Danielle Citron Explains How “Abortion Bans Are Going to Make Stalkerware Even More Dangerous”

All too frequently, people monitor our intimate lives in betrayal of our trust—and it’s often those we know and love. They don’t even need to be near us to capture our data and to record our activities. Surveillance accomplished by individual privacy invaders will be a gold mine for prosecutors targeting both medical workers and pregnant people seeking abortions.
- “Abortion Bans Are Going to Make Stalkerware Even More Dangerous” by Danielle Citron

In a recent article written for Slate, privacy law professor Danielle Citron says, “Intimate privacy is even more in jeopardy now that women’s reproductive choices may render them in violation of state criminal law.”

In “Abortion Bans Are Going to Make Stalkerware Even More Dangerous,” Professor Citron outlines the ease of access and uses for “spying apps.” Further, she explains how current law’s responses to intimate privacy violations are inadequate, and advocates for a civil right to intimate privacy.

Below are a few excerpts from “Abortion Bans Are Going to Make Stalkerware Even More Dangerous” by Danielle Keats Citron (Slate Future Tense, July 5, 2022)

The Use of Cyberstalking Apps

Intimate partners and exes download cyberstalking apps to personal devices that give them real-time access to everything that we do and say with our phones. To do this, they only need our phones (and passwords) for a few minutes. Once installed, cyberstalking apps silently record and upload phones’ activities to their servers. They enable privacy invaders to see our photos, videos, texts, calls, voice mails, searches, social media activities, locations—nothing is out of reach. From anywhere, individuals can activate a phone’s mic to listen to conversations within 15 feet of the phone.

For abusers, finding cyberstalking apps is as easy as searching “cellphone spy.” Results return hundreds of pages. In my Google search results, a related popular search is “spy on spouse cell phone.” More than 200 apps and services charge subscribers a monthly fee in exchange for providing secret access to people’s phones. When I first began studying stalkerware in 2013, businesses marketed themselves as the spy in a cheating spouse’s pocket. Their ads are more subtle now, though affiliated blogs and videos are less so, with titles like “Don’t Be a Sucker Track Your Girlfriend’s iPhone Now: Catch Her Today.”

Abusers will use intimate data obtained from stalkerware to terrorize, manipulate, control, and—yes—incriminate victims. Now that a woman’s exercise of her reproductive liberty is soon to be, or already is, a crime in many states, abusers have even more power to extort and terrorize victims. They may threaten to disclose information about abortions unless women and girls give into their demands, including having unwanted sex or providing intimate images, both forms of sextortion. (Sextortion routinely involves threats to disclose intimate information like nude images unless victims send more images or perform sex acts in front of webcams.) If victims refuse to give into their demands (and even if they do), privacy invaders may post information about abortions online and report it to law enforcement. Two birds, one stone: the ability to humiliate, terrorize, and financially damage victims and to provide evidence to law enforcement. Exes can extinguish victims’ intimate privacy by enabling their imprisonment.

Current Legal Tools Are Inadequate to Protect Intimate Privacy

The law’s response to intimate privacy violations is inadequate, lacking a clear conception of what intimate privacy is, why its violation is wrongful, and how it inflicts serious harm upon individuals, groups, and society. Legal tools—criminal law, tort law, and consumer protection law—tackle some privacy problems, but few (if any) capture the full stakes for intimate privacy. In criminal law, privacy violations are mostly misdemeanors, which law enforcers routinely fail to pursue when reported. Criminal law is woefully underenforced when the illegality involves gendered harms, like privacy violations and sexual assault where victims are more often female and LGBTQ individuals. (Yet when the very same people are the alleged perpetrators, law enforcement eagerly investigates.) Because policymakers fail to recognize the autonomy, dignity, intimacy, and equality implications of intimate privacy violations, we have too few protections.

A Civil Right to Intimate Privacy

Our conceptual problems are paired with practical ones. Policymakers tend to view privacy violations in silos, so they pursue reforms in a piecemeal manner. One day, proposals focus on nonconsensual pornography; the next, deepfake sex videos, still another, the confidentiality of people’s COVID statuses; and so on. To the extent that the law is updated, the reforms are often overly narrow.

The conceptual and practical problems compound. When reforms make their way into law, they don’t fully capture the wrongs done and the harms suffered. As a result, they are ineffective and weak. Without the proper conceptual apparatus, lawmakers have an easier time walking away from reform efforts. Far too many times, federal and state lawmakers have told my CCRI [Cyber Civil Rights Initiative] colleague Mary Anne Franks and I that they tried, but, alas, could not get sufficient support. We are left with deficient and outdated laws. We need lawmakers to treat the constellation of intimate privacy violations—such as stalkerware, sextortion, doxing, and nonconsensual disclosure of intimate data—as a single problem. We need a civil right to intimate privacy.

In an ideal world, the criminal law would help deter intimate privacy violations and educate the public about the wrongfulness of this behavior. It would make clear to perpetrators that intimate privacy violations like stalkerware and sextortion are so serious that they warrant criminal punishment and the potential deprivation of their liberty. The business of stalkerware is illegal, and law enforcement must step up. To date, the FTC has brought enforcement actions against two stalkerware companies; it shut one down, under the agency’s authority to combat unfair and deceptive business practices. But, no matter, Spying Inc. is alive and well in search results.

Read the full article from Slate Future Tense online: “Abortion Bans Are Going to Make Stalkerware Even More Dangerous” by Danielle Keats Citron

Danielle Citron is the Jefferson Scholars Foundation Schenck Distinguished Professor in Law at the University of Virginia School of Law. She writes and teaches about privacy, free expression and civil rights. Professor Citron’s current scholarly projects concern sexual privacy; privacy and national security challenges of deep fakes; and the automated administrative state.

In 2019, Professor Citron was named a MacArthur Fellow and received their ‘genius grant’ based on her work on cyber stalking and sexual privacy. Her book Hate Crimes in Cyberspace (Harvard University Press) was named one of the “20 Best Moments for Women in 2014” by Cosmopolitan magazine.

Read more from Professor Citron’s work on sexual privacy:

• Sexual Privacy (The Yale Law Journal, Vol. 128, No. 7, pp. 1792-2121, May 2019) - Sexual privacy is based on social norms about access to information about the human body, gender identity, sexuality, and intimacy. Criminal and tort law do not fully address violations of sexual privacy. Digital technology magnifies the harm from violations of sexual privacy.
• Deep Fakes: A Looming Challenge for Privacy, Democracy, and National Security with Robert Chesney (California Law Review, Vol. 107, No 6, Dec. 2019) - "Deep fake" technology makes it possible to create audio and video files of real people saying and doing things they never said or did. These technologies create policy and legal problems. Possible responses include technological solutions, criminal and civil liability, and regulation.
• The Roots of Sexual Privacy: Warren and Brandeis & the Privacy of Intimate Life (Columbia Journal of Law & the Arts, Vol. 42, pp. 383-387, 2019) - The famous law review article calling for a “right to be let alone,” was the first article calling for legal recognition of rights of sexual privacy.
• Hate Crimes in Cyberspace (Harvard University Press, 2014) - Some people use the Internet to harass and threaten others, revealing victims’ real names and addresses. These attacks result in serious harms such as loss of employment, assault, and suicide. Police and prosecutors are often unwilling to help.