privacy-and-safety

Privacy and Safety

Privacy and safety are often treated as the same goal in anti-violence technology, but for a Victim-Survivor they pull in opposite directions and must be balanced deliberately. The data that makes a safety tool useful — real-time Location Sharing, cloud backups, message logs kept as Evidence Documentation — is exactly the data an abuser will try to reach if they retain access to a device, account, or family plan. NNEDV’s Safety Net Project frames technology safety as protecting “safety, privacy, accessibility, and civil rights” together, and stresses that the burden should fall on holding perpetrators accountable, not solely on survivors restricting themselves. Yet practical safety planning still requires hard privacy choices: which device is trustworthy, which accounts are compromised, and what should never be stored where an abuser can find it.

This is why every safety app sits in tension here. A design that collects rich location history to “build evidence” also builds a honeypot that Stalkerware or a coercive partner can exploit, and the Datafication of MeToo critique shows how such collection can become extraction rather than protection. Privacy-protective alternatives respond with data minimisation, on-device storage, encryption, and Discreet Access, and safety guidance cautions that even removing monitoring can escalate danger if an abuser feels they’ve “lost control.” Getting this balance right is the central problem of Survivor-Centered Design and Trauma-Informed Design.

In this vault

Tension withPersonal Safety Apps
Threatened byStalkerware
Related toDiscreet Access
Related toSurvivor-Centered Design

Sources

Backlinks

Linked Pages

survivor-centered-design

Survivor-Centered Design

Survivor-centered design places the rights, needs, safety, and stated preferences of people who have experienced violence at the center of every design decision, rather than treating them as a population to be managed. A survivor-centered approach prioritises a survivor’s safety, agency, and wellbeing, and insists that survivors be involved at every stage of design and implementation — not consulted once and then designed around. In service and product terms it translates into the trauma-informed commitments of safety, choice, consent, collaboration, trustworthiness, and empowerment, and into reframing the operative question from “why isn’t this survivor ready?” to “what does this survivor need right now to feel safe?”. It treats lived experience as expertise and resists building tools for survivors without building them with survivors.

The approach is closely tied to Trauma-Informed Design (its principles overlap heavily) and is the practical lens through which a vault tool is judged to genuinely centre the Victim-Survivor. It is informed by Feminist HCI and design-justice thinking, which name whose voices design usually erases. Survivor-centered design also sets a critical boundary against Techno-Solutionism: a flashy feature that increases a survivor’s exposure, or that an abuser can repurpose, fails the test no matter how clever, which is why these projects weigh Privacy and Safety and the realities of Coercive Control before shipping.

In this vault

Related toTrauma-Informed Design
CentresVictim-Survivor
Informed byFeminist HCI
Tension withTechno-Solutionism

Sources

https://www.spotlightinitiative.org/design-survivor-centred-programme
https://wscadv.org/projects/domestic-violence-housing-first/toolkit/survivor-driven-trauma-informed-mobile-advocacy/

Tags: #concept #design #survivor-centered

discreet-access

Discreet Access

Discreet access is the cluster of UX patterns that let a person reach safety tools without an abuser, bystander, or a monitored device noticing. In practice this means disguised or “cloaked” launchers (apps that present as a news reader or weather app), silent or stealth alerting that fires an SOS while an innocuous home screen stays on display, fake-call screens that fabricate an excuse to leave a room, hidden trigger gestures (e.g. a triple-tap on the screen edge), and a deliberate refusal to store call logs or alert history that could later be discovered. Some pilots go further and ship with no app name and no obvious icon, sending an in-app call to police without the user having to speak. These choices assume the threat model of Tech-Enabled Abuse and Coercive Control: that the device itself may be surveilled, and that being seen seeking help is its own danger.

Discreet access is a concrete expression of Trauma-Informed Design — control left with the user, defaults that fail safe — and it is a defensive response to Stalkerware and Location Tracking Abuse. It overlaps with the Panic Button (the quietest possible trigger) and with quick-exit affordances that scrub a screen instantly. The same cloaking that protects a Victim-Survivor can, however, create a Privacy and Safety tension: hidden tools are harder to audit, and a feature designed to evade an abuser can resemble the very disguise techniques abusers use, so the design must center the survivor’s own assessment of risk.

In this vault

Part ofTrauma-Informed Design
Protects againstStalkerware
Related toPanic Button
Tension withPrivacy and Safety

Sources

https://9to5mac.com/2022/05/24/domestic-violence-app/
https://violencereductionalliance.co.uk/hollie-guard/
https://www.techsafety.org/spyware-and-stalkerware-phone-surveillance

Tags: #concept #ux #safety

stalkerware

Stalkerware

Stalkerware (or spouseware) is commercially available monitoring software — often marketed for “parental control” or “employee monitoring” — installed covertly on a victim’s device to read messages, track location, and capture activity. It is the sharp edge of Tech-Enabled Abuse: a consumer app turned instrument of Coercive Control and Stalking. Any safety tool that stores sensitive data on a device an abuser can access must treat stalkerware as part of its threat model — one reason Discreet Access and minimal data retention matter.

In this vault

personal-safety-apps

Personal Safety Apps

Personal safety apps are mobile applications that help a user summon help, share their whereabouts, or deter harm. Most combine a Panic Button, Location Sharing, and a Trusted Network, and many connect to Crisis Hotlines and Resources. They span two broad postures: alarm-and-summon tools aimed at acute danger, and network-and-intervene tools rooted in Bystander Intervention that aim to prevent harm before it escalates.

The central design tension is Privacy and Safety: the same capabilities that protect (continuous location, contact lists, always-on microphones) can be turned against a user — see Location Tracking Abuse and Stalkerware — so survivor-facing tools must be weighed with Trauma-Informed Design in mind.

In this vault

Member apps assert instance_of::[[Personal Safety Apps]]; see backlinks.

trauma-informed-design

Trauma-Informed Design

Trauma-informed design builds tools around the realities of people who have experienced violence: defaults that fail safe, control left in the user’s hands, language that validates rather than directs, and the assumption that a device may be monitored. It is closely tied to Survivor-Centered Design and underpins discreet, dignified experiences. Insight Exchange’s resources — My Safety Kit, Responders Lab, No Hidden Door — are practical expressions of the approach.

In this vault

datafication-of-metoo

The Datafication of #MeToo

Reference: Kathryn Henne, Renee Shelby & Jenna Harb (2021). “The Datafication of #MeToo: Whiteness, Racial Capitalism, and Anti-Violence Technologies.” Big Data & Society, 8(2). DOI 10.1177/20539517211055898.

Summary

A critical study of Reporting Apps — software platforms and AI chatbots that offer users emergency assistance, education, and a way to report and build evidence against perpetrators of Gender-Based Violence. Through an in-depth analysis of two reporting apps, Henne, Shelby and Harb argue that these tools construct data to fit institutionally legible narratives of violence, and in doing so reproduce racial capitalism: they extract information from users, reinforce property relations built on data ownership and accumulation, commodify “diversity and inclusion,” and often sustain problematic ties to the criminal legal system.

Its value to this vault is as a counterweight to celebratory framings of safety tech. It foregrounds the racialised dimensions of the data capital these apps generate, and warns that the design choice to “build evidence” is never neutral — it shapes whose stories become legible and who benefits from the resulting data. The authors note these dynamics are not unique to anti-violence apps but are constitutive of digital platforms generally.

Key ideas

Anti-violence reporting apps are datafication engines as much as support tools — the data they generate is itself capital.
“Institutionally legible” evidence privileges some narratives (and some survivors) over others.
Entanglement with the Criminal Legal System is a design feature, not an accident, and carries racialised risks.
Extraction, financial partnerships, and commodified inclusion recur across platforms, not just safety apps.

Connections

StudiesReporting Apps
StudiesEvidence Documentation
CritiquesPrivacy and Safety
- Reframes “data collection” as extraction and accumulation.
ExaminesRacial Capitalism
AddressesGender-Based Violence
Related toCriminal Legal System

Sources

https://journals.sagepub.com/doi/full/10.1177/20539517211055898

evidence-documentation

Evidence Documentation

Evidence documentation is the practice of recording incidents of abuse — dates, times, locations, injuries, messages, photographs — in a form that can later support a protective order, a criminal case, or a survivor’s own sense of what happened. Advocates note that contemporaneous records carry weight precisely because memory and isolation are eroded by abuse. Purpose-built tools such as VictimsVoice illustrate the genre: a password-protected progressive web app (deliberately not an installable icon, so an abuser sees no “receipt” on the phone) that prompts for the structured details courts expect, and that markets compliance with HIPAA, VAWA, VOCA and FVPSA. Where evidence is meant for legal use, questions of authentication and chain of custody — proving a record is what it claims to be and was not altered — become central.

This documentation directly supports Reporting and Disclosure and is the feature most associated with Reporting Apps. But it sits in sharp tension with Privacy and Safety: a database of abuse evidence on a survivor’s device is exactly what makes it dangerous if discovered, which is why Discreet Access and disguised storage are recurring design responses to Tech-Enabled Abuse. The Datafication of MeToo critique adds a further caution — that “building evidence” is also building data capital, and that the narratives such tools render legible are shaped by the institutions, not only the survivors, they serve.

In this vault

Sources

Tags: #concept #evidence #documentation

location-sharing

Location Sharing

Location sharing transmits a user’s real-time or on-demand GPS position to chosen recipients — the feature that lets a Panic Button mean “come and get me, here.” It is one of the most protective capabilities in safety tech and one of the most dangerous: the same mechanism, in the hands of an abuser, becomes Location Tracking Abuse. Privacy-focused tools such as Círculo respond by encrypting location and sending it only to a Trusted Network, never tracking or exposing it.

In this vault

victim-survivor

Victim-Survivor

Victim-survivor is the term used in much lived-experience-led practice (including Insight Exchange’s) for a person who has been subjected to violence and abuse. It deliberately holds both realities at once — the harm done to a person and their ongoing agency — and signals a stance of centring that person’s own meaning, pace and decisions, as in Trauma-Informed Design and Survivor-Centered Design.

In this vault

Related toTrauma-Informed Design
Subjected toGender-Based Violence