Under a settlement, the Federal Trade Commission has barred the developers of three “stalking” apps from selling apps that monitor consumers’ mobile devices unless they take steps to ensure the apps will only be used for legitimate purposes.
The FTC’s settlement with Retina-X Studios is the agency’s first case against “stalking apps” or “stalkerware.”
Retina-X developed and sold MobileSpy, PhoneSheriff, and TeenShield. These apps shared detailed information about a person’s smartphone activities – such as call history, text messages, photos, GPS locations, and browser history – without the smartphone owner’s knowledge. They were marketed for monitoring children and employees, but if misused, they let abusers track people’s physical movements and online activities.
According to the FTC’s lawsuit, Retina-X didn’t make sure purchasers were using the apps for legitimate purposes. To install the apps, purchasers often had to weaken the security protections on the smartphone, called jailbreaking or rooting. In addition, once a purchasers installed the app on someone’s phone, they could remove the icon, so the person wouldn’t know someone was monitoring them. Even for legitimate users, the company failed to keep data – including children’s information – confidential and safe.
The FTC settlement requires Retina-X to make sure their monitoring apps are used only for legitimate purposes. In addition, Retina-X is required to destroy all data already collected from their monitoring services. And in the future, they need to set up a comprehensive information security program.
If you think someone might have installed a stalking app on your smartphone, Lisa Weintraub Schifferle, attorney for the FTC’s Division of Consumer and Business Education, offers these steps to consider:
- Check if your smartphone has been rooted or jailbroken. This allows full control over your phone by weakening its security protections. “Root checker” apps identify if your smartphone has been rooted or jailbroken.
- Get help. Law enforcement and domestic violence advocates can help you identify tech misuse and create a safety plan. Law enforcement can determine if spyware is on your phone. Domestic violence advocates can advise you on preserving evidence of abuse before you make changes to your phone. If possible, contact them from a different device than the one that might have the stalking app.
- Get a new smartphone or reset your phone. It might be safest to get a new smartphone with an account that the abuser doesn’t have access to. If you keep your smartphone, consider removing the stalking app by factory resetting your smartphone and reinstalling the manufacturer’s operating system. Don’t re-install programs or content from the old phone or your cloud, as this could re-install the spyware.