what fatcousin tools
may not be used for.
fatcousin is built for honest, lawful, defensive work — for investigators, journalists, security researchers, IT admins, parents, and individuals trying to understand their own data and devices. this page lists the uses that are explicitly out of scope. they apply to every tool on the site, regardless of how you reached it.
1. core principle
fatcousin processes files locally, on your device. the operator cannot see, log, or recover anything you put into a tool. this means responsibility for what you do with these tools rests entirely with you. the policy below exists to be clear about what crosses the line — not because the operator can enforce it remotely, but because the project will not knowingly support these uses, and individuals who do them are on their own legally.
2. prohibited uses
you may not use any fatcousin tool to:
- stalk, harass, threaten, intimidate, blackmail, or otherwise target an individual or group;
- conduct covert surveillance of a person — including, without limitation, tracking their location, monitoring their devices or accounts, intercepting their communications, or analyzing data extracted from a device you do not have lawful authority to access;
- access, decrypt, or analyze any data, account, device, system, or network you do not own or are not legally authorized to examine;
- facilitate intimate-partner violence, coercive control, or any form of domestic abuse — including but not limited to using tools labeled as “stalkerware sweep”, “ipv”, or “device pairing” against a partner or family member you intend to control, monitor, or harm;
- doxx, deanonymize, or expose the private information of any individual against their will;
- generate, possess, or analyze child sexual abuse material (CSAM), or any content that sexually exploits a minor;
- evade lawful court orders, law-enforcement processes, or regulatory requirements;
- commit fraud, identity theft, financial crimes, or election interference;
- develop, deploy, or distribute malware, ransomware, exploits, or offensive cyber capabilities targeting any system you are not authorized to attack;
- violate any applicable law, regulation, or court order in your jurisdiction or the jurisdiction of the data subject.
3. dual-use categories
several categories of tool inside fatcousin forensics — the investigator-facing section at /forensics — are dual-use by nature: stalkerware-detection tools can be inverted into stalkerware deployment guides; intimate-partner-violence sweep tools could be run by an abuser instead of a survivor; chain-of-custody and evidence tools can be used to construct false records as easily as truthful ones.
fatcousin forensics tools in these categories are designed and labeled defensively. running them as an aggressor — including running a “stalkerware sweep” on a device that belongs to someone else, or building a fabricated chain of custody — is explicitly prohibited regardless of the tool's wording. you are responsible for the role you are playing in a given investigation.
4. authority & consent attestation
by using fatcousin you affirm that:
- you have the legal right to process the data you place into a tool — by ownership, by court order, by documented authorization from a data subject, or by other lawful basis;
- you are not acting on behalf of, or for the benefit of, any person whose stated purpose would violate this policy;
- you understand that storing case-sensitive material in browserlocalStorage, IndexedDB, or anywhere else on a device used by other people may itself create a disclosure risk, and you accept responsibility for managing it.
5. reporting abuse
if you believe a fatcousin tool is being used against you — for example, if you suspect someone is using a tool here to analyze devices or data taken without your consent — please contact a domestic-violence support organization or law-enforcement agency appropriate to your jurisdiction. the operator does not store or transmit user content and cannot intervene technically, but is willing to remove or restructure any tool whose framing measurably enables abuse. send observations to the email listed in the repository's README.
6. enforcement
because tools run locally, the operator has no real-time means of enforcing this policy against an individual user. enforcement rests with the legal system of the relevant jurisdiction. nothing in this policy waives, limits, or extinguishes any criminal or civil liability arising from misuse — those remain entirely with the user.
the operator reserves the right to remove, rename, or restructure any tool whose existence the operator concludes meaningfully contributes to harm, even where individual instances of misuse cannot be traced.