Making Strides to Stop Stalkerware

/

Exciting news… In the past couple of months, there has been some significant movement in the work against stalkerware. The term stalkerware, AKA spyware, refers to apps, software, or devices that allow someone to monitor or record the activity of another person’s phone or computer without their consent or knowledge. For many years, the term spyware has been used to describe the type of monitoring and surveillance these types of apps and software have prided themselves on. However, as advocates and technologists have come to better understand just how these programs and apps work, we have identified that the characteristics of these types of apps and programs are stalking behaviors. In recent years, there has been a shift in the work to identify and call these types of problematic programs and apps what they really are, which is stalkerware. This technology is incredibly sneaky and is used by abusers and stalkers as a tool to monitor, surveil, intimidate, harass, and control someone. While stalkerware still remains a significant issue for survivors of abuse, tedious but necessary work has been happening to curb both the existence of these products and their misuse.

Buh bye…

Last week the Federal Trade Commission (FTC) announced their first case against a developer of stalking apps. Their investigation of and settlement with Retina-X Studios, LLC has ended with the company’s three stalking apps - MobileSpy, PhoneSheriff, and TeenShield – taken off the market and the company prohibited from selling apps that monitor devices unless they take steps to ensure they will only be used for legitimate purposes. These include not requiring jailbreaking or rooting of the device to function, acquiring written verification from the purchaser that the app will only be used for legal purposes, ensuring a visible icon remains on the device that can provide the user with information, and deleting all personal information previously collected by the apps. Prior to the settlement, all three of Retina-X’s apps required the purchaser to circumvent the phone’s security features by either jailbreaking or rooting the phone and then allowed the person to monitor the phone remotely without any notice to the owner of the device.

When the apps were taken off the market, they had more than 15,000 subscriptions. Anyone doing this work knows that a large number of those subscriptions were likely used for abusive purposes and likely brought much harm in the time they were used. We are grateful to the FTC for their leadership on this and for bringing us in during the process prior to the announcement. We worked closely with the FTC to create graphics to accompany their announcement and provided feedback on the notification language they were crafting.

Clues that stalkerware may be on device

Clues that stalkerware may be on device

Building Partnerships

Today, the announcement was made about the creation of the Coalition Against Stalkerware and the new resource, StopStalkerware.org. We are a member of this Coalition, which is made up of technology companies and advocacy organizations. Leading up to this, we have been working with several anti-spyware companies to learn more about stalkerware, the options to prevent and detect it, and ensure that the experiences of survivors are understood. The Coalition will work together to create industry-wide standards for defining and detecting stalkerware, strategies to increase education and awareness about the issue for survivors, and potential solutions to eliminate spyware completely. Many of the companies involved have been conducting research and increasing education for prevention for many years, and we are enthusiastic to be able to share and collaborate on this effort.

 We also recently participated in Virus Bulletin’s Annual Conference alongside Kaspersky. This event is focused on international threat intelligence and it was a meaningful opportunity to bring the voices of advocates and survivors into that space. We learned a great deal about this work and provided training around the misuse of stalkerware apps and their implications for survivors of abuse.

New Resources

Because of the swift momentum of these growing partnerships and the urge to ensure helpful information is available to survivors, we have worked diligently to update our own materials around spyware/stalkerware within the Survivor Technology and Privacy Toolkit. 

We are excited to be a part of the changing landscape in both government and technology spaces in terms of holding spyware/stalkerware companies and abusers accountable. This work will require many partners and approaches to ensure that the products being created do not intentionally harm survivors and will be a critical piece to the broader goal of addressing abuse.

Creator of StealthGenie Arrested

/

A couple weeks ago, Hammad Akbar, the creator of StealthGenie, a mobile application that allows someone to spy on another person’s cellphone, was arrested by the FBI. He was arrested on charges of conspiracy, sales of surreptitious interception devices, and advertising a surreptitious interception device. Advertised as a way to keep an eye on cheating spouses, monitor teenage children, and employers, anyone can download and install StealthGenie to monitor all activities on a cell phone.

Other than the computer, the cellphone is one of the most used forms of technology. In fact, according Pew Internet, 44% of Americans sleep with their phones so they don’t miss out on texts or messages. We use our cell phone to organize our lives, search for information (let me google that for you), entertain us, and communicate with others – via text, social media, email, and, sometimes, even a phone call. For many of us, survivors included, our cell phone is our lifeline to help, information, and to other people. Cellphone spyware makes it incredibly easy for abusers and stalkers to monitor the activities and location of survivors through their cell phones.

When abusers are stalking their victims’ phones via spyware, it is 24-7 control and abuse. In addition to constant monitoring, abusers often engage in other types of abuse, such as physical abuse, threats, and emotional abuse. The result is that survivors feel completely isolated and cut off from any avenue of help. Everything they say and everything they do is monitored and controlled by the abuser. The trauma and the fear can be overwhelming.

StealthGenie isn’t the only monitoring product out there. There are many similar products available, including mSpy, MobiStealth, Spy Bubble. Some of these products are advertised under the guise of protecting your vulnerable children or protecting your liability by monitoring your employees. Some come right out and encourage users to buy their products to “catch your cheating spouse.” In reality, abusers and stalkers are buying these products to further terrorize and abuse their victims.

We’re glad that the government is cracking down on products that make it easier for abusers to harm victims. For years, when their phones were being monitored survivors would have to get a new phone – a very expensive step – simply to stay safe. Removing these types of products from the market means one less tool for abusers to use to stalk and harass survivors of domestic violence and stalking.

For more information about cell phone safety, visit our Technology Safety & Privacy toolkit. For more information about NNEDV Safety Net’s advocacy work on cell phone privacy and safety, watch Cindy Southworth, Vice President of NNEDV’s testimony at the Location Privacy Protection Act of 2014 hearing.