Which safety app can I recommend to my clients?

A new resource – App Safety Centre Reviews – has been developed from the findings and published on techsafety.org.au. This will help women considering using an app to confidently choose the right app for their circumstances. The reviews will also provide a resource for frontline workers supporting survivors of abuse, to assist their clients to choose apps to enhance their safety plans.

“Which safety app can I recommend to my clients?” is one of the most common questions asked by frontline domestic, family and sexual violence support workers.

Mobile phone technology has become a powerful tool for victim-survivors of domestic, family and sexual violence to enhance their personal safety and connect with support networks. 

When a woman’s safety is at risk, it is essential that she understands the functionality and limitations of any app she is relying on. 

The Women’s Services Network (WESNET) has reviewed seven popular personal safety apps marketed towards women-at-risk of violence. The project was funded by ACCAN (Australian Communications Consumer Action Network), and the app reviews are now available at the App Safety Centre. 

This research will help victim-survivors, and the frontline workers who support them, to better understand each app’s functionality and any issues or limitations. It is hoped that this information will assist victim-survivors to confidently choose an app to suit their individual circumstances and safety risks.

1. Does the app do what it says it does? Plain and simple.
2. Does the App request more information from the user than is needed? Stored data is always at risk of breach. An app doesn’t need the user’s age, last name, address etc. to function. The more personal information the app collects about a user, the more the user’s safety and privacy risk increases. If an app doesn’t know something, it can’t leak it. So if an app is asking too much unnecessary information, consider whether it is the best option for a victim-survivor at all.
3. Do the app’s accessibility features meet the user’s needs?  Does it offer accessibility options?  Does the user need a high level of digital literacy or physical dexterity to operate it? Is the language easily understood by someone with a cognitive disability? Is the user’s primary language supported by the app? Is the app easy to navigate and is the design intuitive? 
4. Consider user reviews and ratings, especially if there are lots of them. If there are only a few five star ratings, chances are the developer has had their mates jump on to give it a good rap. If the reviews have a lot of user responses and the app has been in production for some time, it can be helpful to read through what the issues are, particularly the current ones, and to see have there been any responses from the developer or app managers.
5. Check when the app is maintained for bug fixes, and if it’s being updated regularly.  If you go into the Google Play Store or App Store and click on the details of that app, it should show you when the last updates were performed. Be wary of apps that haven’t been updated within the last 12 months. 
6. How easy is it to delete and uninstall?  If you uninstall, does it delete your data as well? If not, where do the Terms and Conditions or Privacy Policy state your data is sitting, and for how long?  Does the app offer safety features, such as quick exits and warnings?  

The app marketplace is enormous–in September 2020 the Google Play and Apple stores listed 2.8 and 2.2 million apps for download respectively–and many apps are targeted toward women-at-risk of violence. Developers competing for sales make marketing claims not necessarily based in truth. For a victim-survivor of violence, relying on these claims can have life-or-death consequences.

In August 2019, ACCAN awarded a grant to WESNET to impartially test and review popular safety, security and privacy apps marketed towards women-at-risk in Australia. The app review project would build upon work begun by WESNET’s US sister-organisation National Network to End Domestic Violence (NNEDV), 

To design a research methodology to test the apps, WESNET partnered with digital technology and social researchers Dr Jenna Condie and Dr Garth Lean from Western Sydney University and software engineer and researcher Dr Robert Merkel.

Domestic and family violence frontline workers across Australia were invited to participate in a survey to determine which apps were popular and which they were recommending to their clients.

The most popular apps – Daisy, Penda, Sunny, Help Me, Leelou, Positive Pathways, Arc – were selected for testing and review [1]. They predominantly fell into four genres: 

• ‘Call for Help’ – Emergency Responders
• ‘Call for Help’ – Friends/Family/Trusted Contacts
• ‘Evidence and Documentation’
• ‘Information Only’

The ‘Call for Help’ apps to contact emergency responders, or to contact friends, family or trusted contacts, often had the functionality to contact both. In fact, many of the apps could have been listed in more than one genre. The ‘Evidence and Documentation’ apps allowed users to upload content such as photos, videos, audio samples and diary entries. The ‘Information Only’ apps provided links to services and occasionally also offered safety advice.

The project was never designed to compare one app against another because each app offers different functionalities, however some standout features of the apps reviewed are worth mentioning: 

Daisy for ease of set‑up.  You could set your State upfront and then all information directed towards you was relevant for your location. 28 languages other than English are also a feature of this multipurpose app.  

Help Me for usability and high quality data security. This was a firm favourite of the testers as it did exactly what it said it would do, plain and simple. No data was shared outside of the app, and once the app is permanently deleted and uninstalled, any data captured on it is also removed permanently.  

Penda for discreteness. It presents as a game and the quick exit option transports you straight back to the game; and it’s a good one!  It provides lots of safety warnings before users download the app or move between different areas in the app.  

Sunny for accessibility. This is the only app in Australia marketed specifically towards women with a disability, and the developers are really serious about accessibility.  

Drs Condie and Lean took a comprehensive approach towards analysing each app’s practical functionality, user experience, and cyber security. A 360 analysis was performed so that the methodological framework was founded on best practice within the field of digital research inquiry.

The researchers incorporated a conceptual framework to understand what the apps do and whether they were developed specifically for survivors of domestic violence or for a more general audience, by asking “Who is the app designed for?”. The analysis included the  ‘back-end’ cyber security perspective, user accessibility and inclusiveness. 

Putting the apps through their paces – testing and review

Soon after commencement of the testing, it became clear to the testing team that while all the apps were well intended, and some of them worked mostly as designed, despite best intentions some of the apps had significant design limitations, flaws, barriers to use, and/or safety implications for women-at-risk of violence. Some of the apps made unclear or misleading claims in their marketing, which may unwittingly put women at greater risk.

App functionality, cyber security and back end insights

Dr Merkel took a thorough look ‘under the hood’ of each app to figure out what they were actually doing, as distinct from what they said they were doing. Other areas he examined were how they did what they did, what information they were collecting in the process, and how that information was stored and shared. 

Dr Merkel recognised there were limitations to what he was able to do because most of the apps talk to a ‘back end’. The back end is a computer or collection of computers sitting somewhere on the internet that receive data and instructions from the mobile app, and then do things with it. In some cases Dr Merkel was able to infer some of what was going on from looking at the app. In other cases the testing team engaged with app developers to get a sense of how their back ends ran and the security measures they had on those services. In the process, the testing team found that while most apps and their associated server infrastructure had been thoughtfully designed and implemented by taking into account the security and privacy of users, some had security flaws that could put sensitive information about users at risk. In these cases, the testing team engaged with the relevant app developers to get them to address some of these issues. 

It became abundantly clear that you cannot tell from looking at the outside of the app whether it has privacy and security issues. A developer might claim their app offers ‘world‑class’ or ‘best‑practice’ security, however the testing team found that marketing hype plays a role in such cases. 

Dr Merkel stressed that it is really important to consider the expertise and likely capabilities of the victim-survivor’s perpetrator when choosing and setting up apps to be used by a victim-survivor. The ability to access the back end of the app or breach its data might be limited to perpetrators with high levels of technical knowledge themselves or access to such expertise.

Accessibility for all women

Omaim Al-Baghdadi, a Master of Research student at Western Sydney University specialising in intersectional feminism and violence against marginalised women, focused on evaluating whether the apps were accessible to all women. 

Al-Baghdadi  concluded that the apps were inaccessible to most women. They predominantly cater to English‑speaking, technology-literate women, which excludes the majority of marginalised women, older women, non‑English speaking women and women with a cognitive disability. 

Even when the app aimed to cater to different languages, the user would still need to have some level of English to navigate the app. One of the most popular apps, Penda, had the option of choosing one of six different languages, including Arabic. As a native Arabic speaker, Al-Baghdadi tested the app in Arabic and determined that the user needed to possess some basic level of English in order to navigate to the page where the language setting could be changed. Even after changing the language setting, it was noted that much of the content remained in English, such as tabs for legal matters and service information, and not all of the resources were translated.  

User-testing was performed on women over the age of 65 and it was found that they struggled to navigate the apps. The women became frustrated with using the apps as the design often wasn’t intuitive and they didn’t have the required technological literacy to navigate the apps. 

An issue was also found with the ‘Information Only’ apps, as their resources list marginalises women. For example, the recommendation made by Daisy for migrant refugee and CALD communities only included Anglicare Sydney and excludes a lot of specialised local services, such as Muslim Women’s Association, Jewish Care New South Wales and Immigrant Women’s Speakout Association. 

Al-Baghdadi noted it was not unexpected that these accessibility issues were present as  one app is unlikely to cater to all women. She acknowledged that app developers and services are doing their best with the limitations facing them, (e.g. lack of funding), however as the experiences of marginalised women are often left in the margin, improving conditions for these women would be welcomed.  

Overall, WESNET found the project highly valuable and we hope that survivors everywhere will benefit from the reviews we have undertaken and the methodology we have developed for rigorously testing apps designed for survivors of gender-based violence.  

Our sincere thanks to ACCAN for funding this project as part of the 2019 ACCAN Grants Round. For more information about ACCAN and the innovative grants program click here.  

We’d also like to extend our thanks to the app developers and management teams we engaged with, both for their willingness to listen to any concerns we may have had as well as for their genuine desire and commitment to improving the safety of women and children throughout Australia.

[1] Three apps initially selected from the survey results were ultimately excluded from examining. 1) SmartSafe+, as it was determined to have been superseded by Arc, 2) Re-focus, as Women’s Legal Service Queensland (WLSQ) confirmed it was to be decommissioned, and 3) a third app which we felt that revealing the security concerns publicly would put the current users at a heightened risk. Work with the app development and managing teams is ongoing in this instance.