Arc App2020-05-15T14:42:37+10:00

Arc App

Availability: Android and iOS

Price: FREE

Created by: DVRCV

Age Rating: 12+ years

Website: arc-app.org.au

Last reviewed: March 2020

Summary

Arc is a free app that enables women experiencing domestic or family violence to track details of abusive behaviour. Users can upload photos, videos, audio and diary entries to create a record of what has happened, when it happened, and how it made them feel. The app is designed specifically “for people experiencing family violence, to help explain their situation to a friend, family member or a support service, to provide key information to police or in court, and reduce the number of times they have to repeat their story.”

What We Like

  • Arc is a popular app often recommended by frontline workers to survivors of domestic or family violence.
  • The app is simple to use and easy to navigate.
  • The feel of the app is modern, young, ‘diary-like’ and techy, and the ‘tell your story’ feature is empowering to the user.
  • An email address is required to create an account and access on a device is protected by device authentication, or ‘Access Verification’ (e.g. Touch or Face ID on iOS).
  • Users can record information in the app without an internet connection.
  • Arc is predominantly a smartphone app, but functionality is also available through a web application from any web-enabled device. 
  • As data is stored in the cloud, a user’s records can be accessed across other devices also, which may be helpful in cases where access to technology is limited.
  • Pop up alert windows warn users to the potential risks of clicking on external phone links.
  • The majority of the accessibility options on the device are supported by the app and the pop-up alerts.
  • The ability to export data by using the device’s sharing functionality is beneficial to both frontline workers and survivors (e.g. email a PDF, save to Google Drive etc.).
  • Content captured via the app’s audio recording feature is not detectable on the device outside of the app. 
  • The audio feature allows for recordings of up to 5 minutes in duration. If interrupted, the feature will resume recording upon re-opening of the app.
  • Arc design is discreet and the app can be easily deleted and reinstalled within 12 months with no loss of information.
  • The app is designed so that users’ stories can be collated across days, months and years.
  • The app captures emoji entries in records.
  • The external website links and phone numbers provided in the app connect the user to essential services such as police, 1800 RESPECT, Lifeline, QLine, legal services/aid, and ASKIzzy.
  • The resource links provided in the app include both localised and nationwide services.
  • The app uses a number of Amazon Web Services (i.e. secured cloud services platform that offers compute power, database storage, content delivery and various other functionalities), which are used by multinational corporations to store and process valuable data and generally have a good reputation for privacy and security.
  • Data stored in Amazon Web Services cloud servers is physically located in Sydney, Australia and is subject to Australian law. 
  • The Arc Development Team is actively involved in the management and development of the app and is committed to delivering an app that best meets the needs of the users.

Safety and Privacy Considerations and Tips

  • Visibly displaying the ‘Domestic Violence Resource Centre Victoria’ logo on the app’s splash screen is a serious safety concern for users.
  • The ‘Purpose of use’ section is confusing in that it states the app is designed to make notes or record other material of experiences of family violence, yet “must not be used to record conversations or activity that involves anyone other than yourself, in particular it should not be used to record any actual incidences of violence or other forms of physical or verbal abuse at the time such violence or abuse is taking place.”
  • Additional security options such as two-step verification or multi-factor authentication are not offered. This means that if ‘Access Verification’ is disabled the user’s app records could be viewed by anyone who has access to the device.
  • The password can be reset if the email account associated with the app account has been breached. 
  • Some device accessibility options (e.g. text enlargement) are not supported by all sections of the app, and in-app accessibility options are not offered.
  • If an audio recording is interrupted during playback, the content continues to play without requiring re-opening of the app, which could pose a safety risk to the user.
  • Uploaded app data may be subpoenaed for use in legal proceedings without the user’s consent.
  • Increasing the font size of the text on the ‘Helpful Contact Numbers’ resource page could improve comprehension for users with vision impairment and/or who have poor digital literacy.
  • Providing users with guidance on how to access the resources via the National Relay Service would benefit those who may be deaf, hard of hearing and/or have a speech impediment.
  • There is no built-in browser InPrivate mode, therefore alerting the user that digital footprints may be created when clicking on external website links could increase their safety.
  • Alerting the user around the potential dangers of providing app access to photos/media/files, camera, microphone, device ID and call information could increase their safety.
  • As per the privacy policy, users’ data collected by the Domestic Violence Resource Centre Victoria is retained after account deletion and may be shared with 3rd parties, both in Australia and overseas.
  • The user does not have final control over the data. As soon as it is uploaded to Arc’s cloud servers, data cannot be irretrievably or promptly deleted.  
  • Data stored in Amazon Web Service’s centralised cloud servers is encrypted, however, the app maintainers (i.e. those who provide maintenance service on the software) have a Master Key that can access and decrypt all data stored by users. If the Master Key password was abused or stolen it could be used to gain access to the plaintext of all data uploaded to the centralised system.
  • Extensive activity logs are created as part of using Amazon Web Services and information, such as IP addresses, would be accessible to the app maintainers, as well as some Amazon Web Service employees.