The content of this information sheet does not constitute legal advice. The information contained below is current as of September 2019 and discusses what can be done in BC if you believe that mobile spyware has been placed on your phone or device.
If you suspect that your phone or device is being monitored, use a phone/device you believe is safe when searching for information or calling for support. This could be a computer at a public library, an anti-violence organization or a trusted family member or friend’s phone or computer.
If you suspect someone is monitoring you using technology, the perpetrator may also be making you feel unsafe in other ways. If you would like to explore support options available, you can contact VictimLink BC at 1-800-563-0808 from a safe phone or device. If you are receiving support from an anti- violence worker, it may be helpful to discuss the monitoring and technology-facilitated violence with them and incorporate a response into your safety plan.
Before taking action, please consider how the perpetrator may react if you stop or limit their ability to monitor. When discussing a safety plan, you may wish to discuss with an anti-violence worker the possible reactions if you remove access to the perpetrator and build specific safety measures into your safety plan. For information about strategies for enhancing safety plans for technology-facilitated violence see BCSTH’s technology safety planning guide.
I am concerned that spyware is on my phone. Is this possible?
For spyware to be placed on your phone, someone would need to have physical access to the phone or know your iCloud password.
If someone had physical access to your phone, and they knew your password, it is conceivable that spyware was placed on your phone. This information sheet will help you identify whether that is likely, and what steps can be taken to help identify and potentially remedy the spyware monitoring.
What is spyware and what can it do?
“Mobile spyware” refers to an app or program that is deliberately placed on someone’s mobile device to monitor that person. Mobile spyware is a category of stalkerware. Stalkerware is defined as “all spyware that is explicitly sold or licensed to facilitate intimate partner violence, abuse, or harassment, inclusive of deleteriously intruding into the abused partner’s private life by way of physical or digital actions1.”
Depending on the type of spyware installed, in most cases, mobile spyware will monitor:
If the phone has been jailbroken (iPhone)2 or rooted (Android)3, spyware software can monitor more including:
It can be difficult to identify whether spyware is installed, since most spyware products operate in “stealth” or hidden mode, so the products cannot be detected on the phone.
Once the software is installed, the perpetrator can monitor all the above activity via an online website or an App.
If it’s not spyware, what else can it be?
There are other ways that a person can track or monitor the activities of another person using different technology such as:
1 2019 Citizen Lab, “The Predator in Your Pocket: A Multidisciplinary Assessment of the Stalkerware Application Industry,” by Christopher Parsons, Adam Molnar, Jakub Dalek, Jeffrey Knockel, Miles Kenyon, Bennett Haselton, Cynthia Khoo, and Ronald Deibert.
2 Jailbreaking means bypassing the restrictions Apple puts on the operating system and taking full control over an Apple device. Rosencrance, Linda (2017). 10 Pros and Cons of Jailbreaking Your iPhone or iPad. Retrieved https://www.tomsguide.com/us/pictures-story/537-jailbreaking-iphone-pros-cons.html
3 Rooting is the process that allows you to attain root access to the Android operating system code. Bullguard. (n.d.) “The risks of rooting your Android phone.” Retrieved https://www.bullguard.com/bullguard-security- center/mobile-security/mobile-threats/android-rooting-risks.aspx
I own an iPhone. What are the risks of spyware on iPhones?
If you have an iPhone 6 or higher and have been regularly updating the iOS (operating system), the likelihood of spyware being on your phone without your knowledge is unlikely unless the perpetrator has access to your iCloud password.
If you have an older iPhone model, or have not been updating your iOS on a regular basis, the risk of spyware being on your iPhone without your knowledge is possible if: (a) someone had physical access to your device; (b) that person was aware of your device password, as well as your Apple ID login and password; and (c) your iOS is not able to be updated to the latest version.
If another person does have access to your physical device, your device password, as well as Apple ID login details, and you think spyware is on your device, please contact your local anti-violence organization to develop a safety plan.
I own an Android. What are the risks of spyware on phones that use the Android operating system?
(This includes phones by Samsung, Sony Xperia, Google Pixel, Huawei, LG, HTC, Nokia, etc.)
Compared to an iPhone, the Android operating system is more vulnerable to spyware being placed on someone’s device without their knowledge. It is also easy for a user to conceal traces of spyware on Android devices. If you think another person does have access to your physical device, your device password, and you believe spyware is on your device, please contact your local anti-violence organization from a safe device for further information on spyware and safety planning.
I think that spyware is being used on my phone or devices right now. What can I do to protect myself?
If you do not have the opportunity to contact an anti-violence organization, but have reasons to believe that spyware is monitoring you, here are some temporary, emergency steps you can take to protect yourself.
©BC Society of Transition Houses, 2019. This information sheet or any portion thereof may be reproduced as long as acknowledgment to the BC Society of Transition Houses is included.
Adapted from and in cooperation with the Technology Safety Project at The Women’s Services Network (WESNET), Australia. Special thanks to Christopher Parsons, Citizen Lab, Munk School of Global Affairs & Public Policy; Dr. Diarmaid Harkin, Deakin University; Dr. Adam Molnar, Deakin University and Ms. Erica Vowles, Deakin University.