Making Strides to Stop Stalkerware

Exciting news… In the past couple of months, there has been some significant movement in the work against stalkerware. The term stalkerware, AKA spyware, refers to apps, software, or devices that allow someone to monitor or record the activity of another person’s phone or computer without their consent or knowledge. For many years, the term spyware has been used to describe the type of monitoring and surveillance these types of apps and software have prided themselves on. However, as advocates and technologists have come to better understand just how these programs and apps work, we have identified that the characteristics of these types of apps and programs are stalking behaviors. In recent years, there has been a shift in the work to identify and call these types of problematic programs and apps what they really are, which is stalkerware. This technology is incredibly sneaky and is used by abusers and stalkers as a tool to monitor, surveil, intimidate, harass, and control someone. While stalkerware still remains a significant issue for survivors of abuse, tedious but necessary work has been happening to curb both the existence of these products and their misuse.

Buh bye…

Last week the Federal Trade Commission (FTC) announced their first case against a developer of stalking apps. Their investigation of and settlement with Retina-X Studios, LLC has ended with the company’s three stalking apps - MobileSpy, PhoneSheriff, and TeenShield – taken off the market and the company prohibited from selling apps that monitor devices unless they take steps to ensure they will only be used for legitimate purposes. These include not requiring jailbreaking or rooting of the device to function, acquiring written verification from the purchaser that the app will only be used for legal purposes, ensuring a visible icon remains on the device that can provide the user with information, and deleting all personal information previously collected by the apps. Prior to the settlement, all three of Retina-X’s apps required the purchaser to circumvent the phone’s security features by either jailbreaking or rooting the phone and then allowed the person to monitor the phone remotely without any notice to the owner of the device.

When the apps were taken off the market, they had more than 15,000 subscriptions. Anyone doing this work knows that a large number of those subscriptions were likely used for abusive purposes and likely brought much harm in the time they were used. We are grateful to the FTC for their leadership on this and for bringing us in during the process prior to the announcement. We worked closely with the FTC to create graphics to accompany their announcement and provided feedback on the notification language they were crafting.

Clues that stalkerware may be on device

Clues that stalkerware may be on device

Building Partnerships

Today, the announcement was made about the creation of the Coalition Against Stalkerware and the new resource, StopStalkerware.org. We are a member of this Coalition, which is made up of technology companies and advocacy organizations. Leading up to this, we have been working with several anti-spyware companies to learn more about stalkerware, the options to prevent and detect it, and ensure that the experiences of survivors are understood. The Coalition will work together to create industry-wide standards for defining and detecting stalkerware, strategies to increase education and awareness about the issue for survivors, and potential solutions to eliminate spyware completely. Many of the companies involved have been conducting research and increasing education for prevention for many years, and we are enthusiastic to be able to share and collaborate on this effort.

 We also recently participated in Virus Bulletin’s Annual Conference alongside Kaspersky. This event is focused on international threat intelligence and it was a meaningful opportunity to bring the voices of advocates and survivors into that space. We learned a great deal about this work and provided training around the misuse of stalkerware apps and their implications for survivors of abuse.

New Resources

Because of the swift momentum of these growing partnerships and the urge to ensure helpful information is available to survivors, we have worked diligently to update our own materials around spyware/stalkerware within the Survivor Technology and Privacy Toolkit. 

We are excited to be a part of the changing landscape in both government and technology spaces in terms of holding spyware/stalkerware companies and abusers accountable. This work will require many partners and approaches to ensure that the products being created do not intentionally harm survivors and will be a critical piece to the broader goal of addressing abuse.