatically download any pictures on Snapchat that I had sent or received, continuing until 2018 (but who really knows if it ever ended, that’s only what I was told). In hindsight, it is clear my father now understands that control and surveillance is a short term fix, and eventually people like myself learn that these behaviors are unacceptable. With that comes a grand push-back, which cut ties between my father and I for years to come. He regretted those actions after experiencing his mental health endure a downward spiral due to the lack of contact that was allowed.

In 2020, a mutual friend of mine had the misfortune of attracting the attention of a person who began a campaign of heavy cyberstalking. He hacked into her personal accounts on every platform imaginable, apps such as Instagram, Twitter, and Snapchat. Using those private pictures and pieces of information, he began making accounts to harass her direct friends, distant acquaintances, and family. The stalker doxxed her by printing her address and embarrassing pictures, wrote sinister encouragement to harass her then covered a train station stop with the papers. He began making accounts to harass her friends, and though I was only a distant acquaintance, he made an account with a sole purpose being to make racist remarks against my Middle Eastern features. When he got no reaction, he turned angrier, which led the stalker to hack and delete my Instagram account alongside a handful of other friend’s accounts.

With many similar cases worldwide, marginalized groups have had to bear the weight of greater cognitive loads as well as taking lengthy, inconvenient tasks such as creating strong, unique passwords and 2 Factor Authentication processes to defend themselves from being breached online. The perpetrator walks freely and lightly while the victims are plagued with the consequences of the perpetrator’s actions.

Well, Can Law Enforcement Help?

The process of holding a stalker accountable and getting protection from law enforcement and the judicial system is very dehumanizing to the victim. The police can’t do much unless there is physical evidence. There is little to no legislation on cyberstalking and hacking, the excuse that I have heard many times is that it is “difficult to pinpoint who is doing the stalking” and “even if you have an IP address, and their personal accounts are threatening you, we don’t know if their personal accounts got hacked, or their computers got hacked.” It is evident that victims are subjected to longer lengths of abuse at the hands of law enforcement and the large gap of knowledge on the technical aspect of malware technology fuels this.

Stalkerware that is readily available for use and abuse are generally marketed as monitoring devices for parental use, or worse; “Check if your Partner is Cheating.” Surprisingly, a quick Google search will reveal tutorials and applicable spyware, ultimately encouraging digital abuse from one partner to another. An article on Slice gives step by step instructions on how to spy on your partner and 16 different methods to do so. These user experience models make simple the purpose of the software: to abuse and overstep someone’s boundaries. Though the purpose is concealed under the flashy justification, when in reality there is rarely ever a proper reason to track someone or download intimate data without their consent, unless the reason is coercive control. Slakoff, et al. defined coercive control in “The Role of Service Providers, Technology, and Mass Media When Home Isn’t Safe for Intimate Partner Violence Victims: Best Practices and Recommendations in the Era of COVID-19 and Beyond” as “violence, intimidation, threats, isolation, and controlling tactics—that has negative long-term impacts on victims… often involves surveillance, stalking, and the gendered ‘microregulation of everyday behaviors’ associated with housework and childcare.”1

The implications of COVID-19 in Domestic Violence

During the COVID-19 era, the authors explain, coercion and controlling tactics have been known to increase to “minimizing or monitoring victims’ communication with friends and family; depriving victims of their basic needs; withholding information about the virus and public health measures; and restricting access to the Internet, medications, and personal hygiene products such as masks, gloves, cleaning supplies, hand soap, and sanitizer.”1 The issue we are seeing today is that before the time of COVID-19, abusers relied heavily on tactics of isolation and intimidation to make it difficult for the victim to find help and escape. The effects of the pandemic have exacerbated abusive tactics of isolation by the very nature of the virus and the protocols set to prevent its spread. For the victim, it is difficult to have intimate conversations with a trusted friend especially if before the pandemic, ties were already loose, the pandemic has worked hand in hand with the abuser to shatter ties between the victim and their loved ones. How is it possible to talk about the abuse occurring if you are socially distancing and your abuser has access to your calls, texts, and every possible means of communication? There is also a common issue that occurs in abusive relationships in which the victim feels very confused and can’t comprehend the abuse they have been through. This might happen as a result of consistent exposure to gaslighting or because of the recipient’s coping mechanism of last resort, otherwise known as cognitive dissonance.

The fight against stalkerware is complex. These apps are legal because there is no overarching legislation in the United States to ban them, each state has its own laws and regulations. Currently, states have two options, the first being a two-party consent law, which means the two parties in communication must consent to the recording of their device. The second choice is one-party consent, meaning only one person in communication must consent to the recording. The complication being that a majority of the states choose the one-party consent law, making it incredibly difficult to hold an abuser accountable if in technicality they consented to the monitoring of their victim, thus effectively erasing the victims rights to their own data and privacy.1

What Can We do?

There is no simple answer to the complexities of stalkerware. Eva Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation and a person who dedicates much of her time to the eradication of stalkerware. She has convinced anti-virus companies such as Kaspersky to notify the user if malware is detected in their device, but Kaspersky does not automatically erase the malware, since the nature of domestic violence makes it difficult to wipe a device without the knowledge of the abuser. If the abuser notices the erasure then it is likely that the abuse will escalate and become likely even more dangerous for the victim.2

In a wider scope, since it is difficult to convict an abuser of these cyber crimes due to lack of regulation, as well as the intricacies of the process of detecting and safely removing malware without putting the victim at more risk, it is hard to imagine a clear solution to this issue. One possible solution is companies like Apple and Google prohibiting any distribution of stalkerware in their markets, but the deep web is still lively alongside the developers of these tools, and it is likely that there are ways to surpass blocking efforts by big tech corporations.

We can continue the fight for proper legislation, as well as education on domestic violence and abuse cycles in order to aid victims with spotting signs of abuse. Given victims in an abusive relationship are exposed to blindspots due to gaslighting and cognitive dissonance, education is the most effective way to allow the victim to see clearly, eventually providing the strength to rid themselves of this digital virus. Another way of aiding victims would be expanding budgets for protection from the abuse, such as public shelters that are essentially a buffer room, filled with the tools and support to propel the planning of their next steps to safety.

If you have suspicions that you have a stalker who installed stalkerware on your device, check out this Safety Toolkit By the Coalition Against Stalkerware, as well looking through Eva Galperin’s page

Malath Kamaluldeen is a third year BFA Design and Technology student and an advocate for the abolition of invasive technology practices. You can reach her through Twitter or Github.

  1. “Laws.” Coalition Against Stalkerware, 24 Nov. 2019, <www.stopstalkerware.org/state-laws/>.  2 3

  2. TEDtalksDirector. “What You Need to Know about Stalkerware / Eva GALPERIN,” March 30, 2020. <www.youtube.com/watch?v=xzWFrHHTrs8>. 

1
Dark Connections

The internet is made up of interconnected pieces of data about its users. Every website has trackers installed in it, mostly belonging to Google or Facebook, that keep tabs on the people using it. This data is neither protected or encrypted, often fully accessible to anyone with the means to access it. Though these companies store our data and use it to sell their products to us, they are in no way responsible for it. This entire system is almost always not implicit and shrouded in the background of its utility. This section aims to connect these dots that exist in the dark underbelly of the internet, that we have a vague idea about, but that are not necessarily clear.
Making these connections can make the online experience feel scary and unsafe, but it already is. Although governments and large corporations are often seen as the problem, the truth is that they are far less interested in you or I than someone who knows us personally and has an agenda that involves us. This section shines a light on the dark patterns that enable your data to be collected and potentially mobilized against your interest.

Social Media & Cognitive Bias

by Morgane Borzee

Insert Face to Fly

by Ege Uz

I Have Nothing to Hide

by Salil Parekh

Digital Profiling and Fingerprinting

by Nicholas D’Angelo

2
Digital Forensics

In order to combat the practice of dark data, one can exploit the loopholes in its architecture. But in order to do this, we need to at least comprehend the full extent of the information that is collected about us. It is now possible for us to demand the data that is collected about us, though this option is not directly obvious to most people. Resources like APIs, Google Takeout, and OSINT tools allow us to conduct small-scale investigations with regards to where our data lives and what data exists about us. This section is a collection of attempts by the authors to gain access to and interpret their own data that exists online.
However, awareness of the data does not guarantee its control. Google may give us a copy of the data that exists about us in its servers through its Google Takeout service; but this does not mean that that we now own this data. Google can still use it however it likes, it has not been deleted from their databases. We are being given only an illusion of control and this is intentional. Digital Forensics can only grant us a window into this massive machine, the machinations of which may still continue to be unclear. This section explores these windows and what they teach us both about ourselves and about the technology that we utilize.

PAOLO CIRIO, on capturing the dangers of facial recognition technology

by Kristin Eichenberg

My Walk To The Curry Wurst Restaurant

by Olivier Brückner

Intimate Data Violence

by Malath Kamaluldeen

Google Takeout

by Sohee Cho

3
Data Futures

What is the future of dark data? People are increasingly aware that information about them is collected online. Governments are making efforts to regulate Big Tech and protect the privacy of citizens. How can we imagine better ways to exist in the system? How can we protect ourselves from its repercussions? This section speculates how dark data is changing as a practice. It discusses ways in which people can take action and re-examine their browsing methods. The ideas discussed here think about how technology can be used to propose solutions to the problem it has created.
It is important to consider that the practice of data collection and exploitation is ongoing. There is no easy way out of these cycles. However, we would like to believe that sparking deliberate thought and action to help you orient yourself in this Wild West landscape can make the process of coming to terms with dark data easier.

Why I am crocheting my data and you should too

by Michelle Nee

Towards a Public Service Internet

by Mary Ann Badavi

Local News + Dark Data

by Isabel Anguera

Dark Data in Blockchain Ecosystem

by speculative data

4
About

This digital edition was compiled from scholarship, research, and creative practice in spring 2021 to fulfill the requirements for PSAM 5752 Dark Data, a course at Parsons School of Design.

Editors

  • Sarah Nichols
  • Apurv Rayate

Art Directors

  • Nishra Ranpura
  • Pavithra Chandrasekhar

Technology Directors

  • Ege Uz
  • Olivier Brückner

Faculty

  • David Carroll
  • Melanie Crean

Contributors

This site needs no privacy policy because we did not install any tracking code and this site does not store any cookies.