OUR SM SITES:
Ted's Blog

Stalkerware apps struck down for the first time ever by the FTC

stalkerware
Hollywood has us believing that spyware technology is only used by secret-agent hackers who plant tracking devices in the wheels of cars or in the soles of shoes. But in reality, “stalkerware” isn’t as high-tech or inaccessible as we’re led to believe. It’s a tool that can be harnessed as a dangerous weapon, stripping people of their privacy — especially women in abusive relationships.

Stalkerware technology, also known as “spouseware,” takes the form of applications or add-ons to a device that allows someone to remotely monitor another person’s activity. This technology has become increasingly accessible, but yesterday, the Federal Trade Commission (FTC) made its first case against the developers behind three stalking apps — originally created to monitor children and employees – that may also be used for illegitimate purposes.

The Florida-based company Retina-X Studios is no longer permitted to promote its apps unless the creators can provide sufficient evidence that the app isn’t being exploited for more sinister reasons. The apps under investigation include MobileSpy, TeenShield, and PhoneSheriff — parental surveillance apps, which had sold approximately 15,000 subscriptions before being banned. The apps allowed people to read texts, view photos, and access the GPS location of a phone it had secretly been installed on.

“Although there may be legitimate reasons to track a phone, these apps were designed to run surreptitiously in the background and are uniquely suited to illegal and dangerous uses,” Andrew Smith, Director of the FTC’s Bureau of Consumer Protection, said in a statement.

While developers who create these apps are to blame, the responsibility also falls into the hands of Google and Apple to remove these tools from its app stores. The FTC’s report notes that Retina-X apps bypass both Android and iOS security restrictions which allows them to collect sensitive data and expose devices to security vulnerabilities.

In 2017, Motherboard reported that a hacker targeted Retina-X multiple times. The first hack involved customer data such as the GPS locations of infected phones, as well as photos, text messages, emails, and contacts obtained by the company’s own stalkerware.

There has been little research on stalkerware or attempts to grasp its true scale, but a 2018 study by researchers at Cornell University found that there are dozens of stalkerware tools easily available on the AppStore. However, the authors warned the majority are “dual use” apps masquerading as child safety or anti-theft tools, which can easily be repurposed for spying on a partner or spouse, such as PhoneSheriff.

“While Retina-X claimed in its legal policies that the apps were intended for monitoring employees and children, Retina-X did not take any steps to ensure that its apps were being used for these purposes,” Smith added.

As “The Predator in your Pocket” study points out, the availability of stalkerware apps is the result of a broader social condition that either leads developers to believe it’s appropriate to create software designed for stalking or to create surveillance apps that can be easily repurposed to spy on a partner.

To dodge legal implications, tracking apps use legal disclaimers, discreetly tucked away on their websites, that outline the primary purpose of these apps as “parental surveillance” tools. However, the reality is clearly very different. As tech continues to further embed itself in our daily lives, the law must keep pace with developments and recognize in cases such as this, that apps can have unforeseen consequences that people need to be protected against. The FTC’s first step can only be seen as a step in the right direction.

Note: This a reprint of an article by Cara Curtis appearing on the TNW web site.