Securing Sexuality is the podcast and conference promoting sex positive, science based, and secure interpersonal relationships. We give people tips for safer sex in a digital age. We help sextech innovators and toy designers produce safer products. And we educate mental health and medical professionals on these topics so they can better advise their clients. Securing Sexuality provides sex therapists with continuing education (CEUs) for AASECT, SSTAR, and SASH around cyber sexuality and social media, and more.
Links from this week’s episode:
Examining the Risks of Using Technology to Address Domestic Violence; Understanding the Potential Dangers of Social Media App Tik-Tok, the Normalization of Surveillance in Society, and Alternatives to Relying on Surveillance for Relational Security
In recent years, technology has become an increasingly important tool in addressing domestic violence and abuse. From online resources to mobile apps, technology can provide victims with access to support services, legal advice, and other resources that can help them escape dangerous situations.
However, while technology can be a powerful tool for helping victims of domestic violence and abuse, it also carries certain risks that must be taken into account. One of the main risks associated with relying on technology to address domestic violence and abuse is the potential for abusers to use it as a way to further control their victims.
Abusers may use tracking software or spyware on their victim’s devices in order to monitor their activities or even manipulate them into doing things they don’t want to do. Additionally, abusers may use social media platforms or messaging apps as a way of harassing or intimidating their victims by sending threatening messages or posting embarrassing photos or videos.
Another risk associated with relying on technology is the potential for data breaches and cyberattacks that could compromise sensitive information about victims of domestic violence and abuse. Victims may have personal information stored on their devices such as contact information for support services or legal advice which could be accessed by an abuser if the device were hacked. Additionally, many online resources used by victims are not always secure from cyberattacks which could lead to sensitive data being exposed if proper security measures are not taken.
Finally, there is also the risk that technology-based solutions may not be accessible enough for all those who need them due to lack of access or affordability issues. For example, many online resources require internet access which some people living in rural areas may not have access to due to limited infrastructure in those areas. Additionally, some mobile apps require users to pay a fee which could make them inaccessible for those who cannot afford it.
Overall, while technology can be an effective tool in addressing domestic violence and abuse when used properly, it also carries certain risks that must be taken into account when developing solutions based on this type of technology. It is important that any solutions developed take these risks into consideration so as not put vulnerable individuals at further risk while trying to help them escape dangerous situations they find themselves in due to domestic violence and abuse.
Hello and welcome to Securing Sexuality, the podcast where we discuss the intersection of intimacy and information security. I am Wolf Goerlich.
He is a hacker and I'm Stefani Goerlich.
She is a sex therapist and together we're going to discuss what safe sex looks like in a digital age.
We just got back from traveling to all of the hacker things and today we're going to fill you in on what we learned on our summer vacation.
So Wolf, what does a hacker summer look like? Where have we been? What have we been talking about?
So many cities, so little time. The term hacker summer camp is specifically reserved for a series of events that occur in Las Vegas. Black Hat and a B-Sides and Def Con. But of course we had events before that and we had events after that. We've got so many events here it’s got me asking when we can stay home.
Yeah, I am glad to be home and I would like to stay here for much longer than I am probably going to get to. But enough about me and my complaining about this today.
What did we learn on our summer vacation?
What stuck out in your mind as, you know, with all that you know and do and the world that you move through, what made you go, “wow,” this summer?
Tik-Tok, but not for the reason many people are thinking. If you hear the word Tik-Tok and you're in security and go, I know what they're going to talk about. I'm not going to talk about any of that. Maybe I'll come back to it at the end.
But what struck me, you know, as we have been going through this series that we've been having these conversations, you know, we had Chris Cox on talking about stalkerware and we've had conversations around what that looks like.
And, you know, to me that seemed like a kind of a very dark topic, a topic that's not necessarily has brought appeal, this idea of stalking your partner.
And what surprised me was listening to talks on how people are on Tik-Tok making viral content, content that's going all over the place, teaching each other how to spy on each other, specifically young girls teaching girls how to spy on their boyfriends, young mothers teaching other moms how to spy on the young kids. That really surprised me.
I wouldn't think that there would be this entire demand for content, viral content nonetheless, to do these things, which when we were talking to Chris Cox, I thought would be more like intimate partner violence and, you know, older married couples and those sort of things.
So when you say moms and girlfriends, what are they? I'm assuming you mean like content creators like the mommy bloggers and young people on social media, making videos, what sort of things are they putting out there? What are they telling people?
Yeah, let's first start with that young part.
So, you know, old school social media and it pains me to say that, like Facebook, and I'm rarely on Facebook. But it really is trending much older, right, like 55% of Facebook listeners are 35 years or older, 11% of them are over 65, leading to a term I learned over Hackers Summer Camp, which is BoomerBook. That's apparently what some people are calling it.
So, you compare that right, well over half are over 35, you compare that to the TikTok audience, which is 63% of TikTok users are under 30, around 28% are under 18, around 35% are between 19 and 29. So we're talking around teenagers into their 20s.
And, you know, a lot of it was women sharing tips like I mentioned about how to spy on their boyfriend so things like how to configure your phone to automatically answer it so that if you're concerned, you can call them and pick it up and listen. How to look at emojis and determine what is what is being typed and what is being used.
You know, how to install the stalkerware that we talked about moms spying on their kids were also a thing and I'll come back to that. But it had me wondering from your perspective. What kind of situation would lead somebody to seek out this content and want to spy on their partner what is really driving this?
So back in the pre- social media, pre-internet days.
We all knew the people that are partners know right like we generally dated within the same social circle. We went to our boyfriends or spouses company parties. We knew their co-workers. We had relationships with the people that they had relationships with and we socialized as groups.
And I think that social media and the connectivity of being online has really expanded these social networks in a really great way. I think that our ability to form friendships with people that we would never have ever met in real life otherwise is one of the really coolest parts of the internet. And that also means that the people in our lives have relationships with people that are not in our lives.
And that tends to, I believe, breed some, if not mistrust, then at least some insecurity. And we want to know what the people that we care about are doing in the places that we are not physically inhabiting. We want to be sure that the people that they're talking to and the ways that they're interacting with these people are things that we're comfortable with.
And in the absence of that pre-internet world of your friends are my friends and we both know all of the people. I think this idea of kind of surveilling our partners and our children's online lives has become to feel more allowable and more socially acceptable.
And I think that it's motivated by different things and different people but the two biggest drivers I see are our personal insecurity and then relationship jealousy or concern. And I think within that, we're gonna need to edit this part because I want to, I want to think about where I'm going to go from there.
Okay, deep breath and then we resume.
Well, there's a lot to unpack there right so if I'm talking to someone and I'm giving them advice like, hey, you may have some valid concerns there you may want to to investigate it but please don't backdoor your, your boyfriend's phone, please..
You know within that I think about the type of advice I would give to someone if someone's like hey here's my concerns I'd be like okay. Maybe you need to talk to my wife or maybe you need to do some of the things. But please whatever you do, don't turn their phone into a spy device, please don't leave Apple tags on their car so you can trace them down.
I'm going to give them some advice in terms of, don't do the bad things. Is there some guidance that you would give people either like, don't do this or maybe hey, instead of watching a TikTok video on how to spy on your boyfriend you may try to do these things. It's not going to sound super simple but you may just try talking to your partner, right.
I think a lot of the uncertainty, the fear, the jealousy that people experience comes because our brains are storytelling machines. And in the absence of information, our brains will create stories to fill in those knowledge gaps. And so when couples or families don't communicate well together, when they don't feel comfortable asking questions of one another. I don't mean making accusations, but having conversations around each other's lives and friendships and relationships.
When we don't do that, our brains do not accept knowledge gaps. It's not how we're wired. So where there is a blank spot in our understanding of another person, and we don't seek out the information we need from them to fill in that blank spot, our brains will do it for us.
And that tends to lead to a lot of scenarios running through our heads of what if, what are they up to, what could they be doing, are they at risk, are they getting trouble, are they betraying me, are they at risk of being exploited themselves, our brains fill in the gaps and create stories.
So the number one thing that I advise people to do is simply talk to one another, so that you know what the reality is, and that heads off a lot of this sort of instinctual storytelling that we are wired to do.
Yeah, I like that.
I like, just talk to them, you make it sound so simple.
Well, the other thing that occurs to me, all right, so if we can prevent ourselves from getting into this state where we're trying to spy on our partners all together by talking, that's good. If we can't, if we start to churn and obsess and do those sorts of things.
Another thing that occurred to me and I wanted to ask you about this is that old phrase right that “an open door may tempt a saint”.
Even if we don't want to be the type of person to spy on our partner, does the nature of our phones, right, they're just laying around and don't lock it, or our social media, oh, who posted on what and who liked what, does the nature of technology mean that we've got an open door that perhaps previous generations didn't have?
100%. When you and I were kids, if we were out and about, our parents had no idea where we were. I was a DJ in high school. My work shift was Thursday, Friday and Saturday night. I left the house around 430 or 5pm and I got home anywhere from 2 to 4am. And during that span my parents had absolutely no idea where I was. And more importantly, no way to find out.
And that is something that I think most families today would find absolutely intolerable. Our cell phones come with find my phone, find my friend, find my kids. There are so many apps and tools that are put out there as ways to make sure that the people we care about are safe through effectively monitoring and surveillance.
And that has become so normalized that it makes a lot of sense that people would say, I'm not stalking my girlfriend. I'm not watching her.
No, no, no, it has nothing to do with that. I just want to make sure that if she gets into a car accident, I can find her. I know where she is, she's safe. I just want to know that, you know, if his blood sugar goes low and he has a seizure, I know what bar he's hanging out at with his friends and I can get help immediately.
Very few of us look at these tools as tools of surveillance and control. They are framed to us, sold to us, and used by us ostensibly as safety features. But that mindset shifts away from the, I don't know, she's somewhere, I'll worry if she doesn't come home, to the, if I don't know where they are at all times, something is wrong and I don't feel safe, is a huge cultural shift.
And that mindset is what makes surveillance more problematic in ways, and for more problematic reasons feel acceptable to those who do it.
And that's one of the reasons why I thought the other side of this, moms teaching moms how to spy on their kids was interesting because I remember you telling me that a lot of people form their ways of having attachment with partners or form their ideas of what it means to be loved, or form their kinks and their different ways of being turned on.
A lot of that gets formed early on and gets shaped by the experiences that we have. So if you grew up in the English school system and, you know, a switch was used, perhaps as an adult male, that time period you now think the switch has a place in sort of sexy role play.
So, one of the things that intrigued me about the outside of it, moms teaching moms to spy on their kids is, I'm wondering if we're not creating an environment where as people grow up now they think that, to your point, I'm a storyteller I'm telling myself stories, the story that they tell themselves is “oh it's completely okay that I did this, because my parents did to me because they loved me and therefore I'm doing this to my partner because I love them.”
Even if it has downstream negative ramifications. Does that through line make sense? This is your world. I'm out of my depth here.
It does, I absolutely do think that especially on the parenting side of things. We are teaching young people that love includes surveillance, and that security within a relationship necessitates a lack of privacy. And I think that that has the potential to be very, very problematic. And I will tell you in the conversations that I have with my clients who are also parents.
I take it a step further and this is a little, you know, far afield perhaps for our conversation. But every November/December, one of the things that I find myself bringing up with my couple clients and my parenting clients is the elf on the shelf. And to me that is another example of this sort of normalization of surveillance culture.
We from you know like toddlerhood are using this modern cultural tradition that's developed in a very, you know sort of capitalist mind set, we're selling this tradition whole cloth for Americans to teach itty bitty children that there are times and ways in which being watched and monitored and reported on is okay.
And whenever I have this conversation with my clients who are parenting, I always get the, “oh wow, we, we never thought of it that way, sort of lens”, but I really do think that this is a huge cultural shift that's happening.
And we see it with the elf on the shelf for itty bitty guys up into middle school are getting their first phone and parents mandating find my phone or find my kid. And then on into dating in high school and early college, where people are watching their partners social media posts, paying attention to who they're interacting with, what they're saying, how that's happening, and interrogating them about that.
And then on into adult relationships where that continuation of surveillance GPS tracking monitoring is normalized and considered a part of a healthy relationship in a way that frankly it shouldn't be. So from a technical perspective, we can do things like provide guidance on not doing these things.
We can also from the victim perspective and I use that term victim loosely because I suppose not everyone's going to feel like they're a victim but from the spied-on perspective, we can do things like give guidance on how to check your devices, suggest how to use Docker software.
I was looking at mobile security by lookout is one example, this was something else that came up that I was spending some time looking into over hacker summer camp because it goes ahead and analyzes all different activities and all different types of things.
Although what was interesting about mobile security by the way, just as a side note, is the major use case was again kids and parents, secondary use cases bosses because now a lot of managers are getting way too far in the weeds checking out what their employees are doing instead of outcomes which is something that I have lots of conversations around with the managers and leaders that I coach and advise when they’re hiring new people, just set good outcomes.
Just set good outcomes, but those tend to be the major use cases. One of the things I thought was interesting hearing researchers talk about anti stalker software is that the partner aspect wasn't coming up yet.
I would have thought with this mobile security and the anti-stalker software that a lot of the use cases would have been around girlfriends and boyfriends spying on each other, husbands and wives spying on each other. And I was surprised that that still went back down to parents and kids still went back down to bosses.
Why do you think that people are not using the software for some of these use cases.
If you think about it like if I am, having a wife, and say she's concerned about her abusive husband, she's concerned what that abusive partner may be doing. You don't necessarily want to install software that would allow him to know that that concern exists because that could create a situation of violence.
Likewise, if there is monitoring software you just turn it off. That can create a situation where suddenly that partner doesn't trust you, and you can create an unsafe environment. So there's lots of reasons why, if you are in one of these situations you may want to be cautious about how you go about addressing that with technology. You've talked to me about this lots of times.
So I used to work in a domestic violence sexual assault agency, and I was a domestic violence therapist, I worked with women who were either recently exited from, or currently entangled in, and hoping to eventually exit from, abusive relationships.
One potential trigger point for violence and for abuse is the moment when the abuser starts to realize that their plans are being foiled, or when the systems they have put in place have exit strategies.
So, that can be, you know, somebody who has always very tightly controlled their partner's communication with friends and family, all of a sudden realizing that she's purchased a prepaid cell phone and can call whoever she wants without them being able to monitor or restrict that. That's one example. So in this context, when I had clients who discovered spyware, who became aware that they were being monitored.
One of the things that we would talk about is the safety planning around whether or not to cut that off, whether or not to take steps to disable that. Because often the person monitoring them whether it's an abusive partner, a controlling partner, an outside stalker sees that their program, their app, their what have you has been disabled. And that can actually escalate the intensity of the desire for control.
So, we would have safety planning and risk planning conversations around whether it is best to disable those tools of surveillance, or whether it is best to be aware that those surveillance systems are in place, and to make strategic choices around what they allowed the person watching them to be aware of. And many times, especially for people who have not yet exited an abusive or controlling relationship, the safer and more strategic option was to continue to let those monitoring systems roll and be very careful and strategic in what information was provided to those systems.
See, and I think that's just mind boggling, because so oftentimes in technology we only think about the technology in order to say, all right, here is a risk. I will put in place a control, and I will stop the risk, right, someone spies on my phone, I will install software that stops them from spying on my phone.
And very rarely, very rarely do I think we, we as technologists, as hackers, think about what happens next. What happens after that.
So yeah, that's an excellent point. So should we talk about why everyone else was talking about Tik-Tok, do you think we should just wrap up?
Well, before we wrap up, I do think we should touch on sort of the bigger Tik-Tok issue. But one thing that I haven't heard from you is, let's say somebody is out, or let's say it's not an abusive relationship, it is something that they're not entirely sure where it came from or who's activated it.
What steps can people take if they've had the kind of conversations that I'm describing, and they've decided that for them, their personal risk profile says, I want this stuff gone, I want it off, I want it blocked, I do not want anybody watching me or knowing my movements and behaviors online. What do they do?
I mentioned the anti-spyware software and anti-stalker software, I would start with that. Now, there's an upside and downside with everything. If you want to be absolutely certain, if you want to be absolutely clear, reset your phone to defaults. Now people are gonna be like well if I do that I lose my contacts my text my pictures well yeah okay back that up, put that somewhere else. So that you have it, but reset your phone to default so that all those sort of settings get wiped out.
Are there specific anti-spyware apps or tools that you recommend, like, I know that if you were to tell me, yeah you can get rid of this use an anti spyware tool, I wouldn't know where to start or what to look for so if somebody is tech adjacent like me, and they've been completely removed from sort of this part of the world, where do they start, what should they be using, what should they be downloading?
So the one I mentioned earlier that I was in a session on was Mobile Security by Lookout, which is one of the most downloaded anti-stalkerware apps out there. Great reviews, use primarily for kids, parents, and bosses. That was the one I mentioned, I should say that hey I'm married to you, so I don't get stalked. This isn't, this isn't something I personally tried. But if you're looking for a place to start, and you're going to do some research in the space. That's a good place to start. And speaking of, I don't get stalked.
I think that brings us back to the whole what is everybody else talking about with Tik-Tok for all of the people that are like well this is great this is handy to have but I'm never going to need it because I am happily single and nobody cares what I'm doing from day-to-day. I don't have kids so I don't need to know how to monitor them.
Why is everybody else talking about privacy on Tik-Tok? What's going on that perhaps people who don't feel that this subject connects to them need to know. Because Tik-Tok, like a teenage girlfriend, is spying on you.
All right, I, for those of you who cannot see the faces on the podcast I just got quite the look for saying that. So, to back that up,that was a joke folks, but here’s the thing that we've learned. And this really isn't overly surprising for those of us in information security, we're going to, over the next few episodes, we're going to have more experts on to talk about different social media apps.
So, the first one is that Tik-Tok was deemed an unacceptable security risk by the FCC this summer. Other folks have gone and taken a look at it. And basically the problem is that it collects a ton of data, does not anonymize that data, which is really the gold standard to make sure that you know you can. As a product company you can see what people are using and you can't say, Jane or John Doe did these things. It does not necessarily have anonymization features that fingerprints folks. It collects a lot of information including browser histories, keystrokes.
In some cases biometrics. In some cases, things like your face and voice. Your location data that collects not only the message you send but the draft messages you write, you know, anything that you copy onto a clipboard. All this sort of stuff. And so Tik-Tok itself in the US has been highlighted as effectively stalkerware.
Tik-Tok is the abusive boyfriend that's what I'm hearing in this conversation. Everything you're describing as features within Tik-Tok are exactly the things we've been talking about controlling partners and controlling parents doing to one another, up to and including using keyloggers.
Yes, yes, that was the joke I was trying to make earlier. Poorly.
Yeah, and so there's a couple things out of there, I want to highlight first off, if you're listening to this podcast, and you work at a product company, please please please check out the MITRE privacy framework. Check into the book, Safe By Design.
Check into these things because invariably the products we build end up being abused. Either abused by partners, abused by parents, or abused by, you know, the organizations, or as the accusation is around Tik-Tok, abused by countries. So I think it's upon us as product builders, designers, those things on the builder side of a hacker, to make sure we investigate privacy and again I would point you to the MITRE privacy framework which is doing some really good things around how to set that up.
From a breaker side of hackers. If you are a breaker, if you are someone who likes to poke at things, take things apart. Please do continue to keep looking at apps like Tik-Tok and other applications and help hold these institutions and these products accountable. I'm very concerned about how things are being built and how they might be abused.
And I do want to point out, and I'm not the first one to say this, all right? Tik-Tok is spying on you and everything I said is terrible. However, there's a lot of terrible products out there.
So, it is becoming endemic in the mobile app environment. And outside of mobile apps, and the elf on the shelf. Find other ways to build relationships and happy memories with your children. Please don't use the apps, don't use the spyware, don't use the toys that promote a culture of spying and surveillance, build families, build relationships, build communities of trust, of conversation and dialogue, and create space for one another to have privacy.
There's a difference between secrets and privacy and we are all entitled to our private lives. Privacy is love folks. Thanks so much for tuning in to securing sexuality, your source for information you need to protect yourself and your relationships. From the bedroom to the cloud, we are here to help you navigate safe sex in a digital age.
Be sure to check out our website Securing Sexuality for links to more information about the topics we've discussed here today, as well as information about next year's Securing Sexuality conference. And join us again for more fascinating conversations about the intersection of sexuality and technology. Have a great week. Bye everyone.
Comments are closed.
Write something about yourself. No need to be fancy, just an overview.
Join us in Detroit! October 19 & 20, 2023
Proudly Sponsored by The Bound Together Foundation
An IRS approved 501(c)3 nonprofit organization
Michigan Charitable Solicitation Registration# 64801