Protect shelter staff and survivor locations using full-disk encryption on all devices, separate work phones without location services, Signal-encrypted communications, and databases that redact precise addresses while retaining only essential case information. Implement access controls limiting staff visibility to only their assigned cases, disable metadata from photos before sharing, and use Tor for any external communications about residents. This guide covers technical implementations for protecting location data, securing communications, and maintaining operational security in shelter management systems.

Prerequisites

Before you begin, make sure you have the following ready:

• A computer running macOS, Linux, or Windows
• Terminal or command-line access
• Administrator or sudo privileges (for system-level changes)
• A stable internet connection for downloading tools

Step 1 - Understand the Threat Model

Location exposure in domestic abuse contexts can have severe consequences. Abusers often possess technical knowledge and may attempt to:

• Track victims through shared device location services
• Monitor shelter locations through public records or social engineering
• Intercept communications containing location information
• Use metadata from photos or messages to determine shelter areas

Shelter staff need defense in depth. No single measure provides complete protection. The goal is raising the cost of surveillance beyond what most adversaries can sustain.

Step 2 - Device Hardening for Staff

Mobile Device Configuration

Staff devices should disable location services by default and enable only when necessary. On iOS, use Shortcuts to create toggle shortcuts for quick enable/disable:

iOS Shortcut automation concept
When leaving shelter premises - disable location
When arriving at shelter - enable for navigation only

For Android, Tasker or Locale apps can automate similar behavior based on geofences around the shelter. The key principle: location services should be off during sensitive communications.

Removing Tracking Vectors

Staff devices require careful audit:

1. Remove Find My device sharing. Any shared family Apple ID or Google account with location sharing enabled compromises the device
2. Disable automatic WiFi logging. Turn off “Connect to Known Networks” and avoid storing shelter network names
3. Review app permissions. Many apps request unnecessary location access
4. Use browser privacy mode. Staff browsing should use containers or private windows

Firefox container setup for sensitive browsing
Create separate containers for:
- Shelter operations (work)
- Personal activities (personal)
Never mix the two in same session

Step 3 - Network-Level Protection

DNS Configuration

Staff networks should use privacy-respecting DNS to prevent query logging:

macOS DNS configuration
networksetup -setdnsservers Wi-Fi 1.1.1.1 1.0.0.1
Or use encrypted DNS
networksetup -setdnsservers Wi-Fi 1.1.1.1 1.0.0.1
For DoH (DNS over HTTPS) - configure in System Preferences

Consider running a local DNS resolver like dnscrypt-proxy for encrypted upstream queries.

VPN Implementation

Staff working remotely require VPN access to shelter systems. Self-hosted solutions using WireGuard provide better privacy properties than commercial alternatives:

WireGuard server configuration example
[Interface]
PrivateKey = <server-private-key>
Address = 10.0.0.1/24
ListenPort = 51820

[Peer]
PublicKey = <client-public-key>
AllowedIPs = 10.0.0.2/32
PersistentKeepalive = 25

WireGuard’s minimal codebase makes auditing easier than OpenVPN alternatives.

Step 4 - Secure Communications

Encrypted Messaging

Signal remains the gold standard for encrypted communications. Configure it properly:

• Enable disappearing messages for all conversations
• Disable notification previews on the lock screen
• Register a phone number used exclusively for shelter work
• Enable screen security to prevent screenshots

For staff who need anonymity, consider VoIP numbers from privacy-respecting providers rather than primary personal numbers.

Email Configuration

When staff must communicate via email, enforce PGP encryption for sensitive threads:

Generate a dedicated work key (Ed25519 for modern compatibility)
gpg --full-generate-key
Key type - ECC
Curve - Curve25519
Expiration - 1 year (rotate regularly)

Store private keys on hardware tokens when possible. This prevents key extraction if devices are compromised.

Step 5 - Application-Level Location Protection

Photo Metadata Scrubbing

Photos shared within shelter systems must have EXIF data removed. Many programming languages provide libraries for this:

Python example using piexif
import piexif
from PIL import Image

def remove_exif(image_path, output_path):
    """Remove all EXIF data from an image."""
    img = Image.open(image_path)
    data = list(img.getdata())
    img_no_exif = Image.new(img.mode, img.size)
    img_no_exif.putdata(data)
    img_no_exif.save(output_path, "JPEG")

For batch processing, use ExifTool:

Remove all metadata from images
exiftool -all= -overwrite_original *.jpg

Coordinate Obfuscation

When location data must appear in systems, implement coordinate fuzzing:

import random
import math

def fuzz_coordinates(lat, lon, radius_meters=500):
    """Add random offset to coordinates."""
    # Approximate: 0.01 degree ≈ 1.1km
    offset = radius_meters / 111000
    return (
        lat + random.uniform(-offset, offset),
        lon + random.uniform(-offset, offset)
    )

This allows general area display without exposing exact addresses.

Step 6 - Operational Security Patterns

Incident Response Communication

When responding to emergencies, use communication channels that don’t log metadata extensively:

• Prefer Signal to SMS or standard voice calls
• Use burn-after-reading for temporary communications
• Establish predetermined code words for location references
• Have backup communication plans when primary channels fail

Data Minimization in Records

Shelter databases should collect only essential information:

• Store addresses as general areas rather than exact coordinates
• Use case numbers instead of names where possible
• Implement data retention policies that delete old records automatically
• Encrypt sensitive fields at rest using envelope encryption

-- Example: Storing approximate location
CREATE TABLE clients (
    id SERIAL PRIMARY KEY,
    case_number VARCHAR(20) UNIQUE,
    general_area VARCHAR(100),  -- Neighborhood/district only
    intake_date DATE,
    notes_encrypted BYTEA
);

Physical Security Considerations

Technical measures fail without physical security discipline:

• Devices should require biometric or hardware-backed authentication
• Screens should lock automatically after short timeouts (1-2 minutes)
• Physical documents should be stored in locked cabinets
• Staff should avoid working with sensitive data in public spaces
• Shred all printed materials containing survivor information

Troubleshooting

Configuration changes not taking effect

Restart the relevant service or application after making changes. Some settings require a full system reboot. Verify the configuration file path is correct and the syntax is valid.

Permission denied errors

Run the command with sudo for system-level operations, or check that your user account has the necessary permissions. On macOS, you may need to grant terminal access in System Settings > Privacy & Security.

Connection or network-related failures

Check your internet connection and firewall settings. If using a VPN, try disconnecting temporarily to isolate the issue. Verify that the target server or service is accessible from your network.

Frequently Asked Questions

How long does it take to domestic abuse shelter staff?

For a straightforward setup, expect 30 minutes to 2 hours depending on your familiarity with the tools involved. Complex configurations with custom requirements may take longer. Having your credentials and environment ready before starting saves significant time.

What are the most common mistakes to avoid?

The most frequent issues are skipping prerequisite steps, using outdated package versions, and not reading error messages carefully. Follow the steps in order, verify each one works before moving on, and check the official documentation if something behaves unexpectedly.

Do I need prior experience to follow this guide?

Basic familiarity with the relevant tools and command line is helpful but not strictly required. Each step is explained with context. If you get stuck, the official documentation for each tool covers fundamentals that may fill in knowledge gaps.

Is this approach secure enough for production?

The patterns shown here follow standard practices, but production deployments need additional hardening. Add rate limiting, input validation, proper secret management, and monitoring before going live. Consider a security review if your application handles sensitive user data.

Where can I get help if I run into issues?

Start with the official documentation for each tool mentioned. Stack Overflow and GitHub Issues are good next steps for specific error messages. Community forums and Discord servers for the relevant tools often have active members who can help with setup problems.

Related Articles

• Privacy Setup For Domestic Abuse Shelter Staff: Protecting
• Privacy Setup For Safe House Protecting Location
• Privacy Setup For Reproductive Healthcare Provider
• Privacy Setup For Immigration Activist Protecting Undocument
• Privacy Setup For Abuse Hotline Worker Protecting Caller
• AI Coding Assistant Session Data Lifecycle Built by theluckystrike. More at zovo.one