Internet-Draft | ipvc | September 2023 |
Celi, et al. | Expires 4 March 2024 | [Page] |
This document aims to inform how Internet protocols and their implementations might better mitigate technical attacks at the user endpoint by describing technology-based practices to perpetrate intimate partner violence (IPV). IPV is a pervasive reality that is not limited to, but can be exacerbated with, the usage of technology. The IPV context enables the attacker to access one, some or all of: devices, local networks, authentication mechanisms, identity information, and accounts. These kinds of technical compromise exist in addition to on-path attacks, both active and passive [RFC7624]. In this document we describe the tactics the IPV attacker uses and what kind of counter-measures can be designed in IETF protocols.¶
This note is to be removed before publishing as an RFC.¶
Source for this draft and an issue tracker can be found at https://github.com/claucece/draft-celi-ipvc.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 4 March 2024.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Intimate partner violence (IPV) refers to physical, emotional, verbal, sexual, or economic abuse of a person by a current or former intimate partner (henceforth, refered to as the attacker or abuser).[WHO] It is understood that in IPV cases there is an unequal power relationship that enables the abuser to cause harm in romantic or sexual relationships, as well as child or elder abuse, or abuse by any member of a household.¶
Digital technologies are central in modern lives and can be used as a way to enable and enhance IPV. Technology-based IPV has impact on the physical, psychological and emotional health of survivors, affecting them not only individually but their social environment [ref].¶
There is significant existing work in the field of online gender based violence [IPVTechBib][CSP] and technology-based IPV [Freed] mainly focused on response and resiliency, including digital privacy and safety strategies. Nevertheless, IPV is not considered enough when designing digital technologies, networks, or Internet protocols against threats. Only in rare cases are protocol design or cybersecurity best practices/tactics available [CETAStrategies].¶
The type of abuser that is close and familiar to the victim, "the attacker you know", is neither on- nor off-path, they have complete access to-- perhaps even share-- devices and local networks. They can even coerce their targets.¶
This document describes the tactics used in technology-based IPV. It provides recommendations for the design of protocols and implementations to mitigate those tactics. In what follows, we first describe IPV and related terminology, the kind of tactics attackers use, and we end with the recommendations.¶
Although the category of tech abuse includes practices such as Child Sexual Abuse Material (CSAM), or digital manipulation of images and videos (deepfakes) to exhibit and slander women [Witness], those tactics are out of scope in this document, since the attacker is not part of the victim's social environment, i.e. they do not necessarily have access to the victim's local network.¶
Technology enables and enhances IPV attacks with pervasive surveillance, overt monitoring, and coercive access. IPV refers to physical, emotional, verbal, sexual, or economic abuse of a person by a current or former intimate partner. By "partner" we mean anyone with a close relationship with the victim that can exercise abuse in a romantic or sexual relationship, as well as child or elder abuse, or abuse by any member of a household. In cases of IPV, there is an unequal power relationship that enables the attacker to cause harm. [Dragiewicz2018] calls this "digital coercive control" whereby Internet-enabled technology-- through access to local networks, devices and accounts-- becomes a mechanism to exert control, to conduct surveillance, or to aggravate and harass.¶
Note that while this kind of abuse of technology is excerted to any person (regarless of their gender or sexuality), there is an interesection with gender violence. As noted by [APCFramework], "women and girls face specific cyber threats in the digital age that are considered forms of gender-based violence as they occur because of their gender, or because they disproportionately affect one gender. While this violence is mediated by digital technology, it is part of the same offline structural violence; but its technological dimension adds elements of search, persistence, replicability and scalability that facilitate the aggressors’ access to their targets and can exacerbate the harm."¶
In the rest of this draft, we will use this terminology:¶
In order to describe IPV attacks that are enabled or exacerbated by Internet technology, we first describe our assumptions about the attacker and common tactics that can be used. Then, the types of technology-enabled IPV attacks are described.¶
The attacker we present in this document is one that either has forceful control of accounts, devices, and/or authentication information for accessing systems, or uses public information to exercise control. This kind of attacker can be technologically savvy or not. We define this attacker as one of the strongest ones as it can have unlimited access to systems and devices, whithout investing a lot of financial or computational resources.¶
The attacker has some kind of physical access to the victim (or has had it in the past), and often shares a common social network with them. In some cases, it can be the legal owner of the devices/accounts a victim uses.¶
There are many ways in which digital and networked technology can facilitate an attacker perpetrating IPV. For an in-depth reading, see [TBMDGMMDR] and [CDOHPFLDMR]. Here we informally list their main groups:¶
Monitoring: One of the most prevalent methods to enhance IPV is the usage of active monitoring of any online account that the victim has or of any action that the victim does in the digital world. This includes a variety of behaviors that feel unwelcomed and intrusive, and can involve threats. The monitoring is "active" in that is a permanent action that the victim can be aware of or not, and that the abuser might want to make them aware or not. It can include:¶
In this type of attack, we see these dimensions:¶
Compromise of accounts: An attacker may demand access to the victim's accounts to continuously monitor, control or restrict their online communications and activities. In contrast to the previous point, rather than using "publicly available" tools the perpetrator demands access to tools and contents in order to reduce the "life space" or "space for action" that the victim-survivor may have to perform activities that do not involve the attacker. Once an attacker has access to an online account, they can use that to:¶
Compromise of devices: This attack is similar to the above, but the attacker demands access to the victim's devices. The goal is the same as the above but the result is more impactful as it restricts access to accounts that are accessed through the device. It can also prevent any connection to the Internet. Once an attacker has access to the device, they can use it to:¶
Harrassing: Harrassment can be anonymous, but a victim often knows from whom harrassment messages/actions come from; but, due to its anonymity, it is unable to hold atackers accountable. The systems we have in place often need that harrassment content is permanently available so that an investigation takes place. This enhances the abuse a victim is suffering. This type of attack appears in different dimensions:¶
The above attacks can be carried out in different ways. We list here the most common ones:¶
In the research of the ways attackers use technology to enhance IPV, we see this specific technology being abused:¶
Lack of blocking mechanisms and abuse of anonymous mechanisms: Often times attackers carry out abuse by:¶
We list here some recommendations to protocol designers to mitigate technology-enabled IPV:¶
Build proper authentication systems: authentication mechanisms should provide:¶
Send clear notifications for:¶
Storage and sharing of media: media should be stored/posted in such a way that:¶
Social media: social media can be a way for attackers to enhance monitoring. They should:¶
It is important to note that IPV should not be mistaken to be a privacy issue alone. Furthermore any tech-based solutions and interventions that only address privacy can be used by attackers, helping them to cloak their attacks from the victim and other means of detection. Power is imbalanced in IPV and technology entrenches power.[Citron]¶
This document has no actions for IANA.¶
Thanks to:¶