Shostack + Friends Blog


Apple Guidance on Intimate Partner Surveillance

Apple has released ‘Device and Data Access when Personal Safety is At Risk’ and I wanted to explore it a bit.

Apple has released (or I've just come across) a document Device and Data Access when Personal Safety is At Risk.

Apple makes it easy to connect and share your life with the people closest to you. What you share, and whom you share it with, is up to you — including the decision to make changes to better protect your information or personal safety. If you’d like to revisit what you share with other people, or restore your device’s original settings for any reason, this guide can help you understand what information you are sharing via your Apple devices, and how to make changes to protect your safety.

The document includes checklists, which are available separately:

Defending against attackers who are both authorized and "interface-bound" is a weird problem for information security, as traditionally defined. We object with phrases like, "of course people can do the things you've authorized them to do." "How do you expect to defend against an attacker who can configure the device?"

These objections are simultaneously reasonable and not. They're reasonable from the perspective that information security has long been defined as the ability of system owners to implement their policies, and to have assurance in those implementations. They're unreasonable because ever year in the United States, 1,000 to 1,600 women die at the hands of their male partners, and some fraction of those are enabled by technology-aided surveillance. (The National Institute of Justice Journal's issue on Intimate Partner Homicide is mainly disturbing and also fascinating. For security practitioners, that's worth reading both for the key messages, and also to see how another field marshalls its information for practical use, and the quality that comes from dedicated editing.)

That "simultaneously reasonable and not" has made it hard for researchers working in intimate partner violence to bring their problem to the attention of information security, and that's fed my thinking that we need a discipline of cybersecurity public health which complements information security the way public health compliments medicine.

Relatedly, Apple has been thinking about the abuse of Airtags for stalking, and has built in some protections. We can debate if those are the right protections, which is a much better debate to have than should there be protections?