FTC bans 'brazen' SpyFone surveillance app, firm must notify victims

SpyFone was installed on Android devices

SpyFone and its CEO, Scott Zuckerman, are now banned from having any connection with "any surveillance app, service, or business," according to the FTC. The app, which the FTC describes as "brazen stalkerware," was used to gain root control on Android, and allowed stalkers to monitor everything from photos to web history on the phone.

"SpyFone is a brazen brand name for a surveillance business that helped stalkers steal private information," Samuel Levine, Acting Director of the FTC's Bureau of Consumer Protection, said in a statement.

"The stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company's slipshod security," he continued. "This case is an important reminder that surveillance-based businesses pose a significant threat to our safety and security. We will be aggressive about seeking surveillance bans when companies and their executives egregiously invade our privacy."

The FTC says that alongside SpyFone's intentional "stalkerware" functions, it failed to do so in a secure way. Reportedly, SpyFone claimed to take "reasonable precautions to safeguard" the data that it illegally harvested, but the FTC says there was a series of failures.

SpyFone did not encrypt the personal data, and it did not limit that data to authorized users. The company's services also reportedly transmitted purchasers' passwords in plain text.

Alongside the ban of SpyFone maker Support King, and the company's CEO, the FTC's complete filing mandates that all personal data stored by the company be deleted.

Then owners who may unknowingly have phones that have had SpyFone installed, must now be notified by the company. They must be told that their devices were being monitored, and that therefore they may not be secure.