FTC bans 'brazen' SpyFone surveillance app, firm must notify victims

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

The Federal Trade Commission has banned the SpyFone company and its CEO from the surveillance industry, ordering the firm to delete all data and notify everyone affected.

SpyFone and its CEO, Scott Zuckerman, are now banned from having any connection with "any surveillance app, service, or business," according to the FTC. The app, which the FTC describes as "brazen stalkerware," was used to gain root control on Android, and allowed stalkers to monitor everything from photos to web history on the phone.

"SpyFone is a brazen brand name for a surveillance business that helped stalkers steal private information," Samuel Levine, Acting Director of the FTC's Bureau of Consumer Protection, said in a statement.

"The stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company's slipshod security," he continued. "This case is an important reminder that surveillance-based businesses pose a significant threat to our safety and security. We will be aggressive about seeking surveillance bans when companies and their executives egregiously invade our privacy."

The FTC says that alongside SpyFone's intentional "stalkerware" functions, it failed to do so in a secure way. Reportedly, SpyFone claimed to take "reasonable precautions to safeguard" the data that it illegally harvested, but the FTC says there was a series of failures.

SpyFone did not encrypt the personal data, and it did not limit that data to authorized users. The company's services also reportedly transmitted purchasers' passwords in plain text.

Alongside the ban of SpyFone maker Support King, and the company's CEO, the FTC's complete filing mandates that all personal data stored by the company be deleted.

Then owners who may unknowingly have phones that have had SpyFone installed, must now be notified by the company. They must be told that their devices were being monitored, and that therefore they may not be secure.