The FTC wants to shut down 'stalkerware,' apps that can hide inside people's phones and spy on their activity
- The FTC just brought its first case against a stalkerware app.
- "Stalkerware" is the term for consumer spyware that gives someone access to another person's phone, without that person's consent.
- Cybersecurity activists like Eva Galperin, who is the director of cybersecurity at the Electronic Frontier Foundation, have been pushing for more legal protections in this space.
- Visit Business Insider's homepage for more stories.
The Federal Trade Commission announced Tuesday that it was bringing its first case against a company that makes stalkerware, Retina-X Studios LLC.
According to the press release, the FTC alleges that Retina-X developed and sold three smartphone apps that "allowed purchasers to monitor the mobile devices on which they were installed, without the knowledge or permission of the device's user." One of these apps, MobileSpy, was marketed as a tool for monitoring employees and children. The others, PhoneSheriff and TeenShield, were both marketed towards parents for supervising children. Retina-X stopped selling all three apps in 2018, but by then the company had already sold 15,000 subscriptions, according to the FTC.
The FTC alleges that these apps exposed devices on which they were downloaded to security vulnerabilities because purchases were required to bypass manufacturer restrictions to install them. It also alleges that the person with the subscription could access sensitive information, including GPS location and online activity, of the device owner.
The apps could be installed without the device owner's knowledge and consent; Each app came with instructions to remove the app from the device homescreen, so it would not be visible to the owner. The case also alleges that Retina-X did not adequately protect information collected by the apps. According to the FTC, a hacker twice accesses the company's database between February 2017 and 2018, and obtained photos, passwords, GPS locations, and more.
Activists and journalists have been drawing attention to the dangers of stalkerware, or spouseware, for years. In 2018, Vice's MotherBoard published a series about surveillance software people use in their personal lives, with articles like "How to tell if your partner is spying on your phone." Its use has been particularly dangerous for people with controlling or abusive partners. In 2014, NPR surveyed 70 shelters, and 75% said that they'd worked with victims whose abusers surveilled them through stalkerware.
Eva Galperin of the Electronic Frontier Foundation is one of the advocates trying to take on stalkerware.
"I'll take what I can get," Galperin told Business Insider in a phone interview about the FTC case, although she said it's unclear what message companies will take from it. "The basis of the action is not that they're[Retina-X] making stalkerware, it's that they're not making secure stalkerware."
Galperin said that companies making stalkerware could see this as a push to get out of the industry, or they could stay in the stalking app business and focus on security.
In the settlement between the FTC and Retina-X, the company must make sure that the apps are used only for the purpose they are sold for, and it must destroy all data collected by the apps so far.
Retina-X did not respond to a request for comment.