The privacy industry is applauding the Federal Trade Commission for banning SpyFone and its CEO from the surveillance business following allegations they secretly harvested and sold real-time data that could easily lead stalkers and abusers to their potential targets.
The personal data, accessed through a hidden device hack, revealed device owners’ locations, phone use, and other online activities like email and video chats. Not only could stalkers and abusers access the data, but potentially so could identity thieves and other cybercriminals.
SpyFone purports to be a parental monitoring tool for keeping an eye on the kids. But as is often the case with these tools, it’s bought by abusers wanting to track the target of their abuse. This makes it stalkerware, for which the official definition is software, made available directly to individuals, that enables a remote user to monitor the activities on another user’s device without that user’s consent and without explicit, persistent notification to that user in order to intentionally or unintentionally facilitate intimate partner surveillance, harassment, abuse, stalking, and/or violence.
A key characteristic of stalkerware is that it requires physical access to a device to install it on that device, which means it’s most commonly installed by a person for the purposes of partner surveillance, facilitating gender-based and domestic violence, harassment, and sexual abuse. With stalkerware, abusers can track GPS location, call information, text messages and social media activity.
The FTC alleges that SpyFone.com and its CEO Scott Zuckerman:
- sold stalkerware apps that allowed purchasers to secretly monitor the device owner’s photos, text messages, web histories, GPS locations, and other personal data
- required purchasers using the app on Android devices to bypass many of the phone’s restrictions and instructed users on how to hide the app from the device owner
- failed to keep the data it illegally obtained secure with basic security measures.
This is the second case the FTC has brought against stalkerware apps, but the first in which it’s obtaining a ban. The FTC order also requires SpyFone to delete the information it collected illegally and notify device owners that the app had been secretly installed.
As a proud member of the Coalition Against Stalkerware helping to stop tech-facilitated violence and abuse, Anonyome Labs welcomes the FTC’s decision. This is a first from the FTC, and a good one at that. We hope it makes the entire stalkerware industry re-think its choices.
Anonyome Labs takes the protection of user data seriously. We empower people to be able to determine what information they share, and how, when and with whom they share it. Through our privacy and cybersafety application, MySudo, and our enterprise solutions in Sudo Platform, we help people to communicate and interact with third party services or other people without using their personally identifiable information (e.g. personal phone number, email address, credit card), which reduces the risk of that information being used for tracking or stalking.
For more information, visit www.stopstalkerware.org
Photo By Trismegist san