In this guest post by the Coalition Against Stalkerware marking its second anniversary, the international alliance takes a look back on its achievements while seeing a lot of challenges ahead.
Two years ago, in November 2019, the Coalition Against Stalkerware was founded by 10 organizations. Today, there are more than 40 members with experts working in different relevant areas including victim support and perpetrator work, digital rights advocacy, IT security, academia, security research and law enforcement.
Stalkerware makes it possible to intrude into a person’s private life and is a tool for abuse in cases of domestic violence and stalking. By installing these applications on a person’s device, abusers can get access to someone’s messages, photos, social media, geolocation, audio or camera recordings (in some cases, this can be done in real-time). Such programs run hidden in the background, without a victim’s knowledge or consent.
This year, the Coalition welcomed new supporters like INTERPOL and members, among them CyberPeace Institute; Gendarmerie Nationale; the Gradus Project; Kandoo; Luchadoras; the Florida Institute for Cybersecurity Research; National Center for Victims of Crime (US); North Carolina A&T State University’s Center of Excellence for Cybersecurity Research, Education, and Outreach; Refuge UK; Sexual Violence Law Center (US), and The Tor Project.
Fulfilling one of the founding missions, the Coalition’s partners in July launched a new technical training on stalkerware aimed at helping increase capacity-building among nonprofit organizations that work with survivors and victims, as well as law enforcement agencies and other relevant parties. In addition, the Coalition has put together a revised page with advice for survivors who suspect they may have stalkerware on their device.
Other key activities during the year include:
- In October, Coalition members Wesnet, Australia’s national umbrella organization for domestic violence services, US-based National Network to End Domestic Violence (NNEDV), and global privacy company Kaspersky teamed up with INTERPOL to provide more than 210 police officers with knowledge to investigate digital stalking on the basis of the Coalition’s technical training on stalkerware.
- Also last month, the EU-wide DeStalk project—in which WWP EN and Kaspersky are project partners, and Martijn Grooten, Coalition coordinator, and Hauke Gierow from G DATA are Advisory Board members—launched an e-learning course for public officials of regional authorities and workers of victim support services and perpetrator programs on how to tackle cyberviolence and stalkerware. DeStalk is supported by the Rights, Equality and Citizenship (REC) Program of the European Commission.
- In October, Coalition members Refuge and Avast published an online tool that helps detect abuse of Internet-of-Things (IoT) devices and provides tips on how to secure them. IoT is increasingly used for harassment and control in abusive relationships.
- In January 2021, the Stalking Prevention, Awareness, and Resource Center marked the 17th annual Stalking Awareness Month, an annual call to action in the United States to recognize and respond to the crime of stalking. Hundreds of organizations across the country hosted workshops, promoted awareness and encouraged responders to promote victim safety and offender accountability.
Beyond that, members conducted a series of new research:
- NNEDV’s Tech Abuse in the Pandemic and Beyond report (2021) found that the most common types of tech abuse—harassment, limiting access to technology, and surveillance—increased during the pandemic. Phones, social media, and messaging were the technologies most commonly misused as a tactic of tech abuse.
- Malwarebytes published their Demographics of Cybercrime report (2021), a global study of consumer cybercrime impacts, showcasing the disproportionate impact of cybercrime on vulnerable populations.
Kaspersky presented its Digital Stalking in Relationships report (2021), a global survey of more than 21,000 participants in 21 countries about their attitudes towards privacy and digital stalking in intimate relationships. The survey found that a significant share of people (30%) see no problem at all and find it acceptable to monitor their partner without consent. Additionally, 24% of respondents reported having been stalked by means of technology at least once. Partners advising on the research were Centre Hubertine Auclert, NNEDV, Refuge, Wesnet and WWP EN.
Data from member organizations show the following picture on the issue of cyberviolence and stalkerware:
- The Centre Hubertine Auclert conducted research on technology-facilitated domestic violence (2018) and found that 9 out of 10 women victims of domestic violence are also victims of cyberviolence.
- WESNET, with the assistance of Dr. Delanie Woodlock and researchers from Curtin University, published the Second National Survey of Technology Abuse and Domestic Violence in Australia (2020). The survey asks practitioners what kinds of abuse tactics other forms of violence against women frontline workers are seeing in their day-to-day work with survivors of domestic and family violence. The survey shows that 99.3% of Australian domestic violence workers say they have clients experiencing technology abuse. 18% of workers see spyware “often” and 35% see it “sometimes.” Tracking and monitoring of women and stalking, often via technological means, by perpetrators rose 244% between 2015 and 2020. Stalking is a known factor associated with an increased risk of lethal and near-lethal harm.
- Following the Coalition Against Stalkerware’s detection criteria on stalkerware, Kaspersky analyzed its statistics, revealing how many of its users were affected by stalkerware in the first 10 months of the year. From January to October 2021, almost 28,000 mobile users were affected by this threat. During the same period, there were more than 3,100 cases in the EU and more than 2,300 users affected in North America. According to Kaspersky figures, Russia, Brazil, and the United States remain the most affected countries worldwide so far. Likewise, in Europe the picture has not changed: Germany, Italy and the United Kingdom (UK) are the top most-affected countries respectively. When looking only at the EU, instead of the UK, France comes in third place.
- Malwarebytes, in comparing stalkerware activity before and well into the COVID-19 pandemic, found that the threat of stalkerware continues to rise. From October 2020 to September 2021, Malwarebytes recorded more than 62,000 detections of applications with stalkerware capabilities on Android devices. These detections represent a 52% increase compared to the same 12-month period the year before, which accounted for roughly 41,000 detections.
Quotes from the Coalition’s members:
- "Stalkerware is only part of a whole ecosystem of tech-enabled abuse, but it is one of the most frightening tools and it leaves survivors especially vulnerable to physical stalking, coercive control, and escalating violence. The Coalition Against Stalkerware has been instrumental in changing the way the tech industry treats these tools and helping survivors, and the people who support them, to detect the threat. No one industry can stop stalkerware all by itself. The Coalition's interdisciplinary approach has been essential to its success. When academics, tech companies, and domestic violence service providers work together, we can quantify the problem, raise awareness, and push for both technical and policy solutions in way that none of us can by ourselves." - Eva Galperin, Electronic Frontier Foundation Cybersecurity Director and Coalition co-founder.
- “Stalking is a prevalent, traumatic, and dangerous crime that impacts over 1 in 6 women and 1 in 17 men in the United States. Technology is used—or misused—to stalk in the majority of stalking cases. Too often, victims and responders have limited resources and little to no insight on what kind of technology is being used, how to safety plan around it, and/or how to collect evidence on it. We are so grateful to be part of the Coalition to better educate responders at recognizing and responding to stalking. This work is truly helping to keep victims safe and hold offenders accountable." - Jennifer Landhuis, SPARC Director
- “Two years ago, the public and law enforcement understood little about the threat of stalkerware. Apps that non-consensually spy on users were readily available online, promoted on social media feeds, and off the radar of national governments. By combining varied expertise across several countries, the Coalition Against Stalkerware has defined and raised significant awareness about the threat of stalkerware. We are proud to be one of several antivirus vendors working together to offer more comprehensive stalkerware protection for all users. We are equally proud of our nonprofit members who have produced and offered tailored device trainings and guidance to law enforcement and targeted individuals alike. The commitment of every member of the Coalition Against Stalkerware has shaped this reality in ways we couldn’t even imagine just two years ago.” - David Ruiz, Online Privacy Advocate, Malwarebytes
- “It’s amazing how impactful collective action can be, especially if you work with engaged people. One small step after another, and at the end, all together, it will make a big change. What makes me think in this positive way is reading about the intention of the European Parliament and European Commission to propose a law to combat violence against women that will include prevention, protection and effective prosecution, both online and offline, by the end of 2021. The Coalition still has a long way ahead, but I believe we’re going in the right direction.” - Kristina Shingareva, Head of External Relations at Kaspersky.
About Coalition Against Stalkerware
The Coalition Against Stalkerware (“CAS” or “Coalition”) is a group dedicated to addressing abuse, stalking, and harassment via the creation and use of stalkerware. Launched in November 2019 by ten founding partners—Avira, Electronic Frontier Foundation, the European Network for the Work with Perpetrators of Domestic Violence, G DATA Cyber Defense, Kaspersky, Malwarebytes, The National Network to End Domestic Violence, NortonLifeLock, Operation Safe Escape, and WEISSER RING—the Coalition has grown into a global network of more than forty partners. It looks to bring together a diverse array of organizations working in domestic violence survivor support and perpetrator intervention, digital rights advocacy, IT security and academic research to actively address the criminal behavior perpetrated through stalkerware and raise public awareness about this important issue. Due to the high societal relevance for users all over the globe, with new variants of stalkerware emerging periodically, the Coalition Against Stalkerware is open to new partners and calls for cooperation. To find out more about the Coalition Against Stalkerware please visit the official website www.stopstalkerware.org.