An Open Letter to the Volunteers of Operation Safe Escape

I already sent a version of this letter to each of the volunteers with Operation Safe Escape, but I thought it was worth sharing openly as well:

There’s a few things on my mind, and I’d really like to share them with you. I’d also like to hear your thoughts in return, because I sincerely value what you have to say. Hopefully, this message can do both. I apologize in advance, it’s long. But there’s a lot to talk about.

First, I just wanted to take a moment and thank you for helping Operation Safe Escape become what it is today, and I really hope you’re as proud as I am of what we’ve built. None of it could have happened without people like you making it happen.

It’s hard to believe that there was a time when no one was doing what we do now, not the way we do it. There were always helpers like you out there, doing what they could to help others, but for the first time we brought them together and created a way where we could do even more good. The results really speak for themselves:

-We’ve helped nearly 3,000 people escape abuse and stay safe after they do, with a 100% success rate
-We’re founding members of the Coalition Against Stalkerware, and our work through the coalition has had a measurable impact on combatting those malicious tools
-Last year, we supplied in excess of 5 million dollars in security services without cost to any survivors
-Our work has been recognized in the news, through our partners in both the advocacy and the tech/security sectors, in the Harvard Tech Spotlight, and so much more

Those are really just a few of the highlights, too. I could go on for hours talking about the impact we’ve had and the number of people that we’ve helped. But I know you already know this, it’s part of why we keep doing what we do. Because we know that we’re helping people- real human beings, men women and children- feel safe and be safe.

So from the bottom of my heart, thank you for making it possible.

I’d also like to talk a little bit about who we are today and some of the things we’re working on. I think it’s important that all of us know what’s in the works, and maybe even ways you can be a part of it.

Have you seen our mission statement? It’s pretty straightforward- “we’re dedicated to combatting domestic violence and related crimes by providing security and safety tools, resources, and direct assistance to people impacted by domestic violence, their support systems, and institutional organizations such as shelters, safe houses, law enforcement, and social services.” Basically, our mission is to help people survive and escape domestic violence. Maybe we help them directly, maybe we do it by supporting the helpers, but everything we do is working towards that noble goal.

I also have a personal vision that I want to share with you- it’s something that keeps me motivated and I hope it’s the same thing that all of us strive for. I imagine a world where the playing field has been leveled, where abusers no longer believe that they can stay in control by isolating and controlling their victims, and the survivors of abuse all know that someone is on their side; not because they can afford to pay for help, but because we genuinely care. I picture a fundamental change to a legal, regulatory, and enforcement system that is fundamentally broken because it too-often fails to protect the vulnerable population that we serve. I can see a world where people feel safe and empowered to make the choices that are best for them without worrying about how to survive it. I dream of a world that doesn’t need people like us, but until that happens we’re going to be there.

We’re here to make a difference, one that will literally be felt for generations. Maybe we’ll receive accolades and praise for the work we do, or maybe not. Maybe we’ll get recognition, maybe not. But the exponential changes we are privileged to help make is really thanks enough.

That’s who we are. It’s ingrained in our culture. We help because we have the ability do so, and because we sincerely care. It’s been who we are since the beginning, and we’ve never lost sight of that. And we’ve earned the respect of many companies and organizations because of this and our unwavering integrity. We work with people that have had their trust violated by people that were supposed to care about them, but they know they can trust us. It’s trust well-placed.

Finally, I want to make sure to share our values. You may have seen these before, but I think they’re important to read again. They are:
Respect. We will treat our clients, partners, and one another with dignity and the respect they deserve
Professionalism. We will give our clients and partners our very best so they know they’re in good hands
Integrity. We keep our word and will do the right thing legally and morally
Innovation. We will always strive to find cutting-edge solutions to stay ahead of the adversary
Authenticity. As an organization, we are who we say we are. We live our own values hold ourselves accountable
The best people. We recruit and partner with the best processionals in their respective fields (by the way, that’s you)

As an organization, we continue to grow. With so many bright and passionate people, how could we not? Here’s a few things that are in the works.

The first thing that comes to mind is the DV-ISAC (the name’s still pending, so we’ll just call it that for now). If you’re not familiar with the concept, an Information Sharing and Analysis Center (ISAC) is a centralized resource for gathering information on threats, and promoting and sharing information between entities. For example, the financial sector has one to talk about threats to banks and the automotive sector has one to talk about improving security as technology advances. Creating the DV-ISAC will finally allow shelters, safe houses, advocacy groups, and law enforcement to work together in a way they haven’t been able to before.

The OSE TOC/SOC, which will allow us to better provide technical support to partner organizations. Right now, shelters and safe houses (for example) have to make a choice when they need to secure a new wireless router or fix a computer issue. If they lack the technical skillset, they can pay someone to fix it or they can buy food and clothes for the residents. By recruiting volunteers to run the help desk, we can help relieve that burden and help them focus on their client’s well-being.

We’re working on putting together a resource kit for partners, bringing them tools, resources, and information that they desperately need. For example, a security control catalog (based on NIST 800-53) tailored to their mission and written for the largely non-security audience that we’re proud to serve. This will allow organizations to consistently apply security processes without “reinventing the wheel” each and every time.

It’s become clear that we need to improve our volunteer intake process to help our volunteers (the lifeblood of what we do) more quickly get oriented to their role and see how they fit into the overall process. Every single person makes a difference, and I realize I haven’t done enough to highlight that. We’re working on a new orientation program that reduce the uncertainty and confusion right out of the gate. This will include a new orientation handbook, an HR packet, and we’ll be introducing a buddy program to pair new volunteers with those that have been around for a while. We’re also putting together training that better addresses our mission. Because what we do is so unique, our training needs to be as well. Here’s the first, which discusses Trauma Informed Care: [redacted]. I’d really love your thoughts.

Finally, we’re also going to be launching a vicarious trauma program to combat compassion fatigue and new volunteer recognition programs.

There’s much more, we’re always working on something, but you can see that there’s a lot going on!

I really hope this can start a conversation, and I invite you to reach out to me directly at any time if you have any thoughts or ideas on how we can do better, or any questions or concerns. You can email me, catch me on teams, or call me at [redacted]. I just want you to know that your thoughts matter to me, and that -you- matter to me.

If you’re free in a few hours (if you can read this far in a few hours, this message was a bit longer than I thought it would be going in), please jump on the team call. I’d love to have you there and hear your ideas.



Chris Cox
Director, Operation Safe Escape


FTC bans stalkerware company and CEO from spying on individuals

In a landmark case, the Federal Trade Commission (FTC) has banned SpyFone and CEO Scott Zuckerman from selling stalkerware apps, which were used to secretly harvest and share data on people’s movements, phone usage, and online activities in a way that wasn’t easily detectable by the victim. In addition to fines, the company is required to delete all stored data and notify users that their phone had been compromised.

The FTC has taken action against stalkerware companies before, but this is the first time they’ve been able to secure a sales ban. Equally important, the requirement to inform users that they have been compromised will expose related forms of abuse and empower survivors to take additional legal action.

 “SpyFone is a brazen brand name for a surveillance business that helped stalkers steal private information,” said Samuel Levine, Acting Director of the FTC’s Bureau of Consumer Protection. “The stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company’s slipshod security. This case is an important reminder that surveillance-based businesses pose a significant threat to our safety and security. We will be aggressive about seeking surveillance bans when companies and their executives egregiously invade our privacy.”

Read the full FTC press release here
Read the legal complaint against SpyFone here

The Starfish Story

You may be familiar with the starfish story, a reminder of how one person can make a difference.

In the story, a man was walking along the beach after a heavy storm. During the storm, debris from the sea washed up on the shore- seaweed, driftwood, and various shells adorned the moist sand. In the distance, along the shoreline, the man saw a child playing in the surf. As he grew closer, he saw that the child was running inland, picking something up from the sand, and then throwing it into the ocean. He would time his run so that he could get as far out as possible without getting overwhelmed by the waves.

As the man got closer, he saw that the ground was littered with countless starfish of various sizes, each drying out in the sun. The boy was collecting as many as he could and throwing them back into the water.

“What are you doing?” the man asked.

Without stopping, the boy replied, “the storm washed all these starfish up, and they’re going to dry out in the sun. I’m throwing them back into the water so they’ll survive.”

The man looked around and noted just how many starfish there were- far too many for a child to collect in time. “But there’s too many,” he said. “You should just go play, you can’t possibly make a difference.”

The boy picked up another starfish and threw it back into the water. “Made a difference to that one.”

It’s a wonderful story, and a great reminder that any of us can make an impact in someone’s life. Often, even a small act can make a huge difference- one that will never be forgotten. But, in a sense, the man had a point. No matter how much the boy’s actions meant to the ones he could save, what of the other starfish?

The man asked the right question, but he didn’t act on it. Imagine what would have happened if he had picked up a starfish and put it back into the ocean; the boy would know he’s not the only one trying to help, and even more could have been returned. What if he had called others to come help, or if people passing by had spent even jut a few minutes helping. The child’s first efforts would have been exponentially increased, and even more could be helped.

Any one of us can make a difference. Working together, we can make a world of difference.

That’s how we see things, anyway. Operation Safe Escape brings people together from different backgrounds and areas of expertise, all with one thing in common: they saw that people needed help and they were willing and able to make a difference. We stand united against all forms of abuse, and will always be there when you need us.

Domestic Violence Knows No Gender, Race, Age, Status

Trigger warning: non-graphic statistics on assault and sexual violence.

Just a few decades ago, domestic violence simply wasn’t something that people talked about. Abuse within the home was considered to be a private family matter, except for when it was portrayed for comedic purposes in television and advertisements. By the 1960s, scholars and social service providers were just starting to recognize that child abuse is a major and pervasive social issue, but it wasn’t until the 1970s that the Battered Women’s Movement, as it was called at the time, brought domestic violence to the public’s attention. This led to substantial reform, to include new laws and resources such as shelters, hotlines, and advocacy groups.

The first known study showing that man are also victims of abuse was presented in 1975. However, many men are reluctant to report acts of domestic violence for multiple personal and socio-cultural reasons. This has led to under-reporting of acts of intimate partner violence among men.

Domestic violence is not restricted to any single group, and it’s something that we as a society need to talk about. It’s important to recognize that domestic violence can impact anyone, so it feels safe for anyone to get help.

Every minute in the United States, 20 people experience domestic violence. According to a 2017 CDC report, 1 in 4 women and 1 in 7 men will experience severe physical violence at the hands of an intimate partner at some point in their life. The CDC also notes that 16.9% of women and 8% of men will experience sexual violence (this statistic does not include rape), although the report also concludes that data on sexual violence against men may be under-reported.

Domestic violence also crosses race and ethnicity lines, with 47.5% of American Indian or Alaskan Native women, 45.1% of non-Hispanic Black women, 37.3% of non-Hispanic White women, 34.4% of Hispanic women, and 18.3% of Asian-Pacific Islander women experiencing sexual violence, physical violence, and/or stalking by an intimate partner within their lifetime.

According to the 2010 National Intimate Partner and Sexual Violence Survey, the most common age when intimate partner violence is first experienced by women is age 18-24 (38.6%), followed by age 11-17 (22.4%), age 35-44 (6.8%) and age 45+ (2.5%). For men the most common age is age 18-24 (47.1%), followed by age 25-34 (30.6%), age 11-17 (15.0%), age 35-44 (10.3%) and age 45+ (5.5%).

If we, as a society, are going to effectively combat domestic violence, we need to support everyone impacted by it regardless of demographics. But if we ignore anyone because of our preconceptions and biases, we’ve failed them.

Additional information: Domestic Violence in the 1970s, written by Catherine Jacquet for the National Institute of Health.

Volunteering with Operation Safe Escape

We’re a huge organization of hackers, makers, and security expert that work together to help survivors of stalking, harassment, and domestic violence escape and stay safe after they do.

To do this, we provide forensics and investigation services to help survivors get legal assistance, security education and rescue ops, seminars and direct assistance for support organizations such as domestic violence shelters and safe houses, educational and awareness resources, and so much more. We help survivors navigate the difficult process of planning and effecting their escape, and make sure they have a safe place to go once they do. We help develop policy and strategic advisories for protective programs across the country and integrate our work to support/protect/rescue survivors at every level.

…and we do it all for free.

OSE has successfully helped in over 2000 cases, without cost to any survivors. We need your help to continue doing it. Last year, we supplied over 2 million dollars in security services free to survivors and support organizations and we rely on volunteers and subject matter experts to keep doing it. Please consider helping us by clicking here.

The Stalkerware Threat

On August 15th, 2018, an unsavory character was able to obtain complete and total access to everything on my personal cell phone. In just a few minutes, they were able to download all of my pictures and videos. They could read my text messages and emails, and even send whatever they wanted to while pretending to be me. They tracked my location and secretly activated my microphone and camera. They knew where I was at any given moment and where I would be according to my calendar. They had access to my entire life.

Fortunately, I was that unsavory character. And just as fortunately, I was conducting an experiment to demonstrate how easy it can be to weaponize our own phones against us, how hard it can be to detect for even advanced users, and how disastrous it can be if it happens. Turns out, it’s pretty easy.

In May of 2018, security researchers Andrew Blaich and Michael Flossman with the security firm Lookout, discovered a new malware variant that they dubbed Stealth Mango (for Android) and Tangelo (for IOS). These tools were successfully deployed against military and government targets in Pakistan, Afghanistan, India, Iraq, Iran, and the UAE, and spread largely through phishing and compromised websites. The campaign was ultimately able to exfiltrate over 15GB of data, including text messages, contacts, secret recordings, and sensitive military/government communications. The stolen data even included passport scans, ID cards, whiteboards, and meeting/ceremony pictures that included US service members. In other words, it was a treasure trove of information.

While researching the campaign, the researchers make a remarkable discovery: the same team that developed Stealth Mango and Tangelo also made a commercial variant and the code was almost exactly the same. Commercial variants of mobile spyware are often referred to as “stalkerware” or “spouseware”, named after their common usage.

Once upon a time, sophisticated mobile attacks and intelligence operations were the purview of state actors. This is why the government and military doesn’t allow cell phones into certain areas. But now the threat has grown exponentially and the sheer number of potential attack vectors warrant a careful reconsideration of our policies, training, and defensive posture. Today, the threat includes anyone with $60 or so and easily who can follow basic instructions. There are countless variants of this sort of software commercially available, not to mention the multiple homebrew versions. We can start to get some idea of the sheer scope of the problem by analyzing the data leaded from a self-identified employee of one such company, Flexispy.

Flexispy makes and sells this sort of software. They also sell a “white label” version for other companies to resell under their own brand. According to the information provided to motherboard security researchers Lorenzo Franceschi-Bicchierai and Joseph Cox, at least 130,000 people had accounts with the service. Among them, a fifth-grade teacher, the president of a distribution company, the vice-president of a bank and many more. And that’s just one company- there’s many others with their own customer base.

Recently, I went to the website of one such company. Their website lists two primary uses for their brand of stalkerware: to “keep your children safe” and to “monitor your employee’s company phone usage”. Insert additional air quotes liberally. It’s important to note that both of those purposes are technically legal, although there would be certain caveats and provisions that would be the responsibility of the buyer to obey.

As an experiment, I contacted this company with a fictitious back story. I told the sales rep that I thought my “girlfriend” was cheating on me, and I wanted to know if their product could help me spy on her. I expressed concern that she would discover it, and mentioned that it’s her phone on her own account. In other words, I was asking if I could use their software to commit a major crime. The rep assured me that it would work perfectly for this purpose. They offered tips on installing it without the victim discovering it, and they even offered a 10% discount code for my first month.

After I purchased a one-month license (I chose not to take advantage of discounts offered for longer durations), it took about two minutes to infect my phone. After that, I merely had to login to my online dashboard on the company’s website to access everything on my now-infected phone. If I intended harm, I would have had ample means to do it then.

The fictitious story is a realistic one, and includes not only an abusive partner but also burglars, hackers, or anyone else that would benefit from this unprecedented level of access when trying to accomplish their goals our counter our own. It’s an inexpensive and low-risk method of intelligence gathering that can be initiated from anywhere in the world, depending on the technical capabilities of the attacker.

As discussed previously, we already restrict cell phones in specific areas. This is a good thing, and that shouldn’t change. But what could your adversary could do if they manage to infect one or more of your employee’s personal or issued cell phones?

We all know that we’re not supposed to talk about work-related topics while we’re out of the office for lunch, but we feel a little bit safer when we’re alone with our trusted coworkers who are working on the same project. We wouldn’t tell our adversary about network issues and vulnerabilities, but we might do a quick internet search on our phone while trying to fix a router configuration issue. And we work hard to protect information about client arrivals, even though a compromised phone can tell far more than an itinerary can. That’s not to mention the blackmail potential for well-placed employees based on their app usage (for example, a married employee using a dating / hookup app), location history, email receipts, and more. The next time you think about the information you want to protect, think about all the items that could potentially be compromised along with your employee’s phones.

As always, real-world risk should inform policy. But when we’re talking about personal devices and non-work hours, there’s only so much that policy can adequately address. We need to provide our users with the resources and information they need to protect themselves under those conditions. For example, these are some important concepts that can be relayed to your employees in order to help protect them and your critical information:

– Free antivirus apps are able to detect many variants of stalkerware, but are often not installed by default. Installing a third-party antivirus app by a reputable company will help prevent infection in the first place
– Periodically scan through your list of installed apps to look for anything you didn’t install or don’t recognize. Many stalkerware apps don’t actually display an icon, so this may not be enough on its own
– If using an android device, look through the settings for “device administrators.” Any apps listed here have more or less full control of your device. For example, the program that I tested required these privileges in order to function. Also, disable the “install from unknown sources” option to help prevent the surreptitious installation of apps
– The least difficult method of installing stalkerware involves physical access to the device. This allows the attacker to ensure that it’s working properly and their tracks are fully removed. Make sure your device is locked and uses a password, PIN, or some other security feature. Other methods of installation seen in the wild include phishing attacks or luring users to a compromised website, referred to as a “watering hole” attack. Make sure these methods are addressed in your training and awareness program
– Some users choose to root or jailbreak their phone in order to increase functionality or unlock certain features. However, this also increases the options available to the attacker. For example, some attacks against iOS devices simply won’t work unless the device is jailbroken. If your users have rooted or jailbroken their devices, make sure they’re aware of the risks

This was only a very broad overview discussing the scope of the problem and basic remediation measures. We have no choice but to meet this emerging threat head on before it’s too late. Much like our adversaries, we have to adapt to a new, increasingly connected environment where the battle lines are blurry at best and ordinary users are on the front lines of a new kind of war.

Early police intervention linked to lower rates of domestic violence escalation

Police in Tarrant County, Texas, have started hand-delivering letters to individuals convicted of any form of abuse against an intimate partner- even relatively minor, non-violent crimes. The letters inform the perpetrator that they have been added to a registry of domestic violence perpetrators and that any future crimes will be treated very seriously. The goal is halt the behavior before it escalates, and it appears to be working. Since the program’s inception, the rate of re-occurrence of intimate partner violence has been cut in half.

Read more:

Latina Safehouse: “Abusers continue using immigration status to control their victims”

Colorado-based domestic violence shelter, Latina Safehouse, reports that abusers are continuing to use immigration status as a form of control. By threatening deportation (either with or without their children), the abuser strives to keep their victim from reporting the crimes.

Read more:

New members and territories join fight against digital violence

Originally published at

Worldwide lockdowns reconfirm the need for strengthened international working group to domestic violence and stalkerware

The fight to protect consumers against stalkerware continues as eleven new organizations – AEquitas with its Stalking Prevention, Awareness, and Resource Center (SPARC), Anonyome Labs, AppEsteem Corporation, bff Bundesverband Frauenberatungsstellen und Frauennotrufe, Centre Hubertine Auclert, Copperhead, Corrata, Commonwealth Peoples’ Association of Uganda, Cyber Peace Foundation, F-Secure, and Illinois Stalking Advocacy Center – join the Coalition Against Stalkerware. Since its launch in November 2019, the Coalition Against Stalkerware now has 21 partners, including founding partners – Avira, Electronic Frontier Foundation, the European Network for the Work with Perpetrators of Domestic Violence, G DATA Cyber Defense, Kaspersky, Malwarebytes, The National Network to End Domestic Violence, NortonLifeLock, Operation Safe Escape, and WEISSER RING. The Coalition seeks to combine its partners’ expertise in domestic violence survivor support, digital rights advocacy, and cybersecurity to address the criminal behavior perpetrated by stalkerware and to raise general awareness about this important issue. 

Domestic violence increases due to lockdowns

Growing the number of organizations united to fight stalkerware has never been more important than during these exceptionally difficult times. With lockdowns globally in place due to the COVID-19 pandemic, domestic violence incidents are increasing according to the US-based National Network to End Domestic Violence[1]. Other Coalition partners from different territories report similar increases[2], and the United Nations (UN) recognizes this as well. In early April, the UN Deputy Secretary-General, Amina Mohammed, explained that worldwide, the negative consequences caused by lockdowns are borne more by women as their risk of suffering from domestic violence is more likely to increase[3]. As well as physical abuse, many of these women need to be afraid of finding stalkerware on their phones. This is one of the most concerning problems resulting from domestic violence in general, not only during the ongoing pandemic, according to a bff survey conducted among women’s counselling and rape crisis centres in Germany[4].

Joint efforts

With the goal of helping victims and educating the public about the dangers of stalkerware, the founding members of the Coalition created a standard definition and detection criteria for stalkerware, which did not previously exist. During the first few months of their efforts, the Coalition partners have focused on raising greater awareness of stalkerware advocacy organizations, journalists, and regulators through public speecheseventspublicationsresearch, and collecting the cybersecurity vendors’ data on stalkerware.

To continue raising awareness about the issue of stalkerware, the Coalition Against Stalkerware has also produced an explanatory video available in six languages (EnglishFrenchGermanItalianPortuguese and Spanish) that has been launched today. The aim is to provide helpful information for victims and survivors to better understand and detect the warning signs of stalkerware. The video lists common indicators to check if a user thinks they may have become a victim of stalkerware, and what steps they should and should not take.

The Coalition’s helpful online resource for stalkerware victims has also been made available in six different languages. Users can now find information about what stalkerware is, what it can do, how to detect it, and how to protect themselves in English, German, French, Italian, Spanish and Portuguese. For potentially affected users, the Coalition members recommend contacting local victim service organizations immediately.

Finally, another member of the Coalition – National Network to End Domestic Violence – has released a Documentation and Evidence Collection App[5]. DocuSAFE is a free app available in English that helps survivors collect, store, and share evidence of abuse, such as harassing messages, online impersonation, or other images or videos documenting domestic violence, sexual assault, stalking, harassment, and dating violence. WEISSER RING also launched such an app last year, called “NO STALK” which is available in German[6]. It is important to note that these apps should not be used on devices that one suspects may be monitored.

The Coalition Partners’ future goals include, but are not limited to: improving detection and mitigation of stalkerware, developing best practices for ethical software development, and increasing technical capacity of survivors and advocacy organizations.

“Stalking impacts an estimated 6-7.5 million people in a one-year period in the United States and 1 in 4 victims report being stalked through some form of technology. Providing education and information to survivors, those working to respond to the crime of stalking, as well as to our communities at large is an essential first step in enhancing the safety of stalking victims and holding those who perpetrate such crimes accountable. We are excited to join this coalition of non-profits and IT Security Companies to enhance our collaborative response to stalking.” - Jennifer Landhuis, Director, Stalking Prevention Awareness & Resource Center.
“Anonyome Labs Inc. empowers people to be able to determine what information they share, and how, when and with whom they share it. We provide victims and potential victims of harassment, violence and abuse real and effective tools for protecting their personal information. We are proud to join the important Coalition Against Stalkerware to help stop tech-facilitated violence and abuse.” – JD Mumford, Co-CEO, Anonyome Labs, Inc.
“We believe that any software that tracks people’s actions without their awareness or their consent is evil. But because the people who buy stalkerware do so knowingly, we know that the only way to eradicate stalkerware is through a coordinated and holistic effort that attacks not just the stalkerware vendors, but also punishes those who enable its distribution. We are happy to contribute to and work with the Coalition Against Stalkerware.” – Dennis Batchelder, President, AppEsteem Corporation
“In Germany, for several years, Women’s Counselling Centres and Rape Crisis Centres have noticed an increasing use of stalkerware in conjunction with partner relationships. During the coronavirus pandemic, digital communication is, for many, often the only remaining contact option. Monitoring of communication and media usage by a violent partner can result in escalating dynamics of violence and making it more difficult to get support and help. Now, and any other time, victims of intimate partner violence need to have the possibility to protect their privacy and use media free from violence.” – Ans Hartmann, Project Coordination “active against digital violence”, bff: federal association of rape crisis centres and women’s counselling
“According to the study on cyberviolence in intimate relationships, conducted by the Center Hubertine Auclert in France , 21% of victims have experienced the use of stalkerware by their abusive partner,  69% of victims have the feeling that their personal information on their smartphone has been accessed by their partner in a hidden way.  The stalkerware is an important source of danger and distress for victims. The Coalition is a great opportunity to bring together the expertise of the IT security sector and of NGOs specialized on violence against women. This synergy on an international level will be fruitful to create together the best solutions  for victims’ protection.” – Clémence Pajot, Director, Center Hubertine Auclert
“Stalkerware is a terrible extension of the current offence and defense race in the mobile security world. Individuals should expect and demand privacy from the systems they use and their mobile devices are no exception. Stalkerware is a gross invasion of privacy and personal security - the equivalent of having a firm of private investigators tracking your every move. Currently this can happen, with minimal effort, to individuals and corporations with their mobile devices. The Coalition Against Stalkerware is an important social movement to stop the spread of this invasion of liberty and freedom.” - James Donaldson, Director and CEO, Copperhead
“Stalkerware is an extremely harmful example of the kind of threat that Corrata’s technology is designed to guard against. We are delighted to join forces with the other members of the Alliance to protect users against targeted stalkerware attacks. Spying on a partner or family member’s mobile device is a complete invasion of privacy. Designed with user privacy in mind, Corrata fights against the rising menace of stalkerware.” - Colm Healy, CEO, Corrata
“Over the last 14 years, the Commonwealth Peoples’ Association of Uganda, as a non-governmental organization, has been at the forefront in promoting the use of information and communications technologies for development (“ICT4D”) among the youth for social change & development in addition of being a champion in making sure that the World Summit on the Information Society (“WSIS”) Declaration of Principles (2005) are being implemented in Uganda. Partnering in the Coalition Against Stalkerware enables our organization to share important information and to access capacity building opportunities to protect Internet users from this type of software throughout the country.” - Kiapi K. Frederick, Executive Director, Commonwealth Peoples’ Association of Uganda
“In recent times we have seen a sharp increase in stalkerware and spyware use. It is a matter of concern because many are ignorant about the existence of these applications and the negative impact it can have on security and privacy and society at large. Cyber Peace Foundation is committed to aligning all our initiatives in line with the collective vision of the Coalition against Stalkerware.” - Capt. Vineet Kumar, Founder & President, Cyber Peace Foundation
"Stalkerware evolved from the same culture of mass surveillance and data collection that pervades the internet. But these tools’ accessibility to individuals without much technical know-how or resources makes stalkerware a threat that rings closer to home for many, particularly those who are already victims or vulnerable to abuse. We’re committed to protecting F-Secure’s customers from the culture of pervasive surveillance and data collection that's consuming our digital lives, and we hope that joining this coalition of like-minded organizations will enable us to address this threat at a wider scale."  - Christine Bejerasco, VP Tactical Defense Unit, F-Secure
“Stalking is unpredictable and can be dangerous which is why it is imperative for stalking advocates to thoroughly safety plan with their clients. The use of stalkerware in stalking cases often complicates efforts to safety plan with victims because it is often undetectable and even when stalkerware is suspected, there are often little resources available to remove stalkerware and prevent it from being reinstalled. Collaborating with the Coalition Against Stalkerware is an important first step to connect advocates and IT security professionals so we can work together to combat this growing problem.” - Kim Tipsord, Executive Director, Illinois Stalking Advocacy Center
“The Coalition Against Stalkerware is essential to the effort to coordinate academic researchers, law enforcement, anti-virus companies, and organizations working directly with survivors of domestic abuse and spying. The digital world is global, and so is domestic abuse, spying, and partner violence. I’m happy to see the Coalition welcome not just new technology companies, but also key voices from the Global South. I look forward to incorporating new threat models, so that the Coalition’s efforts can benefit survivors all over the world.” --Eva Galperin, Director of Cybersecurity Electronic Frontier Foundation
“More and more, service providers see themselves confronted with offline violence continuing online. Perpetrators of cyber stalking cause immeasurable harm and undermine victims’ sense of safety. The Coalition Against Stalkerware is a unique chance to bring together NGO and technical knowledge. We are proud to welcome new members to this incredible effort. Together, we will ensure perpetrator programmes have the necessary knowledge and resources to hold perpetrators accountable for their violence - offline and online.” - Anna McKenzie, Communications Manager, European Network for the Work with Perpetrators of Domestic Violence (WWP EN)
“No company or NGO can fight stalkerware alone - it takes a village. I am therefore very happy that many new members are joining the coalition to contribute to this crucial cause and bring in their respective skills and connections. Especially in this trying time domestic violence and espionage against partners is an important topic that needs much more awareness.” - Hauke Gierow, Spokesperson, G DATA CyberDefense”
"The threat of stalkerware is constantly on our radar. In April 2020 alone, we detected that 8,201 users worldwide had stalkerware installed on their mobile devices. While in April 2019, this number was 7,736. We see that statistics are changing from month to month and year to year. To further improve the detection of such software in the cybersecurity industry, we are glad to see more organizations joining the Coalition Against Stalkerware and therefore sharing our knowledge with and inside this group dedicated to protecting users against stalkerware. Beyond detection, further research on the link between cyberviolence, physical violence and the gendered nature of stalkerware use is crucial in order to develop a clearer picture and better understanding of this issue. For that we are proud to be working together with our fellow Coalition members," – Tatyana Shishkova, Senior Malware Analyst, Kaspersky
“Stalkerware is both a global and local human rights issue, and to address it, we’re seeking help from every region. Today, we are proud to welcome new members to the Coalition from around the world who bring community-based expertise both in researching the threats of stalkerware, and in providing support and proactive digital protections for domestic abuse survivors. With their help, we hope to develop more nuanced and informed strategies of prevention.” - David Ruiz, Online Privacy Advocate, Malwarebytes
“Survivors have the right to safety and privacy. We know that a safe home means that survivors have access to safe and secure devices free from stalking, monitoring and tracking. The National Network to End Domestic Violence is proud to partner with technologists, global advocacy organizations, and direct service providers to further the work around ending stalkerware as we all work to end violence for all.” - Erica Olsen, Director of the Safety Net Project at the National Network to End Domestic Violence
“In the last year, we have identified nearly 11,000 apps we consider to be stalkerware and have detected roughly 1,250 infected mobile devices monthly. As a founding member of the Coalition Against Stalkerware, NortonLifeLock takes digital and domestic violence seriously and has worked diligently to research the data, help define the issues and identify and report cases related to stalkerware. With the addition of eleven new organizations to the Coalition, we look forward to continuing to fight and protect consumers with more experts and organizations across the globe.” – Kevin Roundy, Technical Director, NortonLifeLock
“Increasingly, we’re seeing abusers, stalkers, and harassers using stalkerware tools to control and harm their victims. The effect can be devastating when a person impacted by those crimes doesn’t know when it’s safe to communicate or how to reach out for help. Fortunately, the actions of this coalition, strengthened by its newest members, continue to make significant progress in raising awareness and developing easy tools to allow even non-technical victims to detect stalkerware and take actions to protect themselves.” - Chris Cox, Director, Operation Safe Escape
“As a victim support organization, we know that victims suffer from stalking. Those who are affected rarely seek help, because they feel ashamed and blame themselves. Victims of stalkerware suffer particularly because of the far-reaching digital possibilities we have today: There are hardly any shelters left for them when cyberstalking pervades their digital lives. This not only limits the quality of life but also creates a feeling of powerlessness and the feeling that they are completely and utterly at somebody’s mercy. Even if stalking does not always leave visible marks, victims often react with strong psychological stress symptoms. We face such cases in our victim work. According to police crime statistics, there were almost 19,000 cases of stalking in Germany in 2018, 500 more than in the previous year. That is why we have developed the NO STALK app together with the WEISSER RING Stiftung to provide victims with an effective tool for documenting stalking. For us as WEISSER RING, it is important to offer support to those who are affected by stalking. We do so via the app to report the actions but mainly in personal conversations and support, for example when we accompany them to the police. The WEISSE RING is available to help over 700 stalking victims every year. Our civic engagement helps victims of crime to rebuild their lives after being victimized.” – Horst Hinger, Deputy Managing Director, WEISSER RING

About Coalition Against Stalkerware

The Coalition Against Stalkerware (“CAS” or “Coalition”) is a group dedicated to addressing abuse, stalking, and harassment via the creation and use of stalkerware. Currently comprised of direct service and international victim service agencies, as well as information technology security firms, the Coalition looks to bring together a diverse array of organizations to actively address the criminal behavior perpetrated through stalkerware and raise public awareness about this important issue. Due to the high societal relevance for users all over the globe, with new variants of stalkerware emerging periodically, the Coalition Against Stalkerware is open to new partners and calls for cooperation. To find out more about the Coalition Against Stalkerware please visit the official website

[1] WIRED article, “Tech Is a Double-Edged Lifeline for Domestic Violence Victims”, 28 April 2020.

[2] As examples:
In France, the Centre Hubertine Auclert explains that there is a 50 % increase of calls to the main helpline for domestic violence victims (helpline 3919 of the Fédération Nationale Solidarité Femmes).
For India, the Cyber Peace Foundation refers to the National Commission for Women (NCW) reporting 587 complaints on their helpline number and online portal since the lockdown kicked into effect in March. Also, Cyber Peace Foundation states that 89% of the total number of cases registered to legal services authorities across the country were of domestic violence.

In Europe, the European Network for the Work with Perpetrators of Domestic Violence (WWP-EN) said that their members reported significant increases in activity.

[3] UN News “UN backs global action to end violence against women and girls amid COVID-19 crisis”, 6 April 2020.

[4] bff report “Digitalization of gender specific violence” 2017.

[5] Website by the NNEDV, DocuSAFE: Documentation and Evidence Collection App.

[6] Website by WEISSER RING, NO STALK.