- Towfiqu Photography
- The FTC just brought its first case against a stalkerware app.
- “Stalkerware” is the term for consumer spyware that gives someone access to another person’s phone without that person’s consent.
- Cybersecurity activists like Eva Galperin, who is the director of cybersecurity at the Electronic Frontier Foundation, have been pushing for more legal protections in this space.
- Visit Business Insider’s homepage for more stories.
The Federal Trade Commission announced on Tuesday that it was bringing its first case against a company that makes stalkerware, Retina-X Studios LLC.
According to the press release, the FTC alleges that Retina-X developed and sold three smartphone apps that “allowed purchasers to monitor the mobile devices on which they were installed, without the knowledge or permission of the device’s user.” One of these apps, Mobile Spy, was marketed as a tool for monitoring employees and children. The others, PhoneSheriff and TeenShield, were both marketed toward parents for supervising children. Retina-X stopped selling all three apps in 2018, but by then, the company had already sold 15,000 subscriptions, according to the FTC.
The FTC alleges that these apps exposed devices on which they were downloaded to security vulnerabilities because purchases were required to bypass manufacturer restrictions to install them. It also alleges that the person with the subscription could access sensitive information, including GPS location and online activity, of the device owner.
The apps could be installed without the device owner’s knowledge or consent; Each app came with instructions to remove the app from the device home screen so it would not be visible to the owner. The case also alleges that Retina-X did not adequately protect information collected by the apps. According to the FTC, a hacker twice accessed the company’s database between February 2017 and 2018, and obtained photos, passwords, GPS locations, and more.
Activists and journalists have been drawing attention to the dangers of stalkerware, or spouseware, for years. In 2018, Vice’s Motherboard published a series about surveillance software people use in their personal lives, with articles like “How to tell if your partner is spying on your phone.” Its use has been particularly dangerous for people with controlling or abusive partners. In 2014, NPR surveyed 70 shelters, and 75% of them said that they had worked with victims whose abusers surveilled them through stalkerware.
Eva Galperin of the Electronic Frontier Foundation is one of the advocates trying to take on stalkerware.
“I’ll take what I can get,” Galperin told Business Insider in a phone interview about the FTC case, though she said it was unclear what message companies would take from it. “The basis of the action is not that they’re making stalkerware, it’s that they’re not making secure stalkerware.”
Galperin said that companies making stalkerware could see this as a push to get out of the industry, or they could stay in the stalking-app business and focus on security.
In the settlement between the FTC and Retina-X, the company must make sure that the apps are used only for the purposes they are sold for, and it must destroy all data collected by the apps so far.
Retina-X did not respond to a request for comment.