Domestic Violence and Privacy
Relationships are the domain of the intimate, the private. When relationships are abusive, this privacy is abused. Domestic violence victims have high needs for privacy, as they are already the target of an abuser, and often need to keep data from them. This abuse can also involve privacy violations such as surveillance, monitoring, or other stalking. For a domestic violence victim, the need for privacy is a need for physical safety.
Many privacy problems, such as identity theft, are harms experienced by the public from general criminal behavior. But domestic violence victims are already being specifically singled out by a particular aggressor. This aggressor is able to take advantage of the general lack of protection for personal information in our society. Furthermore, this aggressor is familiar with many of the intimate details of the victim's life. An abuser can violate privacy by sharing these details, or by using them to gain more information on a victim.
Finally, domestic violence victims often have much of their personal information -- including their relationship history -- in government records. Turning to government aid agencies, litigating custody, divorces and protection orders creates a trail of their private lives in government records. The legal -- and actual -- protection afforded to these records will vary throughout the country. Their accuracy may also vary, and may impact how domestic violence survivors are able to reconstruct and continue their lives.
- EPIC Complaint Leads to Halt of Stalker Spyware Distribution. Following an EPIC complaint, a federal court has ordered CyberSpy Software to stop selling malicious computer software. In March, EPIC filed a complaint with the Federal Trade Commission alleging that the spyware purveyor engages in unfair and deceptive practices by: (1) promoting illegal surveillance; (2) encouraging "Trojan Horse" email attacks; and (3) failing to warn customers of the legal dangers arising from misuse of the software. The federal regulators agreed, and asked the court for a permanent injunction barring sales of CyberSpy's "stalker spyware," over the counter surveillance technology sold for individuals to spy on other individuals. The court entered a temporary restraining order on November 6, 2008. Further litigation is expected before the court rules on the government's request for a permanent ban. For more information, see EPIC's Personal Surveillance Technologies page. (Nov. 17, 2008)
- FTC Asked to Stop Stalker Spyware. EPIC's Domestic Violence and Privacy Project filed a complaint with the Federal Trade Commission against several purveyors of stalker spyware. Stalker spyware products are over the counter surveillance technologies sold for individuals to spy on other individuals. The complaint alleges that these companies engage in unfair and deceptive practices by: (1) promoting illegal surveillance; (2) promoting "Trojan Horse" email attacks; and (3) failing to warn their customers of legal dangers of misuse of stalker spyware. The FTC is asked to investigate these companies, stop these practices, and seek compensation for victims. For more, see EPIC's page on Personal Surveillance Technologies. (March 6, 2008)
- EPIC, Domestic Violence Advocates, seek to protect privacy in court records. In comments to the District of Columbia Superior Court, EPIC's domestic violence and privacy project and several DC domestic violence advocates recommended strong privacy protections for online court records. Domestic violence survivors face several risks from online court records. Data brokers mine these records to resell and build profiles on individuals. The 2005 Violence Against Women Act (VAWA) protects key domestic violence information. The comments recommend a policy that follows VAWA, respects well-established privacy principles, and still permits convenient online access. Individuals should have control over whether their records are placed online. Data brokers should be restricted from accessing records via legal and technical measures. Online record usage should be for limited uses and be accessible only via a password-based login system. (Oct 19.)
- EPIC Recommends Privacy Safeguards for Disaster Victims.In comments to the Department of Health and Human Services, EPIC urged the federal agency to establish effective privacy protections for the National Disaster Medical System (NDMS). The NDMS provides medical treatment and evacuation to disaster victims. The NDMS database will contain all the medical information gained and created during diagnosis and treatment, as well as track patient location. EPIC recommended that the federal agency clarify how it will comply with current medical privacy regulations such as the Health Insurance Portability and Accountability Act, medical ethics, and state laws regulating medical privacy. Further, EPIC proposed that patients be allowed to limit disclosure of their location, as some disclosures may place domestic violence survivors at risk. (Jul. 26)
- EPIC Brief Seeks to Protect Domestic Violence Victims. EPIC filed an amicus brief (pdf) in a divorce discovery dispute, urging a district court to limit the release of cell phone records, following a ruling that the requesting party was a harasser. EPIC's brief identified the growing public policy that protects the privacy of telephone records, including the recent FCC Order (pdf) improving the protection of calling records. EPIC also highlighted privacy advances in the Violence Against Women Act of 2005, which added "placing under surveillance" to the definition of stalking. Lastly, EPIC urged the court to consider such privacy interests as security and use limitation. (Apr. 16)
- Homeless Management Information Systems (HMIS) and Domestic Violence. HMIS systems are HUD required software that homeless shelters use to record, store and track charateristics and service needs of homeless individuals. Domestic Violence shelters, and domestic violence survivors in regular shelters, are adversely impacted.
- Identity Theft and Domestic Abuse. Intimate partners often have access to the personal information necessary to perpetrate an identity theft, this page describes the problem, how abusers can use identity theft, and provides some information for safety planning by advocates.
- Personal Surveillance Technologies. Examples of surveillance technologies, along with the legal issues they raise.
- REAL ID and Domestic Violence. The REAL ID act creates many new requirements on states issuing driver's licenses. These requirements could severely impact the privacy needs of domestic violence survivors.
- VAWA and Privacy. Privacy affecting provisions of the Violence Against Women Act.
Telephone records are susceptible to "pretexting." This is when someone impersonates the owner of a telephone and gets the telephone company to release records to them. By using these techniques, or hiring someone who does, an abuser is able to gain the phone records of a victim.
For more information, see EPIC's page on the Illegal Sale of Phone Records
Victims of domestic violence often need to protect their personal contact data from their abusers. However, the personal data industry in the United States makes this difficult. For a general overview on personal data, see EPIC's page on personal data and privacy protection. EPIC's page on Choicepoint, a commercial data broker, also provides more information on the personal data industry.
At least one state has found that information brokers can, under certain circumstances, be liable when people use their services for harm. Amy Boyer was killed outside her work by her stalker, Liam Youens. He acquired information on her from an internet based information service, Docusearch. The New Hampshire Supreme Court held Docusearch could be held liable. For more information on the case, see EPIC's page on Amy Boyer.
Open government laws make government records available to the public for important oversight and transparency purposes. However, government records also include much personal information on individuals. Thus these open government laws must contain exemptions to protect the privacy of individuals who are subjects of government records.Federally, the Freedom of Information Act contains a privacy exemption. 5 USC § 552(b)(6). This, together with the Privacy Act, works to prohibit the release of personal information which would constitute a "clearly unwarranted invasion of personal privacy." 5 USC § 552a(b).
States have varying levels of protection for personal information. For a state-by-state guide to open government laws, see The Reporters Committee for Freedom of the Press' Open Government Guide.
Domestic violence victims also often depend on government transfer payments or other assistance. Some face homelessness, living in shelters. EPIC's poverty and privacy page addresses the privacy issues affecting these populations. EPIC has also filed comments on the Department of Housing and Urban Development's Homeless Management Information System.
A recurring topic in domestic violence victim's interaction with government is the "dual arrest" of victims. This is when victims that complain to the police are arrested along with their abusers. These arrest records can make the retention of custody of children, as well as financial empowerment difficult. Thus victims may need to turn to expungement in order to clear their records. For more information, see EPIC's page on expungement.
Confidentiality is a tricky subject for many domestic violence service providers. States have different laws over when a non-lawyer domestic violence advocate is covered by confidentiality or privilege requirements. Furthermore, many service providers combine social workers, therapists, lawyers and non-licensed advocates under a single roof, therefore complicating the determination of what information is privileged.
Lastly, electronic communications can also complicate the privileged status of communications. For more information see EPIC's privilege page.
- Protecting your Identity. A resource from the National Coalition Against Domestic Violence.
- Vote Power Project. Vote Power lists states with address confidentiality programs, so that domestic violence survivors can register to vote without compromising their addresses.
- SafetyEd International. An overseas website educating on online safety and privacy issues.
- The Safety Net Project At the National Network To End Domestic Violence. The SafetyNet Project provides educational materials for victims and advocates looking to use technology safely. SafetyNet trains advocates, law enforcement and other government agencies on the privacy issues facing victims, and the threats that new technologies pose
- The Stalking Resource Center at the National Center for Victims of Crime. The SRC raises awareness of stalking threats and advocates for local responses to stalking. Their website contains statistics, overviews of stalking laws and resources for victims.
- Working to Halt Online Abuse. WHOA uses education and empowerment to fight online abuse and harassment.
- Take Back the Tech. A campaign focusing on the connection between information communications technologies and violence against women.
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.
by Ryan Calo, A. Michael Froomkin,