● Flagship paper · 2025 Peer-reviewed · CAIS / ACIS 2025 · Open access

Lagging, not leading, in technology-facilitated domestic and family abuse.

A scoping review of 15 years of Information Systems literature found just twelve papers. A call for the field to confront its silence.

A/Prof Sultana Lubna AlamUniversity of Sydney · ORCID 0000-0002-3600-6047
A/Prof Rosetta RomanoUniversity of Canberra
Andrew CollinsNansen Digital Forensics, Australia
Mehmood ChadharFederation University Australia
Rose MacDonaldNansen Digital Forensics, Australia
Read on UC Research Profiles → Read abstract Cite this paper Modern Slavery Methodology →

Abstract

Technology-facilitated domestic and family abuse (TFDFA) represents a deeply troubling manifestation of the dark side of digital technologies — tools that simultaneously empower and enable harm. While disciplines such as criminology, sociology, and public health have increasingly examined this phenomenon, the Information Systems (IS) field has remained conspicuously silent.

Our scoping review of IS literature from 2010 to 2025 uncovered only a handful of relevant publications, revealing a striking disciplinary neglect that may reflect deeper taboos and ethical blind spots. Recent findings from ANROWS underscore the urgency: one in two Australian adults report victimisation through technology-facilitated abuse, and one in four admit perpetration — often within intimate relationships.

This panel paper combines viewpoints from academia, law, and protective security to explore how digital platforms shape multi-faceted abuse, digital agency, and risk amelioration; while exposing the legal, platform and societal barriers that deter IS engagement. We argue for a more inclusive IS research agenda that addresses technology's dual capacity to empower and to harm, foregrounds the experiences of vulnerable populations, and develops frameworks, interventions, and design principles that mitigate abuse while enhancing digital resilience.

Keywords Technology-facilitated abuse Domestic & family violence IS silence AI & synthetic content Coercive control Digital forensics
The numbers behind the silence

The field has had 15 years to look. It hasn't.

12
IS papers on TFDFA found in our scoping review of 2010–2025 literature.
1 in 2
Australian adults report victimisation through technology-facilitated abuse.
1 in 4
Australian adults admit perpetration — often within intimate partner relationships.
Source: Powell et al. 2022 — ANROWS / Australia's National Research Organisation for Women's Safety
Five things this paper argues

The case for ending IS silence on TFDFA.

Drawing on 100+ Digital Safety Assessment reports from Nansen Digital Forensics, a comprehensive scoping review of IS and adjacent literature, and field experience across protective security, law, and academic research.

i.

Technology is dual: it enables both abuse and resistance.

Syncing, remote access, shared accounts and cloud services facilitate coercive control — but the same affordances offer pathways for protection when used well. Design choices, not technology itself, decide which prevails.

ii.

Session persistence is a structural vulnerability.

Most cloud services maintain session persistence even after password resets — an experience optimisation that lets perpetrators retain account access independently of credential changes. This is a design problem, not a user problem.

iii.

LLMs lower the barrier to attack — and amplify trauma bias.

Perpetrators without IT backgrounds use systems like ChatGPT to acquire expert-level attack guidance. Survivors in trauma states use the same systems for self-diagnosis — and receive outputs that systematically reinforce, not challenge, distorted threat perceptions.

iv.

Detection failure is the most dangerous gap.

Service providers frequently fail to identify account compromise. False-negative detection translates directly to prolonged victim exposure — particularly at the moment of separation, when survivors are at greatest risk of escalation.

v.

The justice burden falls on survivors.

Survivors must repeatedly report, authenticate, appeal and re-explain harm across fragmented institutional systems. Synthetic abuse amplifies this: deepfakes destabilise evidentiary trust and accelerate re-exposure. Outcome accountability — not procedural compliance — must replace activity metrics.

vi.

Children's devices are surveillance infrastructure post-separation.

Shared accounts, location services, school platforms and messaging apps permit indirect monitoring, contact enforcement, and information extraction through children — bypassing parenting orders and protective regimes through technical rather than physical contact.

Section i

The dual role of technology — A/Prof Lubna Alam.

Domestic and Family Abuse is a longstanding, global problem. Its prevalence is currently increasing as perpetrators use technologies and devices — mobile phones, surveillance apps, spyware, video cameras — to extend control into the digital realm.

Technological affordances are double-edged. Features like syncing, remote access, and shared accounts facilitate control, but also offer pathways for protection when used effectively. The ubiquity of digital technology affords both perpetration and victimisation in the context of digitally-facilitated abuse.

"Digital technology is not neutral in DFA. It actively shapes the possibilities for both abuse and protection."

From a structured analysis of 100+ Digital Safety Assessment reports conducted by Nansen Digital Forensics between 2023 and 2025, we draw a nuanced picture of how digital ubiquity affords both perpetration and resistance:

  • Ubiquity enables constant access and control — phones, cloud accounts, smart devices and apps allow perpetrators to maintain remote control via cloud services, password managers, and MDM tools long after separation.
  • Affordances facilitate covert surveillance — Life360, parental controls, and shared accounts repurposed to track movements, redirect calls (Truecaller), or clone devices.
  • Blurred boundaries enable victimisation — ambiguous device ownership, unintended sync exposure, and difficulty proving compromise.
  • Victims are disempowered by complexity — most don't understand app permissions, account recovery settings, or the presence of monitoring tools.
  • Technology also affords resistance and recovery — MFA, secure platforms, encrypted email, and structured digital safety audits return agency to survivors.
Section ii

Exposing the silence — A/Prof Rosetta Romano.

We examined IS engagement with TFDFA by analysing scholarly coverage from 2010 to 2025. Research in this area is nascent, marked by what we call a shameful silence — just twelve papers within the discipline. Even after broadening the catchment to peer-reviewed conference papers in related non-IS publications, only forty-one papers address TFDFA, despite the pervasive use of technology for DFA over the past 15 years.

The criminology and social sciences disciplines are mature in their thinking. They use theories of learned helplessness, the cycle-of-violence, coercive control, and domestic violence. IS, by contrast, has applied general theories of system interaction and use — Actor Network theory, Agency theory, Boundary Object theory — without engaging with the lived experience of the people the technology shapes.

The literature review describes a new research agenda for the IS community focused on Technology, People, and Processes (TPP). A TPP agenda considers the technology used both for abuse by perpetrators and for protection of victim-survivors; the people in the TFDFA ecosystem (first responders, social supports, DV service providers, courts, legal staff); and the processes and data within and across the ecosystem.

Section iii

The role of Digital Safety Audits — Andrew Collins & Rose MacDonald.

From the analysis of Nansen DSA reports, technology interventions play a critical role in mitigating abuse and compromise:

Detection of hidden threats.

DSAs uncover spyware and tracking apps (mSpy, Life360), unauthorised cloud account access, and legacy device connections that often go unnoticed by users — especially when perpetrators use subtle or covert methods.

Guided remediation.

Audits lead to MFA setup, device resets, removal of unknown devices, education on app permissions and account hygiene, and recommendations for abandoning compromised systems and creating secure alternatives.

Empowerment through awareness.

Most clients lack awareness of how their devices and accounts are being monitored, the implications of shared access and cloud syncing, or the risks of weak security settings. DSAs are a learning tool as much as a diagnostic one.

Evidence for legal and support pathways.

DSAs document patterns of abuse, technical evidence of compromise, and misuse of children's data and shared accounts — supporting referrals to authorities (eSafety Commissioner), forensic imaging, and case worker coordination.

Prevention and long-term safety planning.

By identifying systemic vulnerabilities, DSAs help simplify digital ecosystems, establish secure platforms, and plan risk mitigation strategies with support teams. They shift the focus from reactive fixes to proactive digital resilience.

"DSAs are not just diagnostic, they are transformative. They bridge the gap between technical complexity and personal safety."
Section iv

Emerging technologies — risks and opportunities.

LLMs are democratising attack capability.

Perpetrators lacking formal IT credentials are leveraging large language model systems to acquire expert-level guidance for attacks that would otherwise exceed their technical capabilities. Safety mechanisms are readily circumvented through prompt engineering, enabling the generation of methodologically sound attack guidance.

Compounding this, contemporary cloud services maintain session persistence even after password resets — a UX optimisation that paradoxically enables spyware to retain account access independently of credential changes. The convergence of LLM-enabled knowledge accessibility and permissive session architectures creates a substantially elevated threat landscape.

Trauma bias and AI: a parallel danger.

A second, equally concerning phenomenon: individuals experiencing TFA are using consumer-grade LLMs for self-diagnosis and evidence interpretation. Trauma impairs critical evaluation. The systems' apparent analytical authority, combined with iterative directional prompting, produces outputs that escalate threat perception rather than resolve it — what we characterise as bias hallucination.

In one case study, a survivor's repeated querying of an LLM with a benign network capture file produced increasingly alarming outputs — eventually concluding the traffic indicated an imminent lethal threat, despite the underlying data showing only routine encrypted Google Play Store activity.

Synthetic media and the justice burden — Dr Mehmood Chadhar.

AI-driven abuse reconfigures coercive control along four dimensions: scale, credibility, persistence, and epistemic destabilisation. Generative systems enable low-cost, high-fidelity fabrication of intimate imagery, voice and identity. The credibility of synthetic media destabilises evidentiary trust — visual records become contestable, shifting epistemic burdens onto survivors to authenticate themselves and disprove falsifications.

Coercion becomes infrastructural: abuse embedded within cloud services, platforms, and device ecosystems, producing ambient continuous surveillance rather than discrete incidents. Reducing the justice burden requires a shift from procedural compliance to outcome accountability — measuring time-to-removal, re-upload recurrence, and survivor-reported outcomes, not activity metrics.

Section v

A call to action.

We conclude with a provocation: why has IS remained silent, and what must change?

This is a call for the IS community to confront the ethical and societal dimensions of technology-facilitated abuse — and to lead in designing responsible, inclusive, and protective systems. The institutional, ethical, and societal barriers that have marginalised TFDFA in IS research are rooted in stigma and entrenched bias. They are also resolvable.

Through strong national leadership, harmonised standards, an industry-led code of practice, and an IS research agenda that foregrounds vulnerable populations — Australia can develop a protective-security ecosystem that is technically robust, survivor-centred, and responsive to the rapidly evolving dynamics of technology-facilitated abuse.

We acknowledge the victims and survivors of TFDFA. This panel is a contribution to improving responses, and ultimately to preventing these harms.

Citation

How to cite this paper.

APA · 7th edition

Alam, S. L., Romano, R., Collins, A., Chadhar, M., & MacDonald, R. (2025). Lagging, not leading in technology-facilitated domestic and family abuse: A call for urgent engagement in Information Systems research. Communications of the Association for Information Systems / Australasian Conference on Information Systems, panel paper.

BibTeX

@inproceedings{alam2025lagging, author = {Alam, Sultana Lubna and Romano, Rosetta and Collins, Andrew and Chadhar, Mehmood and MacDonald, Rose}, title = {Lagging, Not Leading in Technology-Facilitated Domestic and Family Abuse: A Call for Urgent Engagement in Information Systems Research}, booktitle = {Australasian Conference on Information Systems / CAIS}, year = {2025} }

Open access

Read the full paper.

This is a peer-reviewed panel paper presented at CAIS / ACIS 2025. It is published open-access. We encourage circulation, citation, and use in policy, practice, and further research.

Read on UC Research Profiles → Research enquiry More research from the Centre →