wordpress blog stats
Connect with us

Hi, what are you looking for?

US FTC bans stalkerware app from surveilling phones after finding company harvested personal data

The app allegedly allowed users to keep close tabs on people including their physical movements.

The United States Federal Trade Commission on September 1 banned the company SpyFone from engaging in the surveillance business, following allegations that the “stalkerware” app company secretly harvested and shared data on people’s physical movements, phone use, and online activities through a concealed hack of victims’ devices.

“The company’s apps sold real-time access to their secret surveillance, allowing stalkers and domestic abusers to stealthily track the potential targets of their violence. SpyFone’s lack of basic security also exposed device owners to hackers, identity thieves, and other cyber threats. In addition to imposing the surveillance-business ban, the FTC’s order requires SpyFone to delete the illegally harvested information and notify device owners that the app had been secretly installed,” the FTC said in a press release.

Stalkerware is a growing phenomenon around the world and can thrive in places with scant privacy laws. While a lot of platform-based privacy concerns are largely at a macro-level, stalkerware allows motivated individuals to keep scarily close tabs on people. The US does not have a data privacy law (like the European Union) but its action against the stalkerware business model could motivate similar action elsewhere.

According to security firm Kaspersky, India is the nation with the fourth-highest incidence of stalkerware incidents, with at least 4,627 cases identified; it is the most affected country in Asia per the firm’s estimates (quite possibly after China, which curiously doesn’t figure in the top ten).

FTC will seek “surveillance bans” in extreme cases

 “SpyFone is a brazen brand name for a surveillance business that helped stalkers steal private information,” said Samuel Levine, Acting Director of the FTC Bureau of Consumer Protection. “The stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company’s slipshod security. This case is an important reminder that surveillance-based businesses pose a significant threat to our safety and security. We will be aggressive about seeking surveillance bans when companies and their executives egregiously invade our privacy.”

Advertisement. Scroll to continue reading.

The FTC alleged that the app allowed purchasers to surreptitiously monitor photos, text messages, web histories, GPS locations, and other personal information of the phone on which the app was installed without the device owner’s knowledge.

How SpyFone works

To install its software, SpyFone required purchasers who used the apps on Android devices to bypass many of the phone’s restrictions. The stalkerware company also provided instructions on how to hide the app so that the device user was unaware the device was being monitored, the FTC alleged. In order to use some functions, such as monitoring email, purchasers had to “root” a phone on which the app is installed, removing factory restrictions on a device.

Some of the products allowed a purchaser to see the device’s live location and view the device user’s emails and video chats.

  • Data not kept secure: The FTC alleged that SpyFone did not put in place basic security measures despite promising that it took “reasonable precautions to safeguard” the information it illegally harvested. The stalkerware apps’ security deficiencies include not encrypting personal information it stored, including photos and text messages; failing to ensure that only authorised users could access personal information, and transmitting purchasers’ passwords in plain text.
  • Breach not investigated: Moreover, after a hacker accessed the company’s server and obtained personal data of about 2,200 consumers in August 2018, the company promised purchasers that it would work with an outside data security firm and law enforcement authorities to investigate the incident. The FTC, however, alleges that the company failed to follow through on this promise.

Also read

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

I cover the digital content ecosystem and telecom for MediaNama.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

The Delhi High Court should quash the government's order to block Tanul Thakur's website in light of the Shreya Singhal verdict by the Supreme...

News

Releasing the policy is akin to putting the proverbial 'cart before the horse'.

News

The industry's growth is being weighed down by taxation and legal uncertainty.

News

Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.

News

Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ