Do Spyware vendors know what spyware is being used for?

Add to my custom PDF

The commodification of mobile phone surveillance: An analysis of the consumer spyware industry

Spyware tools have become readily accessible to the everyday consumer. An industry has been built on selling software enabling the monitoring of others. To commercialize these products, vendors often portrait them as legitimate. However, this form of software is known to be used by controlling and abusive individuals in family and domestic violence situations.

Harkin, Molnar, and Vowles looked into the marketing strategies employed in the spyware industry. Their analysis considered both visual and textual cues, considering not only explicit messages, but also implicit connotations.

They studied the market to select a sample of nine spyware products. By searching the Web, the Apple Store and the Google Play store they identified the most popular (and likely, profitable) applications. In addition, a scan of Google Trends in Australia pointed to the most web-searched spyware tools. A template consisting of a series of descriptive and interpretative queries was used for the analysis of the nine resulting apps.

The advertising for applications generally suggested children, employees, intimate partners, and thieves as possible surveillance targets. To legitimize these apps, vendors relied on user recommendations and third-party endorsements. Almost all applications suggested using the software to target children and employees. A smaller proportion directly advertised the products use within intimate relationships. The software offered an operator the ability to surreptitiously monitor the activities, communications and location of their target; with some even providing the option of remotely sending ‘spoof’ SMS messages from a target device. Despite this, application vendors terms and conditions provided contradictory disclaimers that placed all responsibility for illegitimate use on the client. Unsurprisingly, the legal advice and customer support were primarily targeted at spyware operators, rather than their targets.

Despite the fine print of these applications disclaiming use outside of a context of two-party consent, their advertising makes their true purpose quite clear. The availability of consumer spyware and its clear potential for illegal and abusive use is troubling. Providing powerful surveillance tools under the guise of ‘care’ and ‘security’ commodifies malware for a general consumer audience. Although we are yet to fully understand the social impact of the security consumption, the potential for harm in abusive relationships is clear enough that concern is warranted.

Despite mandating their products be used legally, spyware operators are clearly aware of their harmful use to non-consensually spy on others.