Lina Khan, commissioner of the Federal Trade Commission (FTC) nominee for U.S. President Joe Biden, speaks during a Senate Commerce, Science and Transportation Committee confirmation hearing in Washington, D.C., U.S., on Wednesday, April 21, 2021.
Graeme Jennings | Bloomberg | Getty Images
The Federal Trade Commission voted unanimously to ban what it called a “stalkerware app company” and its CEO from the surveillance business, the agency announced Wednesday.
This marks the first time the FTC has obtained such a ban, the commission said in a press release touting the proposed settlement. The agency made clear it likely won’t be the last.
“This case is an important reminder that surveillance-based businesses pose a significant threat to our safety and security,” FTC Bureau of Consumer Protection Acting Director Samuel Levine said in a statement. “We will be aggressive about seeking surveillance bans when companies and their executives egregiously invade our privacy.”
In a separate statement, Democratic Commissioner Rohit Chopra called the pursuit of a ban “a significant change from the agency’s past approach.” The agency pursued its first stalkerware settlement in 2019, but that agreement “allowed the violators to continue developing and marketing monitoring products,” according to Chorpa.
Android app SpyFone, run by a company called Support King, allegedly “secretly harvested and shared data on people’s physical movements, phone use, and online activities through a hidden device hack.” It also allegedly sold “real-time access” to their surveillance, which could help stalkers and abusers track their targets, according to the FTC.
Customers who bought the SpyFone software had to bypass several restrictions on Android-operated phones, the FTC claims. SpyFone allegedly told customers how to hide the app from the surveillance target. To monitor emails or use other features, the FTC alleged, customers would have to use a method that could void the phone’s warranty and expose it to further security risks.
On top of that, the app lacked even basic security measures, the FTC claimed, leaving consumers open to cyber threats. Even when a hacker obtained personal data of more than 2,200 consumers in 2018, the FTC alleged SpyFone failed to follow through on its promise to work with an outside security firm and law enforcement to investigate.
The FTC ordered SpyFone to delete any secretly-harvested and illegally obtained data and notify those who had the app secretly installed on their devices.
SpyFone and Support King did not immediately respond to requests for comment.