The realm of digital evidence in family law is going beyond custody and financial issues these days; there has been a rise in cases of alleged cyberstalking, hacking, and spyware in family law case.
By Brook Schaub, Computer Forensics Professional
In a previous article for Family Lawyer Magazine (“Digital Divorce: How Computer Forensics Can Influence Your Client’s Case”), I discussed the topic of computer forensics and eDiscovery in family law litigation, using examples of its value in helping with custody issues and locating financial assets. While those types of cases are still happening, there has been a rise in cases where hacking, spyware, and the electronic stalking of a spouse have been alleged and asked to be investigated by family law attorneys.
Cyberstalking, Hacking, and Spyware: Electronic Devices, Apps, and Even Vehicles Can Be Monitored
These cases can involve electronic devices, websites, apps, and even vehicle tracking. Hardware and software programs – both professional high-tech and lower-tech applications – are readily available. A tracking device can be attached to a vehicle in seconds, and it only takes a few minutes of access to a spouse’s cell phone or computer to install a program or app. These apps can trace the spouse’s movements through GPS and send copies of emails and text messages to the opposing spouse. Some programs can even monitor phone calls and activate device cameras.
When consulting with a client on these issues, a lawyer’s decision on whether to pursue a forensic investigation or to provide mitigation advice only falls into two areas:
- Will the investigation provide litigation value to the client’s case?
- Will the mitigation consultation help eliminate the client’s fear associated with spyware and/or keylogging programs?
Do not underestimate the mental and physical toll on a client who believes that all their actions are being monitored by their ex-spouse.
Spy Pens and Shared Passwords
Some recent examples of cyberstalking include a non-custodial parent placing a “spy pen” in their child’s backpack. The pen recorded audio and video interactions between the child and the custodial parent, and the non-custodial parent retrieved the pen and downloaded the interactions on the child’s next visit. While technically against the Electronic Communications Privacy Act (ECPA) and most state statutes, the likelihood of criminal prosecution in these types of family law cases is minimal. The same would hold true where devices have been placed in the home or on the home computer – especially if the computer is used by multiple family members.
Many cases involve a spouse using a known password or answers to security questions to access their ex-spouse’s email accounts. This is especially true in cases where there has been no mitigation related to electronic accounts at the start of divorce proceedings, so attorneys should discuss the urgent necessity of changing all passwords on all accounts as soon as a new client retains them.
Most security questions are simplistic and an ex-spouse would probably know the answers (e.g., “What street did you live on as a child?”). The computer only cares that the answers match, so setting intentionally incorrect answers to the security questions is one simple way for your client to prevent unauthorized access to their accounts. Your client should do this whether or not they suspect their ex of hacking their accounts. If your client has reason to believe their computer has been infected with spyware, explore other mitigation methods; changing passwords has little value if the device used to change security answers and passwords is sending updates to the spouse via spyware.
Cyberstalking, Hacking, and Spyware: Suspicion vs. Certainty
Family lawyers frequently receive inquiries from clients who suspect their partner has installed spyware on their cell phone or tablet. While there are ways to locate this software forensically, a good forensic examiner will ask a series of questions first to determine if this is a possibility. Such questions include:
- Has the battery been discharging more quickly than usual?
- Does the phone turn on and off by itself?
- Is there static or echo on calls?
- Is the client still on the same calling plan and account as their spouse?
- Has the client performed other mitigation methods relating to cloud accounts, syncing with computers, etc.?
In these type of forensic cases, details on why the client suspects spyware is an important part of the initial interview. Recently, a client was concerned that her activities and movements were being monitored via spyware on her cell phone. During the interview, she told us that her soon-to-be ex-husband had purchased a newer-model Audi for her – and the vehicle’s Audi Connect service allows an owner to trace the vehicle using the associated application on a cell phone. If cyberstalking is important to the case, attorneys should be aware that real-time spyware or tracking applications frequently require a paid subscription – which leaves a paper trail that can be obtained by subpoena.
Vehicle forensics is an emerging area in eDiscovery. Each time a door is opened or closed, the lights turned on and off, or the vehicle placed in gear, these actions are documented by a time/date and odometer reading. There are around 70 computers in newer vehicles, all recording vehicle activity while your cell phone syncs data with it (phone book, call logs, text messaging, music played, WiFi locations, GPS locations, etc.).
If the vehicle has a navigation system, then waypoints, favorites, and crumb trails to locations driven can also be recovered forensically. As the infotainment and telematics systems of vehicles get more sophisticated, this type of data will likely become accessible using associated cell phone apps.
Hacked Email in Family Law Cases
Not all hacking cases involve the need for computer forensics. In one case, the client believed his spouse had hacked his Gmail account to gain financial information and privileged communications with his attorney. Consulting with the attorney on Internet provider subpoenas, we could trace the hack to his spouse’s iPad while she was in another state. She ended up “pleading the Fifth” on a subsequent interrogatory.
During a visitation dispute, a custodial parent hacked into her ex’s Gmail account, then created fictitious emails that seemed to demonstrate the father’s poor character. She then sent the emails to the Guardian ad Litem as evidence the visitation agreement should be changed. Working with the client’s attorney, we traced the hack to the ex-wife’s computer at a time when the father was proven to be at work in another state.
In a questioned document case, one party faxed emails to the court as PDF documents rather than sending the original email. The PDF documents failed to possess the correct font, macros, and coding as an original email; these issues, combined with other electronic evidence, made the exhibits’ authenticity suspect.
Are Electronic Investigations Worth the Cost?
When dealing with suspected cyberstalking, hacking, or spyware, a lawyer must first decide if the case warrants the expense of forensic examinations. In custody and financial disputes, it may be money well spent. Family lawyers need to consider the cost/benefit of obtaining electronic evidence for other types of cases. For example, does the discovery of the activity help them to prove a domestic abuse situation or to develop orders for protection and other stipulations? If the goal is to give the client peace of mind, then explaining how and why to protect their electronic devices and Internet-related accounts may be the best solution.
In either case, seriously consider consulting with a professional to ensure that you have covered all the bases if your client suspects cyberstalking, hacking, or spyware.
Brook Schaub is the Manager of Computer Forensics and eDiscovery for Eide Bailly LLP in Minneapolis. A retired Police Sergeant, he has been performing computer forensics since 1995. He also is a consultant to the Team Adam program of the National Center for Missing & Exploited Children. www.eidebailly.com
The Dangers of Free Wi-Fi
Do you know how to prevent hackers from gaining unauthorized access to a client’s confidential information? Here’s why using “free” Wi-Fi is risky business.
The Spy in Your Client’s Pocket
Smartphones map our lives – and the Supreme Court’s re-examination of third-party doctrine of electronic data will have wide-ranging impacts on privacy rights.