The standard issues involved with a divorce or separation are most often very difficult. In the past decade I have seen these difficult situations made even more difficult because of technology. Text messages, emails, smartphones, and other technology are relevant in many of the cases we see.
As computer forensics consultants, we are asked to check computers for keylogging software or spyware, check devices and accounts for tracking, collect text messages for legal proceedings, and sweep houses and cars for eavesdropping devices. In this article, I am going to highlight some of the more common issues we are asked to deal with for legal counsel as it relates to technology and the issues it can cause during a divorce.
The most common request we receive is to check whether or not someone is monitoring an email account or phone. More often than not, there is no obvious monitoring taking place. The client has an odd feeling that their communications are being monitored but no proof. On a few occasions, we have identified where this type of activity could have been taking place, but rarely have we encountered a compromised email account when helping a client involved in a domestic matter. This does not mean it does not happen, and it is best to take precautions.
Many couples who have been together for a while often share information related to email accounts and even the password to an iCloud account. In one instance, we learned that one spouse set up the other spouse’s webmail account and had known the password since its inception. This type of information should not be overlooked and should be addressed as soon as possible.
The mere fact that someone has the login information to any of your accounts does not imply that wrongdoing took place, but it opens the door for unnecessary accusations. Securing your personal accounts as soon as possible can prevent so much frustration. It is also a good idea in general.
If someone has access to your account, they can read the emails. They can also set up email forwarding. Forwarding allows for incoming emails to be forwarded to another account. You would still receive the email in your inbox, so the change would not be immediately noticeable.
The settings for every email account should be checked for forwarding. If someone has enabled forwarding without authorization, then they do not need to access the account to see the emails being sent and received. Even if you change your password, emails will still be forwarded.
Passwords and Two-Factor Authentication
All email accounts should be password protected with a strong password at a minimum. So often we see clients who have been using the same password on their email account(s) for many years. What’s worse, they often use the same password on all of their accounts. If this is the case, you can rest assured anyone who has been living with you for a significant amount of time either knows the password or can easily guess it.
One way to secure your email account is to change the password frequently. Changing the password frequently makes unauthorized access less likely. It also gives the owner peace of mind that no data in the email account is being viewed.
Another way to secure your email account and other web-based accounts is to implement two-factor authentication. This is the process by which a code is sent to your mobile device any time someone attempts to log into your account.
Two-step authentication (or two-factor verification) is an ideal way to provide extra security for your online accounts and prevents unwanted access to your email, Apple account, or other online accounts. Online accounts are by default protected by a username and password. Two-step verification protects your account even more. This is accomplished by sending a code to your phone or another account. Not only do you have to enter your username and password into the email or cloud account, but you are also required to enter a code that is sent to your phone.
Do you use an iPhone and share an iCloud account? Have you set up “family sharing” on the iCloud account? Do your children have Apple devices that are part of the family iCloud account? The confusion and problems caused by intermingled Apple devices and iCloud accounts among parents and children can be difficult to manage.
As an example, if a child uses an iPad that is linked to one parent’s account, then that parent can track the child. Granted, children’s access should be monitored, but knowledge of this capability from the beginning alleviates problems later. It should also be noted that the parents’ text messages and emails may display on the child’s iPad if it is improperly set up on the parents’ account.
None of this activity may be devious in nature, but it is best to be aware of it. That way, you can address the issue before it becomes a problem and complicates the matter even more.
Some of our clients are concerned that their telephone calls are being monitored. They believe that spyware has been loaded onto their device.
There are several services that advertise the ability to monitor a mobile device. Not only do they offer the ability to monitor calls but also location information and text messages. In most cases, the approval to monitor a device must take place from the device to be monitored.
Preventative steps include making sure your device is locked with a passcode. Don’t open attachments in text messages you receive. Preventing physical access to your device is the best prevention.
Signs that someone is monitoring your mobile devices are increased data usage, battery life decreasing, slow performance, and background noise. Now don’t panic—we have all dealt with these types of technical glitches from time to time. Just because your battery is draining faster than usual does not necessarily indicate you are being monitored. These signs are just indicators—not proof—of eavesdropping.
Spyware and security applications are offered for both Android and Apple devices. We recommend installing at least one security application on your device. Apple offers a number of suggestions for securing your iPhone, and these suggestions are based on the current model and operating system of the device. We recommend searching Apple’s website for the best security configuration for your device. For an Android, the security setting will depend on the manufacturer and model of the device.
We have also had clients concerned that their wireless devices in their residence have been tampered with or that listening and video recording devices have been installed. Let’s talk first about video surveillance systems.
If you have a video surveillance system in your residence, you need access to that system. Whether the system is monitored by you or your security provider, you must verify that the resident of the house is the only one with access. When I say verify, I mean that you need to see the settings, change passwords, and check that no one but the resident of the house has access. If this is not possible, replace the system or at least turn it off.
When one person moves out, it is important to change passwords or wireless routers, Ring devices, and any other monitoring device that has been placed in the house. Electronic security devices that were originally placed in the residence for security can easily be used improperly during a separation or divorce if access to those devices is not controlled properly.
Another concern that is raised by some of our clients is that they are being tracked. They believe a GPS tracker has been placed on their car or that software on their computer or phone is tracking their location. We haven’t found this to be a common occurrence, but I wanted to mention it because the possibility does exist.
A GPS tracker is a small device that can be placed on or in a vehicle. There are literally hundreds of different types. Some provide live tracking through a website, and others provide location history. Passive GPS trackers (GPS loggers) collect data and store location information to an internal drive. These have to be retrieved from the vehicle to review the data. Active GPS trackers let someone know your exact location at all times. Smaller GPS units can also be placed in purses, backpacks, briefcases, and clothing.
Most GPS trackers utilize rechargeable or replaceable batteries. This means if someone is placing a GPS tracker on your vehicle, they must return on a regular basis to replace the unit or the batteries. All situations are different, and prevention can be difficult. In general, always lock the doors of your vehicle. Park in a garage or keep your outside parking area well lit.
Finding a GPS tracker requires a manual search of the vehicle. It is possible to scan to try and locate an active GPS tracker, but this requires special equipment that isn’t always reliable.
What should you do if you think a GPS tracker is on your vehicle? Go ahead and search your vehicle. You know better than anyone what should be in your vehicle. Look in all of the pockets and under the seats. Look under the hood, in the dash, and in the trunk. If you are uncomfortable looking under your vehicle or don’t feel you could even identify a GPS unit if you saw it, take your car to a local repair shop. If you explain the situation, most likely they will help.
If you do find a GPS unit, do not throw it away. We recommend turning the unit over to a friend or attorney. Eventually the battery will die, and it will no longer work.
General Prevention Recommendations
The most productive measure that can be taken to prevent frustration, anxiety, and unwanted, unnecessary, and unproductive accusations is to identify your digital footprint. Identify what information you feel is confidential during this difficult time and secure it. Change passwords and even create a new email account if necessary.
Most often when we sit down with a client to go over their devices and accounts, they always recall something they forgot. Remember that multiple family members may have access to an Amazon account, iTunes account, bank account, and more. It is easy to see how overwhelming this can be. Dealing with these issues can save so much in the long run.
I cannot end this without addressing the need for you to feel safe and measures you can take so that you can continue on with your life with less anxiety during this difficult time. We have had clients indicate that their homes are being broken into, their vehicles are being tampered with, and they are being followed. First, if you feel this has occurred, contact local law enforcement immediately. This serves two purposes. It documents your immediate concern, and it alerts local law enforcement of the current situation. Ask if a more regular patrol of your area can be conducted.
Second, look at ways to secure and monitor your residence. Alarm systems have become less complicated and can even be installed without wires and by the homeowner or a friend. Surveillance cameras have become wireless and can be strategically placed to monitor specific areas of the house or even your vehicle in the driveway. Set up apps on your phone that make it easy to take pictures, videos, or audio recordings.
There is no way to address all of the scenarios that I have encountered during my years in law enforcement and as a computer forensics consultant. When we first meet a client, we have them tell us the circumstances surrounding their situation and what particular concerns they have. Some are just worried about their email, some about their phones, and some about all of the above. We do our best to research all of their devices and accounts to verify that they are secure.
There is always a possibility of something being missed. It is possible a voice-activated recorder was placed in the house and removed before a search was conducted. Maybe a GPS was put on the vehicle but removed before it could be found. There are too many variables in these types of situations to offer any type of guarantee. Our goal is to help provide the client with information and knowledge so that they can take control of their environment and lessen the anxiety during these times.