Technology-facilitated gender-based violence (or TFGBV) is often not something that gets built into the design from the start. It’s not something usually considered until it happens, and the following step is to “fix it”, as if it were a bug or a security patch. Every piece of technology would be very different if, early in the design processes, people wondered: could this technology be used by an abusive partner? What could happen if an attacker has physical access to the device? How does this design affect people in structural inequity contexts? These types of questions, among others, tend to be pushed aside when “global impact” or “mass adoption” technological products are designed.

When it comes to internet technical protocols, which are built by and for those who operate networks and develop technologies for end-users, these types of issues tend to either be left out of conversations entirely or are addressed briefly and then get brushed aside. The goal is to facilitate the reading and understanding of the groups and scenarios where protocols need to have an impact, ie, the internet technological industry.

In this article, we look at the DULT (Detecting Unwanted Location Trackers) working group that falls under the IETF (Internet Engineering Task Force). The group is putting together a set of documents to address a certain type of TFGBV: location-tracking Bluetooth devices.

For the past 2+ years, DULT has been developing a threat model for tracking devices that run on collaborative location networks, like Apple’s Find My or Google’s Find Hub. These networks allow thousands of devices to act as nodes, detecting Bluetooth signals from nearby tags, and logging their location to a central server. This can be executed passively, jeopardizing the users’ privacy by doing so without their explicit consent.

For a better understanding of how these networks function, you can see the Find My diagram’s network taken from the article Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System:

Diagram showing how a lost device broadcasts Bluetooth advertisements with a public key, finder devices upload encrypted location reports to Apple's servers, and the owner device downloads and decrypts the location reports.
Source: positive-security/find-you

This threat model is meant to serve as the foundation for a DULT protocol to detect unwanted tracking-location devices across different types of devices and apps in an interoperable way. But as the Intimate Partner Violence Digital Considerations (IPVC) draft (from the Human Rights Protocols Considerations Working Group) points out, those specific domestic violence scenarios are rarely included when building threat models for protocols. Whereas DULT does describe some of these scenarios, they’re not fully integrated into their conceptual architecture.

On that point, it is worth noting that this collaborative location-tracking technology was originally designed to find lost objects using a Bluetooth ecosystem to improve the user experience and expand the tracking infrastructure. But once reports of abusive tracking started coming in, alerts, signals, and other protective measures were added. Because there was never in mind a scenario where someone abusing a partner (not necessarily an attacker, in the way the document defines it) could have physical access to the devices or could coerce, share accounts, or simply disable alerts, we are still thinking and designing a system where that reality is the baseline. The question is, shouldn’t this be a standard thought?

A unique answer for very different realities

At this point, the DULT threat model is in its final stages of being written. Two more technical documents will come out of this: one laying out best practices for accessory manufacturers on how to implement unwanted tracking detection into their devices, and another one that defines the protocol for how the devices can report the tags seen, so that they can be easily located.

While final adjustments are still being discussed, and as part of our collective analysis on the work DULT is doing, we carried out a focus group with 12 people from different feminist helplines and projects working on TFGBV in Latin America. Our goal was to better understand the context where people resort to this kind of support in the region, and whether tracking technologies, such as the one we’ve mentioned before, represent a threat in the scenarios they see every day.

In the DULT threat model, hiding a tag on a backpack or a car is considered one of the main threats. However, when talking to helplines, we realized tags are not a core concern while tracking or monitoring is a very common type of violence widespread regionally. It happens through shared account use, real-time location sharing on phones, Google account history (these are the most used ones, just as with Android devices), parental control apps, and the like. Usually, abuse occurs by using the services already built into the phone and its associated accounts, and not by means of tags or any other additional hardware.

It was also mentioned that AirTags are not that common, since the use of Apple devices seems to be concentrated among middle and high-income sectors of society. According to data from Statcounter in February 2026, iOS accounts for over 20% in Latin America. Moreover, the tags market isn’t very popular yet, but there is some concern among people supporting TFGBV cases, since you can purchase these tracking devices online at affordable prices and compatible with Android. There’s a future risk that their reach and popularity could grow quickly and become the norm in wider population groups.

Another thing to consider is that in contexts where enforced disappearance and extreme violence are a reality, geolocalization can be perceived as a support and care tool to be used during that search. These technologies exist in realities where the physical safety of the family members from those disappeared and activists is at risk. A document such as DULT threat model does not consider how this technology can be used in contexts of structural violence in regions such as Latin America.

The impact of a document

As people working in technical support who accompany women and LBTQIA+ people suffering TFGBV, we believe an effort like DULT is tremendously valuable. It starts as a threat model grounded in a narrative description of situations or scenarios that are not just technological “use cases”, but they offer “realistic insights into the constraints of people being targeted through location-tracking tags.” (from the draft).

Therefore, we acknowledge that this document tries to consider different situations and it makes explicit its limited scope and ever-changing nature. We believe it’s important to reflect on the draft, which we hope will soon be published as an RFC document, not only as the foundation for other technical documents, but also in terms of the processes and consensual decisions made within the IETF working group.

The tone of this threat model needs to be understandable by manufacturers and developers, and it should stay within the scope of the technical protocol, as defined in the working group. The five scenarios described focus on the attacker as someone who places a device, tries to avoid detection, takes advantage of technical limitations, and doesn’t need access to their target’s personal accounts. However, in TFGBV contexts, it’s essential to consider that the attacker can have continuous physical access to the device, coerce, illegitimately share accounts, become the legal owner of the device or accounts, control the victim financially, and more.

As mentioned in the IPVC draft, these factors radically change the threat model, not only because of the power dynamics between the attacker and the targeted person, but also within a broader social context. That’s why TFGBV cannot be understood or addressed by only considering technical factors; it requires an understanding of social, structural, and contextual factors.

On the other hand, the DULT threat model proposes a threat matrix with probability and potential impact levels. However, as noted before, neither probability nor risk is universal. For instance, the threat of Deploying Multiple Tags is rated as high chance, whereas in Latin America, that probability could be medium or low, due to the costs and uneven network coverage. The threat of Heterogeneous Tags Networks depends strongly on the iOS and Android regional markets. This is a reality that underlies the DULT development work itself: it cannot be taken as a universal standard. Similarly, the Disabling Target Tag Detection is considered less likely to happen, but from our experience with TFGBV, we know that actual access to devices belonging to partners or ex-partners is extremely common.

The matrix is based on technical conditions from the Global North and does not reflect socioeconomic inequalities, cultural practices, or power dynamics from other regions, such as Latin America. On this point, we’d like to highlight a discussion that took place at the interim meeting on December 4th, 2025, about the level of expertise of those who had contributed to the development of this document, the importance of having this work over to people working with TFGBV, and what priorities a TFGBV document should have. Just to mention an example, in that discussion, it was mentioned that the people working on the threat model are experts on TFGBV, but there was no acknowledgement that their expertise is rooted in the context of the United States of America.

Prioritizing efficiency over equity

A lot of questions are under discussion at the moment, and they will be addressed as the technical documents are developed. As a hack-transfeminist working group, we are interested in understanding how (at the manufacturer’s level) the decision (for an end user) to disable the participation of their device as a node on the internet is handled. We are mentioning this because the DULT threat model assumes the existence of a collaborative network as a given condition. But how can informed consent and technical transparency for end users be guaranteed, understanding there’s a structural gap (both territorial and gender-wise) in access to technologies?

In Latin America, the issue of digital gender violence has been approached from various perspectives for over a decade. That’s how our interest began: wanting to understand and get involved in the technical developments around this issue, since they can affect both risk and threat situations, but also responses (technical, legal and psychosocial) needed to transform a critical situation like gender violence which persists and adapts to the digital environment (still emerging in several sectors of the Latin American population.)

The DULT threat model mentions TFGBV scenarios, but its development is still dominated by an abstract technical view, whereas the work of helplines and other support processes responding to TFGBV in Latin America (and many other regions of the Global Majority) draws on empirical, situated, and contextualized knowledge.

As Ruha Benjamin says in her book Race After Technology, to transform the way technologies work, we need to understand that it’s not enough to have the best intentions before technologies are deployed onto others. We have to stop prioritizing efficiency over equity. In our particular case, we believe the challenge of a group such as DULT is not mainly to translate the technical documents so they are digestible for “TFGBV experts.” It also implies transforming the standardization process itself, so that there is genuine commitment from the people doing supporting work, who know the needs first-hand in various contexts. Bearing that in mind, we need to understand that the technical standards are usually built on highly technical spaces, with economic and linguistic barriers, whereas organizations that support survivors of GBV and TFGBV work in contexts of continuous urgency, precarity, and overload.

Integrating this experience would require adding formal processes of regional consultation and funding the participation of civil society organizations in standardization spaces, while also acknowledging TFGBV as a primary scenario, not an exceptional one.

As we mentioned before, we appreciate the technical effort from the DULT working group, but we do believe it needs to be expanded. If this threat model aims to have a global reach, it needs to abandon the fiction of context neutrality, because that’s how the Global North positions itself as the model for the rest of the world. We need to add the diverse experiences of those working on these issues, and to do so with an intersectional approach, in a way that technological advances don’t pose a potential threat to certain contexts or historically vulnerable social groups in the global order.

/raiz_común is: Martu Isla (Independent), Linda (Social TIC), PatyMori (MariaLab), Juliana Guerra (Independent)

Translation: Florencia Aguilar and Sarah Reimann