Designing Websites to Increase Survivor Safety and Privacy
A Note on Language
In this toolkit, we will sometimes use the word woman/women and feminine pronouns for simplicity and to recognize the significant impact technology-facilitated violence has on women and girls. We recognize that TFGBV also impacts trans, non-binary, and Two-Spirit people. We hope that all people impacted by TFGBV will find these documents useful.
Visiting a website can leave a digital trail and, for survivors, can create safety and privacy risks. A primary risk for survivors is that someone else may discover that they were seeking information or reaching out for help online. An abusive person, friends, family members, co-workers, or fellow students could know what a survivor is looking at online by either looking over their shoulder or reviewing their web browser history.
While it may not be possible to completely eliminate risks, there are ways to increase survivors’ awareness and provide options. Below are tips to help minimize the safety and privacy risks on your organization’s website.
1. Add a safety alert. A safety alert should include a warning that visiting this or any other website, or simply searching for terms like “domestic violence,” creates a digital trail that cannot be completely erased. A safety alert should inform the person of the risks and give them a chance to decide whether to continue or to leave. A header should also be at the top of every webpage because survivors may not start on the homepage. For example, check out the safety alert header on sheltersafe.ca or the safety alert pop-up window on the www.techsafetycanada.ca website. Information to include:
- Other ways to seek help, such as emergency services, your organization’s crisis line, or a provincial help number.
- An option to leave the site quickly using a “Quick Exit Button” (more information below) or to close the browser window by using keyboard shortcuts such as Alt+F4 (Windows), or Shift+Command+W (Mac).
- Options for minimizing the digital trail by using safer devices and browser privacy options. You can link to or copy our Internet safety page and include a link to additional information about technology safety and privacy in our Tech Safety and Privacy Toolkit.
NOTE: Don't give a false sense of security. If any of your web content discusses clearing the digital trail, also include information about the risks of spyware and device monitoring. Spyware, also called Stalkerware, monitors all activity, including attempts to delete browsing history. Read more about Spyware and Stalkerware.
2. Include a Quick Exit button that redirects the web browser to a reliable website with neutral content (such as the weather or the news) that can load quickly. A Quick Exit button does not delete the current website from the browsing history, but it can be an option for a survivor to quickly pull up another website if someone enters the room when they’re visiting your site.
There are two technical options that can be coded within your website to further help hide your website.
- The first option is to code the button so that when it is clicked it both opens a fresh tab to a neutral page, and also re-directs to many websites in rapid succession to hide your website deeper in the browser history. The benefit of this is that if someone hits the “back” button, they won’t go directly to your organization’s site, adding an additional layer of protection and privacy. The downside is that this will take longer to load, and still won’t remove the browser history.
- The second is to code the button so that there is no “back” button on the new page that opens after pressing the “Exit Now” button. An example of this can be found on the https://techsafety.ca/ website after your click on “Exit Site.” To learn more about how, check out Giving Users a Quick Disguised Exit From a Website.
3. Increase Safety and Privacy via “Contact Us” and “Find Help” Options.
- Use clear visual cues and plain language to direct survivors to the safest and most secure ways to contact you. Encourage survivors to reach out through your crisis line, and any other safer and more secure options you offer (e.g. text, online chat, etc.). Visit section 2 of this Toolkit for more information if you are considering starting new services.
- Remove email addresses from your website and use web forms instead. For survivors reaching out to your organization, crisis lines and online chat are generally safer ways to communicate. For survivors who want to use email, web-based contact forms are usually a better option. With a web form, the survivor’s message goes through your website instead of through the survivor’s email account, where a sent message could be found. On the web form, it is important to have the option not to send a copy to the sender’s email address and to ask how your organization can safely respond. See BCSTH’s Contact Us Form as an example.1
NOTE: Email and social media are generally not secure or confidential ways to communicate. While we encourage organizations to respond to survivors no matter how they reach out, be sure to offer other more secure options both in the design of your website and after you connect with a survivor once they reach out.
4. Use HTTPS. HTTPS encrypts the data shared between the user’s browser and your organization’s website. Configuring your website for SSL/HTTPS has the added benefit of improving your rankings in search engines. Ask your website’s host to add an SSL certificate if it doesn’t already have one. Keep in mind that an HTTPS site will still show up in the user’s web browser. HTTPS also won’t protect against spyware or keystroke logging.
5. Be Cautious with Third-Party Tools. Sometimes called add-ins, plug-ins, or widgets, these third-party tools might offer ways for you to add comments sections, maps, images, weather, or other features to your website. Some of these tools are designed to gather information about everyone who visits your site and can pose a serious privacy risk.
6. Links, including embedded videos and pdf documents, also leave a digital trail.
Inform survivors that links to external videos will be stored in both their browser history and their account history. For example, a video embedded from YouTube will be in browser history and their YouTube account viewing history. An alternative is to embed the video in your own site. Also inform survivors that downloading a pdf from your site will place the document in their downloads folder.
Organizational Confidentiality
Websites can also pose challenges to organizations’ confidentiality obligations if they are set up in such a way that collects Personally Identifying Information (PII) about site visitors. Some basic website data, such as an IP address, can be personally identifying. As with all other work with survivors, only collect the minimum amount of information necessary to provide the information or services they are requesting.
Below are options to minimize or eliminate the collection of identifying or potentially identifying user information through your website.
- Don’t use cookies. Cookies are bits of code that track users’ visits to your site, and sometimes the history of other sites they visit. If your website uses cookies, explain why it uses cookies in your privacy policy.
- Obscure the IP addresses of visitors to your site. IP addresses can be personally identifying and are usually stored by default for most websites. Techniques like Cryptolog mix up the IP address with other random information and encrypt it all, protecting the privacy of visitors to your site.
- Be selective with analytics. Consider not using third-party analytics. Instead, use only the information you can glean from the web host’s server log. If you must use third-party analytics, customize settings to minimize the possibility of collecting identifying information. Inform users about any third-party analytics you use and provide information about how visitors can opt out of analytics on your site through your privacy policy. You can also use a tool like this one that integrates with your website.
- Get informed consent for names, photos, documents, and videos that you post to your website. This includes presenters, donors, board members, staff, volunteers, and other individuals whose information you publish (including in emailed newsletters). Remove any content that your organization does not have explicit consent to post. In addition, before uploading photos to your website, remove geotags from the digital file. Geotags add information about the location where a photo was taken. For example, a photo inside a confidential shelter might reveal the exact location if it was taken with a device with the location or geotag feature on.
- Provide clear information about your privacy policies. This should include information on what data your site collects, who has access to that data, and how you use it. For more information, see NNEDV’s guide to Privacy Policies and Terms of Service. You can also analyze your current policies with this tool.
Ensure Accessibility
You should ensure that all people can access your organization’s website. Read more at the Web Accessibility Initiative's Tips for Getting Started with Web Accessibility.
To support your development of safe tech use policies, WSC has developed a Use of Technology Policy Template Guide for Women’s Shelters and Transition Houses (PDF, in English only).
Technology-Facilitated Gender-Based Violence (TFGBV) is part of a continuum of violence that can be both online and in-person. If you or someone you know is experiencing TFGBV, you are not alone. You can use sheltersafe.ca to find a shelter/transition house near you to discuss options and create a safety plan. You don’t need to stay in a shelter to access free, confidential services and support.
Adapted for Canada with permission from NNEDV’s Safety Net project, based on their resource Designing Websites to Increase Survivor Safety and Privacy
- Web forms can also be helpful for your organization because they reduce spam emails sent by automated technology that harvests emails from websites, and because you can better route inquiries from visitors other than survivors, such as people asking about volunteering or requesting an expert speaker.