If you’re filing for divorce, assume your devices are already compromised.

Not might be. Are.

This isn’t a worst-case scenario framing. It’s the operationally correct starting assumption. And the people who don’t start there tend to find out why they should have, after it’s too late to change anything.

Why the assumption matters

In a contested divorce, your digital life becomes evidence. Your messages. Your location history. Your browser history. Your emails. Who you called, when, and for how long.

Account access doesn’t require technical sophistication. It requires having been in a relationship with someone for years. They know your password patterns. They may have access to your email account, your iCloud, your Google account.

The full mechanics of how that access plays out, from forgotten permissions to email forwarding rules, sit in your spouse is probably reading your messages. The pattern is documented enough that lawyers tell clients to audit on day one.

The six most common access vectors

Shared cloud accounts. If your photos, messages, or documents sync to a shared family iCloud or Google account, they are accessible to anyone with the account credentials.

Password knowledge. Most people reuse passwords or follow predictable patterns. A spouse of several years has seen you log in hundreds of times.

Shared devices. A tablet used by both of you. A laptop left unlocked. Physical access, even brief, is enough to check messages, review history, or install monitoring software.

Location sharing. Many couples set up family location sharing apps. Find My, Google Family Sharing, Life360 and then forget about them. If you haven’t checked, assume it’s still active.

Email forwarding rules. A rule configured in your email account that silently forwards a copy of every message to a second address. Takes two minutes to set up. Invisible unless you look for it specifically.

Spyware. Consumer-grade monitoring applications, marketed as parental controls or employee monitoring, are readily available, inexpensive, and hard to detect.

The assessment checklist

Before any audit, the broader sequence of decisions sits in our digital privacy checklist before filing for divorce. The list below is the short version, ordered for someone working alone with a phone they no longer fully trust.

Check your active sessions. Every major platform, including Google, Apple, Facebook, and WhatsApp, shows you which devices are currently logged in. Review them.

Check your email forwarding rules. In Gmail: Settings > See all settings > Forwarding and POP/IMAP. In Outlook: Settings > View all Outlook settings > Mail > Forwarding.

Review app permissions on your phone. Specifically: which apps have access to your location, your microphone, and your camera.

Check connected apps. In Google: myaccount.google.com/permissions. In Apple: appleid.apple.com > Sign-In and Security > Apps & Websites.

Frequently asked questions

Can my spouse track my phone during a divorce?

If location sharing is enabled on your device, through Find My, Google Maps, or a third-party app, yes. Check all sharing settings immediately.

Should I delete messages before filing for divorce?

No. Deleting messages after a dispute is reasonably anticipated can constitute spoliation of evidence in most jurisdictions. Before deleting anything, consult a lawyer.

How can I tell if there is spyware on my phone?

Unusual battery drain, data usage that does not match your behaviour, the device warm when it should be idle. None of these confirm spyware on their own. The reliable answer is a full factory reset, but do not do that before getting legal advice in an active dispute. Spyware can also be evidence in your favour, depending on the jurisdiction and how it was installed.

Should I tell my lawyer about device access concerns?

Yes, in the first conversation. Your lawyer needs to know what the other side may have seen, what you have already searched and read, and what your devices have logged. The audit is part of the case strategy. Surprises late in the process tend to cost more than surprises raised on day one.

What not to do

Don’t delete communications. Depending on your jurisdiction, deleting messages or documents after filing can constitute spoliation of evidence. Speak to a lawyer first.

The same logic applies to social media. The pattern of judges using Instagram posts as evidence shows that deletion after a dispute begins is itself flagged in proceedings. Stop creating new content rather than try to erase what already exists.

Don’t use shared devices for anything sensitive. Not for research. Not for communication with your lawyer.

---

You don’t get to choose when the audit starts. You only get to choose whether you did one first.

There’s no perfect setup. Anyone selling you perfect is selling fear. The goal is simple: make yourself a harder target than the person next to you.