Advertising IDs are unique identifiers assigned to your devices by operating systems, enabling advertisers to track users’ online activities and deliver targeted advertisements based on their behaviors and preferences. An advertising ID serves as a digital fingerprint, enabling companies to better understand their audiences and track users as they browse the web and use apps.
Why You Should Disable Advertising IDs
Disabling access to advertising IDs is crucial for protecting your privacy. When apps track your activities, they build detailed profiles that may include sensitive information about your interests and habits. This data can be exploited for targeted advertising or even sold to third parties. This capability raises significant privacy concerns, as the data collected can lead to a detailed profile of your interests, which may be shared with third parties, such as law enforcement agencies, that may purchase this location data from data brokers for surveillance purposes. Controlling your digital footprint empowers you to reclaim your online privacy, allowing you to use apps without feeling constantly monitored.
How to Disable Advertising IDs For Android Users
SAMSUNG: Open Settings on your Samsung phone. Scroll down and tap “Security and privacy.”
Tap Scroll all the way to the bottom, and tap “More Privacy Settings” Scroll all the way to the bottom again, and select “Ads”
Scroll down a little, and tap “Delete Advertising ID” or “Turn off Ads Personalization.”
Confirm when prompted — this will reset and disable the ad ID.
Next, go back to “Ads” and tap on “Ad privacy” On this section, look for “Ad measurement”
Toggle this off as well, as there is no way to keep measurement data without correlating Ad ID. In older versions of Android, you had to reset your Advertising ID periodically to maintain better privacy. Disable Ad Personalization in your Google Account
Even with Apple’s tracking off, Google may still personalize ads based on your Google activity (search history, YouTube, Maps, etc.). To turn that off:
Open the Google app (or any Google service like Gmail or YouTube).
Tap your profile picture (top-right corner).
Choose Manage your Google Account.
Go to Data & privacy.
Scroll to “Personalized Ads”. Note: This can turn into a rabbit hole, so we’re sticking specifically with Ad ID and Ad Personalization so this doesnt turn into a novel. We’re compile a more thorough document at a later date the goes through security/privacy-related options in a future post.
Tap Ad personalization → Turn off.
How to Disable Ad ID For iPhone Users
1. Open Settings
2. Scroll down and Tap on “Privacy & Security”
3. Select “Tracking.” and then toggle off “Allow Apps to Request to Track.”
This prevents apps on iOS from accessing your IDFA (ID for advertisers)
You should also turn off personalized Ads in iOS.
Settings > Privacy & Security > Apple Advertising > Personalized Ads > off
By disabling access to your advertising ID, you take a significant step toward enhancing your privacy and minimizing ads tailored without your knowledge. Note if you’re using the Google Suite apps on your iPhone, we suggest that you follow the instructions (above) for Google Settings. Off topic, but also giving a hat tip to Signal, for being REALLY good about not letting me screenshot/copy/scan photos while putting this doc together. While it did take me a little longer to get images to the doc, I couldn’t be happier knowing that I couldn’t bypass the feature 😉
Smart Practices for Using Credit, Debit Cards, and EBT Cards
By: Julie Beck
The Growing Threat of Payment and EBT Fraud
Payment card and Electronic Benefit Transfer (EBT) fraud are growing concerns across the nation. Criminals use increasingly sophisticated tactics, such as card skimmers, hidden cameras, and Bluetooth-enabled readers, to steal card numbers, personal identification numbers (PINs), and account details directly from everyday payment terminals.
According to law enforcement and financial investigators, millions of dollars are stolen each year through these methods. The impact is far-reaching. While banks and retailers absorb some of the losses, everyday consumers, including families relying on EBT cards for groceries or fuel, often suffer the greatest harm. Once stolen, those funds are rarely recoverable, leaving victims to navigate financial hardship and frustration.
These crimes also impact survivors of domestic violence and cyberstalking. Abusers often attempt to monitor or control financial accounts as a form of coercion, tracking purchases or draining resources to maintain power. Practicing strong payment security, using safer payment methods, avoiding PIN entry, and monitoring account activity can help survivors maintain independence, privacy, and safety.
Protecting your payment information is not just about avoiding personal inconvenience. It’s about stopping fraudsters and organized crime groups that exploit vulnerable populations. A few careful habits at the pump or checkout counter can dramatically reduce your risk. The following recommendations were provided by the US Secret Service at the Cyber Fraud Task Force in Atlanta, Georgia.
Tap to Pay: The Safest Choice
Whenever possible, use tap-to-pay options at gas pumps or checkout counters. This contactless method is the most secure way to pay because it transmits encrypted, one-time transaction codes instead of your actual card number. Even if a skimmer is present, it cannot capture usable payment data.
Mobile wallets like Apple Pay, Google Pay, or Samsung Pay enhance this protection by tokenizing your card number, substituting it with a temporary code unique to that transaction. This means your real card number is never exposed—even to the merchant.
Safer Use of Traditional Card Readers
If tap-to-pay is not an option, your next safest method is to use a card with an EMV chip rather than one that only has a magnetic stripe. EMV (Europay, MasterCard, and Visa) chips are designed with dynamic encryption technology that generates a unique transaction code for every purchase. This reduces the risk that criminals can clone or reuse your card information, even if a skimmer is attached.
When you insert a chip card, the chip communicates directly with the payment terminal to verify authenticity, offering far greater protection than swiping a magnetic stripe. These EMV chip readers are usually horizontal, meaning you insert your card straight in with the chip facing up. This design tends to be more secure because it is harder for criminals to attach skimming devices without being noticed. If a reader only accepts swipes, consider moving to another pump or paying inside at a chip-enabled terminal for stronger security.
Avoid vertical or downward-facing card readers whenever possible. These designs are more vulnerable because skimming devices can be attached more easily and blend in with the reader’s shape. Many of these terminals still rely on magnetic stripe technology, which is less secure and can be copied by skimmers with minimal effort. If you have no other choice, use a pump or terminal located near the store entrance or within view of security cameras, where criminals are less likely to attempt tampering.
Protect Your PIN and Run as Credit When Possible
Never enter your PIN at a gas pump or point-of-sale terminal. Whenever possible, choose the “Run as Credit” option. By keeping your PIN private, you help stop it from being sent out and make direct debit theft far less likely. If a criminal manages to intercept your PIN, they can use it to make unauthorized withdrawals or purchases, exposing you to even greater monetary loss. Because PINs are meant to remain private, a compromised PIN can also make it more difficult to dispute fraudulent transactions with your bank.
Skimming operations often include a hidden pinhole camera or a keypad overlay designed to record your keystrokes. If thieves capture your PIN, they can withdraw cash directly from your bank account. Using the credit option keeps that information private and gives you stronger protection and dispute rights through your card issuer.
Disputing a credit card charge is much easier and offers stronger protection than disputing a debit card transaction with your bank. Credit cards are governed by federal consumer protection laws, such as the Fair Credit Billing Act, which allows you to challenge fraudulent or incorrect charges before paying them. As a result, the amount in question may be held back until the matter has been reviewed. On the other hand, debit card fraud affects your bank account immediately, and getting your money back can be slower because the funds have already been taken out. Banks may also have shorter reporting windows and fewer protections under the Electronic Fund Transfer Act. Using a credit card whenever possible helps minimize the risk of prolonged monetary loss and provides a smoother dispute process.
Choose a Strong, Secure PIN
Even in situations where you must use your PIN, such as at an in-person bank or verified retail terminal, it is critical to use one that cannot be easily guessed. Avoid simple or predictable PINs such as your birthday, address numbers, repeating digits like 1111 or 2222, or parts of your phone number. These combinations are among the first patterns criminals try when attempting to access accounts.
A secure PIN should be unique, random, and not reused across multiple cards or accounts. If your card issuer allows, consider changing your PIN regularly. Treat it like a password, something only you should know and never share or write down where others might find it.
When entering your PIN at any payment terminal, always make sure no one nearby can see the keypad. Criminals sometimes attempt “shoulder surfing,” a technique where they watch or record you entering your PIN—either directly over your shoulder or from a distance using a phone or small camera. To protect yourself, shield the keypad with your hand or body while you type, and be aware of anyone standing unusually close or appearing to watch your movements. Even in safe places, a few seconds of awareness can prevent your PIN from being exposed and used for fraudulent transactions.
Spotting Skimmers at Point-of-Sale Checkouts
The same dangers can appear inside retail stores. The U.S. Secret Service recommends taking a quick visual assessment before using any point-of-sale (POS) terminal.
Examine the keypad’s height and alignment closely. If it seems raised or the depth is different than usual, there could be an overlay on top. Pay attention to keypad backlighting as well. If it appears dimmer or uneven, that is another sign of an overlay blocking the normal light. Also, check for mismatched colors, textures, or added attachments around the card slot or keypad. When in doubt, ask to use a different terminal or pay the cashier directly.
Common Red Flags at Any Payment Terminal
Whether you are pumping gas or checking out at a store, take a few seconds to inspect the device. Warning signs include:
Loose or misaligned card readers
Extra plastic layers or stickers that do not match
Tiny holes above or near the keypad, which could indicate a hidden camera
Missing security seals or broken tamper tape
If something feels off, trust your instincts. Switch to a different machine, and if you can, notify the attendant to help safeguard others, too.
Reporting Suspicious Devices
If you notice a skimmer, hidden camera, or overlay device, leave it alone. Do not try to remove it. Criminals sometimes monitor their equipment and may be nearby. Instead, alert the store or station manager and contact the proper authorities.
You can report suspicious activity to:
The National Cyber-Forensics and Training Alliance (NCFTA) at www.ncfta.net
The U.S. Secret Service which investigates financial crimes and skimming operations.
Your local law enforcement agency
These reports help law enforcement identify trends and remove dangerous devices before they impact more people.
Record Keeping
Always keep your receipts and regularly verify your transactions with your bank or card provider. Comparing your receipts to your online or printed statements helps you spot unauthorized or duplicate charges quickly, allowing you to report them before they escalate into larger losses. Reconciling your account on a routine basis—whether weekly or monthly—also helps you stay aware of your spending patterns and detect any small, suspicious transactions that might indicate skimming or card cloning activity. Promptly disputing irregular charges with your bank or card issuer can help minimize financial damage and strengthen your fraud protection claim.
Staying Vigilant
Payment card and EBT fraud are not isolated crimes. They are part of a larger web of organized financial exploitation that affects communities across the country. By being aware, inspecting payment devices, and reporting suspicious activity, you play an important role in preventing theft and protecting yourself and others. Each of these small actions helps close the gap criminals rely on, making transactions safer for everyone.
With so much rapidly growing technology in our daily lives, people are becoming more and more reliant on their smartphones, whether it is to take pictures of their families, send text messages to their friends, or use it as a GPS to find a nearby restaurant. Our smartphones are the gateway to our personal lives, and it is extremely important for our devices to be safe against unnecessary intrusion by threat actors. That is precisely why smartphone companies have given the ability to use a passcode or password to log into the device. This gives the user extra protection with full disk encryption enabled with a passcode. We are always told not to hand over our passcodes or passwords to anyone, but the one exception that is so common is between couples. Both partners may want to share their passwords to give each other trust and transparency. In fact, a survey in 2023 showed that password sharing between couples is very common, with 81% of Americans saying that they have shared a password with their loved ones (ExpressVPN, 2023). While this is not a bad thing altogether, it could lead to severe consequences if the relationship turns out bad, leading to a breakup. Even if there were no breakups, some partners might become overly obsessive about whether or not their own partner is cheating on them. Thisis often seen in abusive relationships, especially towards women. The abuser may resort to adapting and abusing spying software on their partner’s device. This type of software is often referred to as stalkerware, which is a type of spyware that allows the abuser to see everything their victim is doing, from tracking their victims’ locations and allowing abusers to read their encrypted text messages, monitor phone calls, see photos, videos, their web history, and much more. It is being used all over the world to intimidate, harass, and harm victims and it is a favorite tool for stalkers and abusive spouses or ex-partners (Electronic Frontier Foundation, 2019). Although stalkerware companies such as mSpy and CocoSpy claim the use of their software is for parents to monitor children’s devices, this article argues that stalkerware helps domestic abusers spy on women without their permission. By confronting stalkerware, we can work towards a safer digital environment for all women and respect for their privacy in an increasingly interconnected world.
Your partner knows where you were last night even though you did not tell them? Were there specific conversations that you’ve had with friends or family, and does your partner know exactly what was said? How is that possible? It could be Stalkerware (Coalition Against Stalkerware, 2020).
Stalkerware, also known as Spouseware, is commercially available software used to spy on a victim’s device without their knowledge or consent. Stalkerware, like any type of spyware, is extremely invasive when deployed against a victim of domestic abuse. It can be deployed on both mobile operating systems like iOS and Android. Stalkerware can also be deployed on MacOS and Windows if the abuser knows the password or passcode to get into the device. Apple’s strict security policy is very effective at keeping iOS users safe. iOS simply does not let apps get deep enough into the system software to be able to secretly monitor what a person is doing to a compromised phone (Nield, 2020). Google will also remove apps from the Play Store if it finds evidence of stalkerware or spyware type of behavior. Google Play Protect can block stalkerware installation and remove installed stalkerware, but it may not protect against the newest versions of stalkerware (Parsons et[.]al, 2019). While it may be harder to deploy stalkerware on iOS, it is still possible with a jailbreak done to the device. This makes the device completely vulnerable, with all of its security stripped away. Women who are under this type of surveillance by their partners would often censor their own thoughts and would not be themselves online. Monitoring someone through their phone or computer is a form of violence and causes considerable fear for victims (Coalition Against Stalkerware, 2021). The scary part of having commercially available stalkerware is that the abuser does not need any technical expertise to deploy it on their victim. As Eva Galperin, the Electronic Frontier Foundation’s Director of cybersecurity, claims:
The stalker doesn’t have to be a skilled hacker; they just need easily accessible consumer spyware and an opportunity to install it on their target’s device. The people who end up with this software on their phones can become victims of physical abuse and physical stalking. They get beaten. They can be killed. Their children can be kidnapped. It’s the small end of a very large, terrifying wedge (Greenberg, 2019).
All abusers need to do is know their victim’s passcode or password to install the stalkerware on their device. Abusers can install stalkerware in a matter of seconds to minutes when a victim does not have their device. This sets a dangerous precedent for women who are in an abusive relationship and who are attempting to talk privately to family members or friends to safely escape the relationship. If stalkerware were installed on the victim’s device and the abuser saw them sending messages to family about attempting to leave the relationship, the abuser might escalate their abusive tactics leading to severe consequences. Abusers do not even need to use stalkerware apps to find and track their partners. Instead, abusers attempt to use apps that collect location data and ping it in real time, such as Life360 or Apple’s Find My Friends. Abusers will also attempt to set up profiles or Mobile Device Management on the victim’s phones to get copies of their text messages and call records. Victim’s emails may be sent to a forwarding address so that the abuser always gets a copy of what emails the victim receives. Abusers would even try to install stalkerware on their children’s devices in order to spy on what their spouse is doing. For example, Ali Nassar Abulaban, a popular TikToker, murdered his wife and a man after he listened to them through an app he had installed on his daughter’s iPad that allowed Abulanban to wiretap the nearby conversation (Cox, 2021).
This shows the real-world threat of stalkerware, software that is installed on victim devices to listen, track, or surveil them and others. But it also highlights the risk, more specifically of family monitoring apps, software that may be marketed more for keeping tabs on children but which can play a more sinister role in domestic violence.
This leaves a woman in this digital prison forever under the watch of the abuser. Women would often bring their phones to the police if they fear it has stalkerware, but there is no guarantee officers will be able to help. Many police departments lack the training and tech resources needed to find and detect stalkerware. (Hautala, 2020). It is difficult for investigators to find the apps on phones because it may require access to expensive software. The majority of domestic violence law enforcement officers may not even know what stalkerware is.
When it comes to situations of domestic abuse, the abuser is often blamed first on the victim’s digital harassment, but the tech company behind the product is equally as guilty as the abuser. The stalkerware provided to the abuser often markets itself as an easy way to spy on their partners or even a way for parents to monitor their children (Electronic Frontier Foundation, 2021). These stalkerware companies even compare their own software to those of their competitors to get more users. This sick form of advertising gives abusers options to choose regarding what stalkerware suits their needs the best. Stalkerware companies even like to set up YouTube tutorial videos on how to deploy their stalkerware on a victim’s device. mSpy, a very popular type of stalkerware in the United States, markets itself as a way for parents to monitor children. mSpy, like most stalkerware, collects keystrokes and location data in real time, listens to phone calls, reads text messages, and spies on social media activity. mSpy even compares itself to its other popular competitor, Cocospy. As mSpy says in their FAQ:
Cocospy and mSpy are both mobile monitoring apps with similar features like Call Monitoring, real time location, and tracking Website history. mSpy provides features such as Keywords Alert, which means if the user enters ‘dangerous’ words, you’ll get alerted. Additionally, mSpy includes support for different types of encrypted messaging apps such as Line, Telegram, Skype, Facebook Messenger, and even Tinder, unlike the competitor, Cocospy. The best type of monitoring app for you will depend on your specific needs (mSpy). Stalkerware companies like mSpy even buy ads on social media platforms or just showcase their software on their website to abusers to catch their cheating partner. The companies attempt to appeal to the abuser to use their spyware by using targeted advertising.
Ad from mSpy on X: Image from Certo
Xnspy Website: Image from TechCrunch
This move by tech companies like Xnspy and mSpy makes the job of the abuser much easier and more user-friendly. What abusers do not realize when deploying stalkerware on their victims is that they are not the only ones seeing this personal and sensitive data. The majority of these stalkerware companies have easy access to the same data the abuser is seeing on their end. This leaves the victim being spied on by both the abuser and the stalkerware company collecting their sensitive data. On top of all of this, stalkerware companies do not do a good job of protecting the data they have collected, and it often gets leaked. According to TechCrunch, there have been at least 21 stalkerware companies since 2017 that are known to have been hacked, have leaked customer and victims’ data online, and four stalkerware companies were hacked multiple times (Bicchieral, 2024). Stalkerware companies also have a horrible security response to patching critical vulnerabilities. Some of these companies even ignore it when white hat hackers and security researchers express major concern about the exploit. This leads to the company’s data being breached by threat actors, leaving the women’s own private data to be completely compromised and stolen. By utilizing stalkerware, the abuser now puts the victim in more danger of data breaches and having their information in the hands of rogue employees and threat actors. Domestic violence victims’ personal text messages, emails, location data, andsocial media activities are now publicly viewable by anyone.
While it may seem that a victim is defenseless against surveillance when stalkerware is installed on their device, they can take steps to prevent and remove it by installing anti-virus software and changing their device passwords. Although stalkerware tries to hide itself on the victim’s device, the spyware could give itself away with a few symptoms. If women find that their phone’s battery is draining rapidly and has massive data usage, it could be a sign that stalkerware exists on their devices. Another sign could be constant apps crashing and the phone becoming very hot. Women can also restart their phones, which would eliminate nonpersistent stalkerware from their devices. This will not work with all types of stalkerware, but it could temporarily disable the more advanced spyware. iPhones and iPads running iOS 18 or above perform an automatic restart when the phone is locked for more than three days. After an iPhone is rebooted, it goes into an “at rest” state, also known as Before First Unlock mode, which no longer stores encryption keys in memory. This makes the disk fully encrypted, making it much more resistant to hacking attempts (Gatlan, 2024). For iOS 16 and above, Apple introduced the Safety Check feature to help individuals facing domestic abuse have control over their personal information and privacy. Safety Check allows users to review and reset permissions for those who have access to their location data, passwords, messages, and other apps. When Safety Check is enabled, iCloud access is removed from every device except your handset, privacy permissions are reset, and both FaceTime and messaging services are limited to just one device connected to an iCloud account (Osborne, 2022). This is an excellent move by Apple to help increase users’ security from both malware, such as stalkerware, and physical access.
Women can also perform a factory reset on their device to help remove more persistent stalkerware, but everything on the device will be lost. If victims use anti-virus software, the stalkerware can be detected and removed from the device. This can eliminate the invasive intrusion by the stalkerware, which relays all the victim’s personal information to the abuser. While it is good that most anti-virus software can detect and remove stalkerware, most of these stalkerware programs often alert the abuser that the spyware has been removed from their target’s device. This may cause an increase in abuse. That is why anti-virus companies such as Kaspersky have warned about removing stalkerware without having a safe plan in place. As Kaspersky states:
Kaspersky has now updated its Privacy Alert to victims if stalkerware is found on their devices so that they will now be notified if an abuser will notice if the software is removed. If the stalkerware is deleted, it erases proof that stalkerware has been installed, and if an abuser loses control over a device, the situation might escalate badly for the victim (Kaspersky, 2023).
This is extremely important to consider when attempting to prove the victim has been under such surveillance, whether it be by law enforcement or a trusted family member. Kaspersky has also released a tool called “TinyCheck” that scans a victim’s device’s outgoing traffic by using a Wi-Fi connection, and it looks for any signs of stalkerware. The device is configured to mediate between the router and the connected Wi-Fi router gadget. This enables TinyCheck to capture network traffic and instantly analyze it. If your smartphone sends a lot of data to known stalker or spyware servers, TinyCheck will detect it (Coalition Against Stalkerware, 2022). It doesn’t require installation on a user’s device because it works separately, such as on a Raspberry Pi, to avoid being detected by a stalker (Kaspersky, 2022). This is a great tool to detect and scan for signs of stalkerware present on a device without removing the stalkerware which notifies the abuser. This report can be brought as evidence if the victim wants to bring charges against the abuser. When determining women’s safety level, it is important to remember that everything the victim does on their compromised device can be recorded and watched by an abusive partner (Ruiz, 2019). Women must also change their passwords to their devices and enable two-factor authentication when possible, which would lock out their abuser from getting in. If the device is too compromised to retrieve, women must try to replace their phone with a new phone if possible. Web browsers, such as Brave browser, allow for an “Off The Record” to help people who need to hide their browsing behavior from others, such as an abuser who may have access to their computer or phone. This move by Brave allows victims to browse the web for resources and get help in domestic abuse situations.
Brave Browser’s attention to detail with OTR Mode—users can more easily choose which websites are recorded in their browsing history—is an important privacy innovation that can protect users in ‘attacker you know’ situations or anyone who wants more control over what their Browser remembers and what it doesn’t. This feature empowers people who browse the web—all of us—and gives us more agency over content consumption (Brave, 2023).
Stalkerware still represents a significant threat to women’s privacy and safety, as it enables invasive surveillance and control by abusers. The rapid increase of using this malicious software highlights the urgent need for increased awareness, education, and legal protections to safeguard personal privacy. Stalkerware should be illegal for spying on victims, and abusers should be charged under the Computer Fraud and Abuse Act for installing malicious software on someone’s device without permission. The Computer Fraud and Abuse Act of 1986 prohibits accessing a protected computer or device without authorization. Stalkerware is typically installed on a target’s device without their knowledge or consent, which constitutes unauthorized access. Additionally, the use of stalkerware can violate federal wiretapping laws and state recording laws such as the Electronic Communications Privacy Act. In New York, Jackie’s Law makes stalking by GPS illegal. Jackie’s Law updates New York State’s stalking law to allow law enforcement to pursue criminal charges against individuals who use GPS or other electronic tracking devices to stalk their victims, even if the victim does not press charges (Kennedy, 2014). This legislation closes a loophole in the law, enabling authorities to take action against abusers who use stalkerware or similar technology to track and intimidate their victims. In 2022, the Safe Connections Act was signed into law, which makes it easier for survivors of domestic violence to separate their phone line from a family plan while keeping their own phone number and requires the FCC to create safeguards to protect the privacy of the victims seeking this protection (McKinney, 2022). The Federal Trade Commission has even banned several stalkerware companies like Support King and SpyFone from operating in the United States due to the app secretly “harvested and shared data on people’s physical movements, phone use and online activities through a hidden device hack” (Federal Trade Commission, 2021).
The law must keep up in holding stalkerware companies and abusers accountable for using stalkerware. Women must be empowered with the knowledge and tools to recognize and fight stalkerware, such as using strong passwords, anti-virus software, and more. As technology continues to evolve, it is important that society collectively addresses the challenges posed by stalkerware. Together as a society, we can spread awareness and put an end to stalkerware prying on women’s private lives once and for all.
You are never alone in this fight. You can always get help.
Parsons, C., Molnar, A., Dalek, J., Knockel, J., Kenyon, M., Haselton, B., Khoo, C., & Deibert, R. (2019, June 12). The predator in your pocket: A multidisciplinary assessment of the stalkerware application industry. The Citizen Lab. https://citizenlab.ca/docs/stalkerware-holistic.pdf
Divorce and Abuse in the U.S.: Key Statistics and Trends
National Statistics on Abuse-Related Divorce
Recent research and surveys consistently show that a significant share of U.S. divorces involve domestic abuse (physical, emotional, or psychological) as a contributing factor. Key findings include:
Range of estimates: The exact percentage varies by study methodology. An in-depth 2013 academic study (tracking couples over 14 years) found that 23.5% of participants identified domestic violence as a major contributor to their divorce ( Reasons for Divorce and Recollections of Premarital Intervention: Implications for Improving Relationship Education – PMC ). An earlier poll in 2011 reported even higher numbers: about 36% of Americans (and 48% of women) who divorced said domestic abuse – including physical or verbal abuse – was the primary reason they ended their marriage (Abuse is the most common reason for divorce, survey reports | Hill Macdonald, LLC). Despite differing figures, these studies all indicate that abusive treatment is a factor in a substantial minority of divorces across the country.
Detailed state-by-state data on divorce causes are limited because many divorces are filed under general “irreconcilable differences.” However, available evidence suggests some regional patterns and noteworthy state data:
Legal grounds vs. no-fault: In states where fault-based grounds are recorded, we see evidence of abuse being cited. For instance, Mississippi changed its law in 2017 to make domestic abuse easier to cite in a fault divorce. In the following year, 608 out of 12,918 divorce complaints (about 5%) in Mississippi explicitly cited domestic abuse as the ground for divorce (One year later, new divorce law helps more than 600 abuse survivors find a way out – Mississippi Today) (One year later, new divorce law helps more than 600 abuse survivors find a way out – Mississippi Today). This represented a significant share of that state’s contested (fault-based) divorces. Other states that still allow fault grounds (like “cruelty” or “inhumane treatment”) likely have a portion of cases filed due to abuse, though comprehensive statistics are not published regularly.
Domestic violence prevalence by state: Rates of domestic violence (regardless of divorce) vary widely by state, which in turn influences divorce trends. Generally, states in the South and West report higher lifetime domestic abuse prevalence. Oklahoma has the highest rate in the nation – about 49.1% of women and 40.7% of men there have experienced intimate partner violence in their lifetime (In Which State Is Domestic Violence Most Common?) (Domestic Violence Statistics: A Comprehensive Investigation). Other states with elevated abuse rates include Kentucky (~45% of women) and Nevada, Alaska, and Arizona (around 42–44% of women) (In Which State Is Domestic Violence Most Common?) (Domestic Violence Statistics: A Comprehensive Investigation). By contrast, some states in the Northeast/Midwest report lower (though still significant) rates – for example, South Dakota (~28% of women) and North Dakota (~30%) have the lowest female victimization rates (Domestic Violence Statistics: A Comprehensive Investigation). These patterns suggest that in regions with more widespread domestic violence, a higher fraction of divorces may involve abuse. Indeed, states with historically high divorce rates (e.g., Arkansas, Oklahoma) also tend to have high domestic violence rates, indicating a potential regional correlation.
Regional insights: Because formal “reasons for divorce” data by state are scarce, researchers sometimes use proxies. One approach is looking at the proportion of “serious” divorce reasons (like abuse, infidelity, addiction) across different demographics. Nationally, about 42–50% of divorces involve at least one of the grave issues such as adultery, domestic violence, or chronic emotional abuse (What is a Life-Saving Divorce? | Life-Saving Divorce) (What is a Life-Saving Divorce? | Life-Saving Divorce). There is anecdotal evidence that in more conservative regions or where no-fault divorce has been restricted, some victims remained in marriages longer, potentially underreporting abuse-related divorces (3 Kinds of Divorce Statistics You Can Learn From) (What is a Life-Saving Divorce? | Life-Saving Divorce). Overall, no region is immune – even states with lower overall domestic violence incidence still see substantial numbers of divorces due to abuse each year. The difference is mainly in scale: in some Southern and Western states, abuse might be a cited factor in a larger percentage of breakups, whereas in other states, it may be slightly less common.
(Note: The variability by state is influenced by both cultural factors (prevalence of domestic violence, attitudes toward divorce) and legal factors (ease of obtaining divorce for abuse). Because most states don’t track the “cause of divorce” in statistics, regional insights are drawn from surveys, academic research, and specific state reports.)*
Breakdown by Type of Abuse Cited in Divorces
“Abuse” in the context of divorce can encompass physical violence, emotional/psychological abuse, and sometimes sexual or financial abuse. These often overlap, but divorce research and laws typically group them under domestic violence or cruelty. Here’s what we know about the types of abuse leading to divorce:
Emotional/Psychological abuse: Non-physical abuse can be equally damaging and is another major factor in divorces. Emotional or psychological abuse refers to patterns of verbal attacks, manipulation, intimidation, humiliation, or controlling behavior that erode a spouse’s mental well-being. Many victims cite this kind of abuse – often called “mental cruelty” in legal terms – as a primary reason for divorce, even when physical violence is absent. In the 2011 Divorce360/GfK Roper survey, “domestic abuse” included verbal/emotional abuse, and nearly one-third of respondents (including almost half of women) attributed their divorce to such abuse (Abuse is the most common reason for divorce, survey reports | Hill Macdonald, LLC). Family therapists note that emotional abuse often goes hand-in-hand with physical violence, but it can also be the sole form of abuse in a marriage. Chronic emotional abuse alone was listed among the top “serious” reasons for divorce in about 1 out of 6 cases in one study (grouped with other severe issues) (What is a Life-Saving Divorce? | Life-Saving Divorce) (What is a Life-Saving Divorce? | Life-Saving Divorce). Examples include relentless belittling, isolation, extreme controlling behavior, and threats — spouses in these situations often eventually seek divorce for self-preservation.
Other forms of abuse: Some divorces involve specific abuse dynamics like sexual abuse or financial abuse. These are less commonly tallied separately but fall under the umbrella of domestic violence. Sexual abuse (any non-consensual sexual contact or coercion by a spouse) is cited in some divorce cases, sometimes alongside physical battering (Abuse is the most common reason for divorce, survey reports | Hill Macdonald, LLC). Financial abuse – where one partner heavily controls or withholds money to exert power – can contribute to the decision to divorce as well, though it might not appear as a named legal ground. While statistics by subtype are scarce, domestic violence advocates stress that abuse in any form (physical, emotional, sexual, etc.) creates a toxic and unsafe marriage. In practice, if a spouse is enduring financial control, intimidation, or sexual coercion, those behaviors usually coexist with emotional degradation or physical threats, forming a pattern of domestic abuse that leads to divorce (Abuse is the most common reason for divorce, survey reports | Hill Macdonald, LLC).
This data is based on a synthesis of multiple studies and surveys rather than a single report. Here’s a list of the types of sources that were incorporated into that synthesis:
National Surveys on Divorce and Domestic Violence:
Surveys such as the Divorce360/GfK Roper survey have historically collected data on why individuals cite abuse or domestic violence as a reason for divorce.
Additional surveys and polls that assess the “final straw” or primary reasons for divorce often include questions about domestic abuse.
Academic Studies:
Research published in academic journals like the Journal of Family Psychology (for example, studies by researchers such as Scott and colleagues) has examined the long-term effects of domestic violence on marital dissolution and the prevalence of abuse-related divorces.
Longitudinal studies tracking couples over multiple years have provided estimates of the percentage of divorces influenced by domestic violence or abuse.
Government and Public Health Data:
Reports from the Centers for Disease Control and Prevention (CDC) and the National Center for Health Statistics offer broader data on domestic violence prevalence, which is used as a proxy when discussing its impact on divorce.
Some state-level reports or court data (e.g., data from states like Mississippi that record fault-based divorce reasons) give insight into how often abuse is explicitly cited as the cause.
Domestic Violence and Advocacy Organizations:
Organizations such as the National Domestic Violence Hotline and the National Coalition Against Domestic Violence provide statistics and research findings regarding domestic violence and its broader societal impact, including its role in divorce.
State-Specific Data:
In a few cases, states that maintain records on fault-based divorces or have made legislative changes to better document abuse as a cause for divorce (e.g., Mississippi) have published data that helps break down regional trends.
Because much of the data comes from aggregated reports and survey results—and because many divorce filings are processed under no-fault laws without an official “cause” recorded—the exact percentages can vary between sources and methodologies.
The Urgent Need for Survivor Protections in HB 315
As an organization dedicated to the safety and empowerment of survivors of intimate partner violence and human trafficking, Operation Safe Escape strongly urges the Tennessee legislature to reconsider the dangerous implications of HB 315, the Tennessee Covenant Marriage Act. While the bill’s stated intent may be to reinforce the institution of marriage, its provisions create serious and life-threatening risks for survivors of domestic abuse.
Domestic violence is not limited to physical or sexual abuse—it encompasses a wide range of coercive tactics, including psychological manipulation, financial control, and emotional abuse. HB 315, as currently written, fails to recognize these realities and instead imposes severe restrictions on divorce, mandates counseling even in abusive situations, and lacks critical safeguards to prevent survivors from being coerced into restrictive marital agreements. Without significant revisions, this bill will effectively trap survivors in dangerous relationships, deepen their dependence on abusers, and increase the risk of serious harm or even death.
To ensure that HB 315 does not become a tool for abusers, we urge lawmakers to incorporate the following critical protections into the bill. These revisions will help mitigate the risk of survivors being forced into or remaining in abusive marriages without viable options for escape.
1. Expand the Definition of Abuse in the Bill
Current Concern: HB 315 narrowly defines abuse as only physical or sexual violence, ignoring psychological, emotional, financial, and coercive control tactics.
Suggested Action: The bill should be amended to recognize a broader definition of abuse, including coercive control, financial abuse, and emotional abuse, in alignment with modern domestic violence laws and research.
2. Explicitly Prohibit Mandated Counseling in Abuse Cases
Current Concern: Joint counseling is often weaponized by abusers and can further endanger survivors.
Suggested Action: The bill should include an explicit exemption for survivors of domestic abuse, ensuring that they are not forced into counseling with their abuser.
3. Ensure Survivors Can Exit Covenant Marriages Without Excessive Legal Barriers
Current Concern: The bill’s restrictive divorce provisions could trap survivors in abusive marriages.
Suggested Action: Survivors of any form of abuse, including coercive control, stalking, and financial manipulation, should have the right to dissolve the marriage without additional hurdles, such as waiting periods or court-ordered counseling.
4. Strengthen Protections Against Coerced Entry Into Covenant Marriages
Current Concern: Abusers often control financial and legal decisions, coercing survivors into restrictive agreements.
Suggested Action: Require independent, informed consent measures before entering a covenant marriage, including:
A mandatory screening process to assess coercion.
Separate legal counsel (paid for by the state if necessary) to ensure both parties are making an informed decision.
An opt-out period (e.g., 30 days) where one party can void the agreement without the other’s consent.
5. Include Economic Protections for Survivors
Current Concern: Restricting divorce may deepen financial abuse, leaving survivors trapped.
Suggested Action: Include emergency financial relief options for survivors seeking divorce, such as:
Waived court fees for survivors filing for divorce.
Temporary financial assistance programs.
Legal aid access to help survivors navigate the system.
6. Add Protections for Survivors Seeking Restraining Orders
Current Concern: Abusers may use the restrictive marriage framework to challenge or delay restraining orders.
Suggested Action: Ensure that protective orders supersede any covenant marriage restrictions, allowing survivors to legally separate and receive necessary protection immediately.
Protecting Survivors and Strengthening Justice
Any legislation concerning marriage and divorce must prioritize the safety and autonomy of all individuals, especially those at risk of domestic violence. Without the proposed amendments, HB 315 will do more harm than good, creating legal barriers that will disproportionately impact survivors—individuals who already face enormous hurdles when trying to leave an abusive relationship.
Tennessee has the opportunity to lead with compassion and justice, ensuring that no survivor is trapped in a legally sanctioned cycle of abuse. We urge lawmakers to revise HB 315 to reflect modern understandings of domestic violence, acknowledge the risks of coercion, and provide survivors with the legal pathways necessary to secure their safety and independence.
Domestic violence should never be excused, minimized, or legislated into permanence. We stand ready to assist in shaping policies that truly protect survivors and would welcome the opportunity to discuss these concerns further. Thank you for your time and commitment to ensuring that Tennessee remains a state that prioritizes the safety and well-being of its most vulnerable residents.
Legislation should protect and empower survivors of domestic violence, not trap them in dangerous situations. Unfortunately, HB 315 – The Tennessee Covenant Marriage Act does just that. This bill, under the guise of strengthening marriage, imposes severe restrictions on divorce and mandates counseling, even for survivors of abuse—potentially forcing them into harmful interactions with their abusers.
Operation Safe Escape has formally urged the Tennessee House Children & Families Subcommittee to reject HB 315, highlighting how its provisions fail to account for coercion, financial abuse, and psychological control, which are common tactics used by abusers. The bill limits the definition of abuse to only physical and sexual violence, ignoring the broader reality of domestic abuse. Moreover, its restrictive divorce requirements would make it nearly impossible for many survivors to legally escape.
Survivors of intimate partner violence already face overwhelming barriers when trying to leave an abusive relationship. Adding more legal roadblocks, as HB 315 does, increases their risk of further harm, prolonged economic dependence, and even fatal violence. Restricting divorce and failing to recognize the complexities of abuse endangers lives.
We are calling on Tennessee legislators to reject HB 315 in its current form and instead focus on policies that provide real protection and pathways to safety for survivors. Lawmakers must ensure that any marriage-related legislation considers the realities of domestic violence, coercion, and financial control—not just physical harm.
To read our full letter to legislators, including specific concerns and recommendations, continue below. Survivors deserve safety, not more barriers.
Duress Codes can be an effective tool in awareness, defense, and escape
In the 1968 Star Trek episode Bread and Circuses, Captain Kirk uses duress codes when he is captured by a previously unknown civilization that modeled itself on Earth’s ancient Rome. Worse, a former Starfleet captain is leading the civilization, so he’s wary when the Enterprise hails Kirk to ask if everything is okay. Kirk replied, “Condition Green,” satisfying the former captain that no rescue would be attempted. What the former captain didn’t realize is that “Code Green” was a pre-arranged code that actually meant “I’m in danger.”
Duress codes have been and continue to be used in fiction, real-life espionage, and even within families for ages. Reportedly, even Queen Elizabeth II had a subtle signal involving the way she was holding her handbag to signal to her staff that she wanted to leave a conversation or social situation. Basically, these “codes” are any pre-arranged message, behavior, or signal that means something to the intended receiver but won’t appear suspicious to anyone else watching. For people in an abusive household or relationship, duress codes may be one effective and safe way to summon help.
The three main characteristics of a duress code are that it needs to be pre-arranged, unlikely to be used by accident, and undetectable by anyone for whom the message isn’t intended.
Duress Codes should be pre-arranged
The message is coordinated between the survivor and their support system and only to those they absolutely trust to help. The survivor and their support system then agree on one or more codes and their meanings. The code should be something that makes sense to be used without standing out as unusual.
They should be unlikely to be used by accident
Duress codes should be unique enough to avoid false positives- that is, accidentally using the code word when there’s not actually an emergency. This can be a challenge because the code, when trying to choose something the survivor will believably share, say, or do without being common enough that it might be used inadvertently.
Duress Codes should be undetectable by anyone the message isn’t intended for
A duress code is essential in cases where the abuser is strictly controlling or monitoring the survivor’s actions, online accounts, and conversations. It should be assumed that the abuser is going to see the code, and it’s critical they are unable to recognize it as one.
A duress code can be anything the survivor and their support system agrees on, and they can have as many codes as they can manage and as they need. Some examples may include:
– “If I post a picture of a flower, please check on me.”
– “If I mention in a text that the network went down at work, call the police.”
– “If I wear this necklace, I need help immediately.”
– “If I click ‘like’ on your profile picture, I’m in trouble and need you to pick me up.”
Or anything else that’s pre-arranged, unlikely to be used by accident, and undetectable by the abuser. It’s important to define not only what the code is but also exactly what needs to be done when it’s used.
The empowerment and security that comes from having a well-thought-out safety plan, including using duress codes, cannot be overstated. These codes are more than just secret signals; they are a bridge to safety for those who might find themselves in perilous situations, providing a discreet way to ask for help without alerting potential threats. Remember, you’re not alone in navigating these challenges. Organizations like Operation Safe Escape are here to support you, offering guidance, resources, and assistance in developing effective safety strategies tailored to your unique circumstances. Safety is a fundamental right, and through collaboration, preparation, and the use of tools like duress codes, we can work together to protect that right for everyone. If you or someone you know needs help in crafting a safety plan or understanding the use of duress codes, please reach out. Together, we can create a network of support that empowers individuals to live safely and confidently in any situation.
New facts emerge from the NSA’s previously Top Secret history of OPSEC.
Most people don’t know the full history of Operation Safe Escape. Until 2016, Operation Safe Escape was a project under the Operations Security Professional’s Association or OSPA. At that time, the organization was the largest non-profit organization in the world dedicated to teaching people about Operations Security (OPSEC) and how to use it to protect themselves, their businesses, and more. Over time, the anti-domestic violence mission became more important and the organization’s core focus, now referred to as OSE.
Introduction to OPSEC’s Evolution
OPSEC, or Operations Security, remains a key aspect of our mission to protect survivors of domestic violence, stalking and harassment, and human trafficking. Far from its original application of protecting military missions and plans, OPSEC today can help protect an individual’s plans to escape abuse or other circumstances. For that reason, in a practical sense, OSE is the successor for many of the OPSEC organizations that came before. Consistent with the OSE mission, this report is a historical analysis of the roots of OPSEC and is not an endorsement of any aspect of the Vietnam War or any other military application.
For context, the term “Purple Dragon” refers to the code name for the survey team in Vietnam. As a historical aside, the code name was originally intended to be temporary, so the team chose the name they liked best from a list of code names provided. The other options have been lost to history.
In 1993, the National Security Agency (NSA) released a report titled “Purple Dragon: The Origin and Development of the United States OPSEC Program,” which described the unusually high American losses in the high altitude bombing missions code-named Arc Light and Rolling Thunder, and the reconnaissance missions under Blue Thunder, and discussed the intelligence failures that led to them as well as the measures taken as a response. The process developed at the time later became what we call OPSEC today. In 2007, a heavily redacted version of the report was released to the public under a Freedom of Information Act (FOIA) request, bringing some of the previously Top Secret history to light. However, significant portions of the documents remained redacted.
In 2018, Operation Safe Escape researchers requested a declassification review from the NSA to determine which redacted information could be released. In January 2024, we received a largely (but not entirely) unredacted version that provided additional context and historical information. This report does not attempt to summarize the entirety of the 102-page document but instead highlights some of the most surprising or compelling facts not previously made available. While the document also explores OPSEC findings related to ground and riverine operations, the findings are generally similar to the ones identified by the Air Force.
It’s interesting to note that many of the original redactions were public knowledge (and some were even referenced in official government OPSEC training resources) in 2007 when the original redacted version was made available. For example, the 2007 release redacted the name of the Commander in Chief of U.S. Pacific Command, Admiral U.S. Grant Sharpe Jr., that he originally convened the Purple Dragon team, and for what purpose.
New and noteworthy information in the 2024 release include:
1. Initially, many members of the team believed the losses were due to a communications security issue. In fact, the communications security team found 50 different nonsecure communications during the survey that included specific details regarding the time of the bombing run, referred to as “time on target” (page 9). These sensitive details were transmitted over nonsecure (and, as such, able to be intercepted) between an hour and a quarter and up to 15 hours ahead of the mission. The now-unredacted section of the report notes that 228 aircraft had been shot down and 60% of Blue Springs photography drones were destroyed up to that point, and the report questions whether North Vietnamese forces had advanced knowledge that may have contributed to those losses. The following line answers this question, which was redacted in the 2007 release: yes, they did. Adversarial forces had up to three hours, sometimes up to eight hours, to prepare or evacuate the area.
2. The National Security Agency (NSA) and the Joint Chiefs of Staff agreed to launch a counterintelligence effort to identify and close the sources of the leaks (page 12). The Defense Intelligence Agency (DIA) was tasked with coordinating the effort and convened two working groups- a counterintelligence (CI) working group and a communications security (COMSEC) working group. The CI working group ultimately concluded that “losses of sensitive information through enemy human intelligence (HUMINT) could not be prevented.” It made no recommendations aside from increasing ongoing, general CI activities. The COMSEC working group was convinced that the blame could be placed on individuals failing to protect sensitive information properly and that monitoring communications and transmissions could identify who and punish offenders. A plan was put in place to conduct a COMSEC survey- a new concept at the time- which the DIA approved with the condition that another team be established to examine all aspects of military operations, from planning to execution, to look for other ways they might be compromised.
3. One piece of history that was available through other sources (but was redacted in the 2007 release as “classified matters of national defense or foreign policy”) was the overall strategy for identifying information leaks and vulnerabilities (page 14). The committee ultimately decided to focus on three areas: “enemy exploitations of U.S. communications, enemy recognition of patterns and operations, and enemy access, by whatever means, to pre-execution plans and preparations for operations.” To put it another way, the committed proposed searching for insecure communications channels, patterns and indications, and anything else that might give adversarial forces access to allied plans. What wasn’t previously known was that Admiral Sharp himself elected to assume official responsibility for the survey.
4. Initially, responsibility for the survey was offered to the CINCPAC communications staff, known as J6, because no one was certain who else should manage it (page 14). However, the communications staff lacked experience in the intelligence aspect of the survey and passed ownership on to the intelligence staff, J2. But J2 wasn’t sure how to approach the survey as a concept, so it finally landed with the operations staff, J3, under the command of Colonel James Chance, J3 Deputy for Command Center and Nuclear Operations. At the time, the concept of “surveying operational effectiveness” was new to the military, but the assignment makes sense in hindsight. Although Colonel Chance’s role as direct manager of the project has been widely discussed, it deserves special mention here due to his contributions and decisions throughout.
5. Although a relatively minor historical note, the size and scope of the survey team was previously undisclosed (page 15). Teams were established at seven commands at various airbases in Japan, Thailand, Guam, and Vietnam. At each command, the number of personnel assigned ranged from a small handful of men at some bases to 39 assigned to the U.S. Military Assistance Command in Vietnam.
6. In the 2007 document, pages 17-31 were almost entirely redacted, representing nearly the entirety of the “Birth of a Dragon” section, which primarily focused on the team’s findings and observations throughout the survey. Although much of the section still remains classified, a significant amount of previously redacted information was revealed in the 2024 release. Much of the information is commonly known, but noteworthy revelations include:
In order to encourage everyone surveyed, from the lowest ranks to the commanding officers, the team agreed that the Purple Dragon survey wouldn’t be treated like a traditional inspection and that no reprimands would come from the gathered information. It was decided at that time to capture the information would be kept non-attributional
In a departure from the original COMSEC team’s plan, the goal was to address the root of the problem rather than punish those who failed to follow proper procedures. With this in mind, unit commanders were given the opportunity to fix any issues before they were reported higher.
To avoid having those interviewed from unconsciously altering their usual activities and gathering accurate information, participants were not told the nature of the survey when being interviewed or observed.
Much of the information disclosed in the document detailed the specific procedures and goals for the team. Based primarily in Pearl Harbor (partially, we learn from other sources due to travel budget limitations for the NSA members of the team), team members compiled a database of findings and evaluated the information as it unfolded. Given that the team was looking for something entirely unknown, it’s interesting to see how they approached the problem and made sense of what they discovered.
7. Even the initial recommendations proved effective (page 22). Before OPSEC as a process was formalized, the initial recommendations given on-site increased survivability and recovery rates for bombers and drones.
8. By reviewing unclassified Notices to Airmen (NOTAMs) for upcoming missions, the Purple Dragon survey team was able to gauge upcoming targets and mission times with about 80% accuracy (page 22). The NOTAMs are generally made widely available with limited control to deconflict airspace and help prevent aviation accidents. It’s certain that adversarial forces had access to those reports, which detailed specific times and general locations of missions.
9. Local Vietnamese allies and officials were warning their friends and family of upcoming bombing missions to give them time to leave the area (page 24). The process for selecting and approving targets could take a week or more, and it involved approvals from multiple different commands and up to the Pentagon. This included coordination with local allies. There is no evidence that any Allied official leaked information to adversarial forces. Still, it should have been foreseen that local officials would naturally want to warn their family and friends who may be in the area. Those family and friends would warn their family and friends, and so on. The local civilian population would start evacuating the general target area one to three days before the mission, which signaled to adversarial forces that they should do the same.
10. Many Rolling Thunder missions were compromised shortly after takeoff (page 25). Early in the survey, it was estimated that up to 90% of Rolling Thunder missions were compromised to varying degrees after takeoff from Thailand or the Gulf of Tonkin, giving the adversary up to 45 minutes’ notice before a strike. Given the sophistication and resiliency of the North Vietnamese tunnel systems, this was more than enough time to shelter personnel and equipment. The Navy and Air Force would use exactly four electronic countermeasure aircraft to jam enemy radar when targeting heavily defended areas, but only two when targeting others. Simply by observing the configuration of the flights or noting the distinctive (and unchanged) call signs of the aircraft, the type of target could be determined. There were also other examples given, including the pattern that Airborne Command Post (ACP) aircraft would land at certain places and times depending on when and where the mission would take place, the fact that the Air Force and Navy would strike at specific times (the Air Force, for example, would almost invariably strike targets between 0800 and 0900, and again between 1600 and 1700) and only in good weather, that airborne refueler aircraft would use the same route and fly several minutes ahead of bombers (using the flight route and plane number as their call sign, which was sent over nonsecure voice channels), and more. Putting this all together, it became trivial to determine the timing and target of a bombing mission.
11. The Purple Dragon survey wasn’t intentionally intended to be repeated, but the survey team and agency leadership advocated for a permanent program based on their findings and the likelihood of reoccurrence (page 30). The survey was intended to be a one-off response to specific security concerns. Still, COL Chance and Admiral Sharp agreed that the survey should become a standard procedure for any military operation. The final report to the Joint Chiefs of Staff included a recommendation that the survey be expanded into an enduring capability; the Joint Chiefs agreed and authorized a permanent OPSEC branch under the CINCPAC J3. This answers a long-standing question as to where OPSEC was intended to “live” from its inception and whether it was originally viewed as a security discipline or an operational one.
While not in this document, an interesting historical side note was that the name for the new discipline was decided at a bar in Hawaii. According to Robert “Sam” Fisher (and retold by others from the team): “The next question was what to call this new organization. Our role was operations analysis, but operations analysis would not do for a name. We wanted to distinguish ourselves from the many operations analysis groups that already existed in Vietnam. One knew that Mother NSA would not allow me to be a part of this new organization unless security was among our objectives. Hence, we arrived at the name Operations Security. A side benefit to this name was the acronym OPSEC, a good way to catch people’s attention.”
12. As a mildly interesting note, the original 2007 release showed the affiliation (U.S. Navy) of the artist that drew the dragon on the cover of the final Purple Dragon report, but the new release redacts it, likely in error (page 35).
13. The first major Purple Dragon survey of a non-Air Force mission took place in 1967 when the survey team examined Navy and Marine amphibious landing missions and found multiple similarities nearly identical to the Air Force operations assessed previously (page 37). The (reasonable) requirement to coordinate landings and raids with local officials and allied forces during the early planning phases of the mission led to provincial chiefs and local villagers moving their cattle and equipment out of the area well in advance of the assault. The movement signaled to adversarial forces that “an operation of some sort was going to occur.” It was also noted that helicopters were pulled from other areas and limited in use the day before to ensure availability in support of the landing. Naval bombardment would also begin several hours before the landing, a literal “wake-up call” for those forces that hadn’t already left, and the reporters would be notified up to four days before the assault and transported by helicopter to one of the assault ships the day before. Perhaps the most significant observation was that a Navy hospital ship, which required more time to move and stage, would be anchored off the opposite side of the target beach the day before the assault. Hospital ships are distinctly marked and easily observed, giving at least an evening’s warning.
14. About a week before an amphibious landing, the Marines would send an Airspace Reservation Request to the Air Traffic Controller in Saigon, along with a formal request to keep the NOTAM secret until a few hours before the requested time (page 40). However, this request was often ignored, and the NOTAL was released immediately. This revealed the fact that a military operation was planned for a specific day at a specific time in a specific location up to a week in advance. The solution was to send the request to Saigon at the last moment and, in at least one case, not until the Marines had already landed on the beach.
15. In an interesting twist, the largest amphibious operation of the war at the time, Operation Bold Mariner, used the same OPSEC weaknesses the adversary was exploiting to mislead them (page 40). Now understanding that the adversary was looking out for certain patterns and indications, mission planners spread misinformation through those channels to convince them that the attack would take place at Mo Duc rather than the actual target, Batangan. The Marines issued a NOTAM for Mo Duc eight hours before the apparent landing time, naval gunfire targeted the decoy target on schedule, and a Naval hospital ship anchored near Mo Duc only to reposition once the actual assault had already begun.
16. The American logistics system in Vietnam was a major success when it came to moving weapons and supplies around the country, but at the same time, the process turned into an intelligence goldmine for adversaries (page 47). Supplies came into the theater through centralized supply depots in “rear” areas and were distributed by truck convoys all over the country. Coordination for convoys and road clearances was often conducted well ahead of time and often over unsecured phone lines that were frequently intercepted. Worse still, larger convoys often used the same routes at the same times and on the same days for their deliveries, which made planning ambushes relatively simple. The survey team also found that many combat units would requisition supplies for a particular operation a month or more in advance. This request, which was often processed by local civilians, would list the latest acceptable delivery date, the unit designation and location, and often even the cover name for the operation. These details would then be stenciled on the crates and left in plain view of anyone with access.
17. The initial success of OPSEC measures to protect Arc Light bombing missions was overestimated and may have been historically overreported (page 52). One of the primary metrics for the effectiveness of Arc Light OPSEC measures was the number of alerts detected by adversary forces transmitting a warning of upcoming strikes. After the measures were put in place, these transmissions had nearly stopped completely- in one six-month period, only five valid alerts were detected out of over 2,600 missions flown. Not long after, however, North Vietnamese defectors reported that the units were still being informed of airstrikes up to several days in advance but had switched to courier and landlines to avoid detection.
18. Another section of the report that was redacted in the 2007 release was the discussion of the concept of and rationale behind “thinking like the enemy.” (page 65). Even in 2007, a fundamental concept of OPSEC is viewing your own operations from an adversarial perspective in order to identify vulnerabilities and shortcomings that you would have missed otherwise. The 2024 release discusses the effectiveness of the approach and how combat commanders were eventually able to embrace it when shown concrete examples of lessons learned.
19. In yet another example of content that was redacted for unclear reasons, the section in which the Joint Chiefs of Staff noted that one-year rotations led to repeated OPSEC issues was redacted due to national security and classification reasons (page 76). The decision was then made to train servicemembers on OPSEC concepts before deployment rather than on the job when they get into theater. To help with coordination and planning, the DIA hosted the first Worldwide OPSEC Conference from 30 April to 2 May 1968 in Virginia. Shortly after this, COL Chance was named the head of the newly-created Joint Chiefs of Staff OPSEC branch, building on his
20. After the war ended, the OPSEC process was applied to peacetime drills and exercises to determine if the same issues would be discovered away from the chaos and fog of war. It turns out they were (page 77). Joint training exercises in Korea, code-named Combat Dawn SIGINT, found many of the same issues and indicators encountered in Vietnam only a few years prior. One example of many is that drone aircraft were deployed to skirt the North Korean airspace in an attempt to activate and test the country’s air defense radar system, but the drones invariably flew the same path for the same duration at the same time of day, making the mission predictable. Much like in Vietnam, the flight plans for the recovery helicopters were filed ahead of time- in this case, exactly at 0800 the day before.
21. An interesting perspective found in the 2024 release, but not the 2007 one, determined that “the greatest single cause of the U.S. military’s poor operations security in Vietnam (was) the general lack of respect U.S. personnel felt for the VC/NVA” (Page 85). General Creighton Abrams (the namesake for the M1 Abrams series of tanks) also reportedly said, “A lot of Americans over here underestimate the cleverness” of the North Korean people. In underestimating their adversary, U.S. forces underestimated their ability to intercept unsecured communications and their intelligence in analyzing intelligence.
22. Perhaps of interest to some, the 2024 release discusses the circumstances and resourcing concerns that led to the National OPSEC Program being ultimately established under the NSA (Page 90). The CINCPAC OPSEC branch was the rightful successor to the Purple Dragon survey team, but by 1980, the branch had dwindled to only five employees and was left unsure of its peacetime role. The NSA, however, had provided many of the staff for the CINCPAC team and, in no small part due to the leadership role of Sam Fisher and others, maintained a recent institutional memory for the process. In 1981, the agency began providing OPSEC training to the government, civilian, and military elements, so it came as no surprise when President Ronald Reagan established the NSA as the executive agent in charge of the National OPSEC Program when it was created in 1988.
A lot has changed in the decades since this history was written. And even more has changed since the date the final Purple Dragon report was submitted in 1967. But in understanding the history of OPSEC, we can understand just how many things have actually stayed the same. OPSEC is no longer only a military discipline, but the challenges faced by the original Purple Dragon survey team have a lot to teach us about the challenges we’re likely to face in our own organizations and communities.
Operation Safe Escape applauds and supports the Fair Housing for Survivors Act of 2023, a bill introduced in the US House of Representatives earlier this year. This important piece of legislation aims to provide protection for survivors of domestic violence, sexual violence, and sex trafficking under the Fair Housing Act. If passed, the bill would include survivors of domestic violence, sexual violence, and sex trafficking to the list of classes protected under the existing Fair Housing Act, helping to protect survivors from discrimination or eviction for crimes committed against them.
The statistics are shocking and underscore the importance of this landmark legislation. Research indicates that up to 57% of homeless women, many with children, report that domestic violence was the immediate cause of their homelessness. 84% of survivors in domestic violence shelters report that they need help finding affordable permanent housing, with more than half not receiving the assistance they need. And survivors who become homeless as a result of abuse or assault are at a significantly higher risk of other forms of victimization.
Sadly, the majority of survivors who experience sexual assault or abuse in their home do not immediately relocate to a safer environment because they lack funds or are not aware of the resources available to them. In a press release announcing the legislation, Congresswoman Wasserman Schultz said, “for far too long, survivors of domestic violence, sexual assault, and human trafficking have been forced to choose between confinement with their abusers or homelessness.” The time to act, clearly, is now.
The bipartisan bill has 53 cosponsors, which you can view here. Don’t see your representative on the list? Click “Contact Your Member” on this page and encourage them to support H.R. 2918, the Fair Housing for Survivors Act of 2023.
On August 18, 2023, Twitter… we mean “X” owner Elon Musk made an announcement that the site will be removing the block feature for public posts, leaving the function only available for direct messages. He later clarified his (flawed) belief that the mute button is good enough to protect Twitter’s users.
Elon is, frankly, wrong.
Survivors of domestic violence and stalking block accounts for their own safety and mental health. It can help people share their story, connect with their support system, and enjoy the internet without the constant harassment of people who want to cause them harm or distress. And while not a perfect solution, it gives them some measure of control over their online presence even when the harasser creates new accounts for the same purpose. This is why we typically recommend survivors of abuse, stalking, and harassment block and report any accounts sending abusive messages.
Instead of blocking, Elon says that Twitter users should mute abusive accounts. The biggest problem with this approach is that the abuser can still send messages, which often includes threats, lies, and even non-consensual pornographic images. If the account is muted, the survivor won’t be able to see or address them, but everyone else on their timeline can. In effect, it gives control of the narrative over to the abuser while taking away from the voice of the survivor. This plan also makes it easy for abusers to view posts and replies from the survivor and their support system while remaining logged into their own account.
Blocking isn’t a perfect solution- there are ways around it, and stalkers or abusers know that. But taking away a tool that survivors of crime use to protect themselves is not okay. We’ve reached out to the Twitter team- and to Elon himself- to make it clear that this plan will put people at risk. Whether or not he listens remains to be seen.
Personally, we believe that Twitter will ultimately end up doing the right thing, but maybe not for the right reason. It’s been pointed out that the iOS app store requires that social media services require “The ability to block abusive users from the service.” Elon may argue that allowing users to block direct messages meets this requirement but we, and many Twitter users, can see that this isn’t enough to protect users.
Elon, millions of survivors of domestic violence, stalking, online abuse, and harassment are watching.
Scroll all the way to the bottom again, and select “Ads”
Scroll down a little, and tap “Delete Advertising ID” or “Turn off Ads Personalization.”
Confirm when prompted — this will reset and disable the ad ID.
2. Scroll down and Tap on “Privacy & Security”
3. Select “Tracking.” and then toggle off “Allow Apps to Request to Track.”
With so much rapidly growing technology in our daily lives, people are becoming 
Legislation should protect and empower survivors of domestic violence, not trap them in dangerous situations. Unfortunately, HB 315 – The Tennessee Covenant Marriage Act does just that. This bill, under the guise of strengthening marriage, imposes severe restrictions on divorce and mandates counseling, even for survivors of abuse—potentially forcing them into harmful interactions with their abusers.
Most people don’t know the full history of Operation Safe Escape. Until 2016, Operation Safe Escape was a project under the Operations Security Professional’s Association or OSPA. At that time, the organization was the largest non-profit organization in the world dedicated to teaching people about Operations Security (OPSEC) and how to use it to protect themselves, their businesses, and more. Over time, the anti-domestic violence mission became more important and the organization’s core focus, now referred to as OSE.
On August 18, 2023, Twitter… we mean “X” owner Elon Musk made an