Last year, a hacker sent a journalist a tip: Someone uncovered an exploit in a “stalking app” and accessed reams of sensitive data, including logins, passwords, GPS locations, and photos. Ultimately, the journalist alerted the company, and the Federal Trade Commission sued the developer for evading a slew of regulations.
This is that story, and it’s a cautionary one. If your app is teetering on the edge of legality, take three minutes to read about the FTC’s complaint and censure of Retina-X. It could mean the difference between making money and bankruptcy.
FTC Censures “Stalking App” Company
The Federal Trade Commission reprimanded Retina-X and its principal, James N. Johns, Jr., over the company’s so-called “stalking apps”: MobileSpy, PhoneSherriff, and TeenShield. App buyers could secretly track people and access sensitive data, including physical locations and online activity, via install-activated phones.
The company marketed the products as employee- and children-monitoring apps. However, it did nothing to ensure they weren’t used for nefarious purposes. Additionally, according to the complaint, the programs bypassed manufacturer restrictions and exposed devices to security vulnerabilities.
Plus, people didn’t know they were under surveillance, which is a big no-no.
Retina-X promised consumers:
“Your private information is safe with us.” But according to the FTC settlement, the company outsourced most of its development and maintenance to a third party and didn’t engage in sufficient oversight. In its complaint, the FTC said the programs were “designed to run surreptitiously in the background,” making them “uniquely suited to illegal and dangerous uses.”
In the end, the FTC settled with Retina-X. When interviewed, Andrew Smith, the FTC’s director of the Bureau of Consumer Protection, explained:
“This is our first action against a so-called ‘stalking app. Although there may be legitimate reasons to track a phone, these apps were designed to run surreptitiously in the background and are uniquely suited to illegal and dangerous uses. Under these circumstances, we will seek to hold app developers accountable for designing and marketing a dangerous product.”
Every app developer and distributor should note the bolded part. The takeaway: Privacy encroaching apps are now on the FTC’s regulatory radar.
Consequences for Developing a “Stalking App”
Retina-X and Johns agreed to several stipulations moving forward.
- We Won’t Do It Again: The app company and its owner agreed to stop selling or marketing similar products in the future without implementing the agreed-upon changes.
- Delete the Old Data: Retina-X must delete already collected data.
- Comply with the Law: Moving forward, any similar app must adhere to the Children’s Online Privacy Protection Act and FTC marketing guidelines.
- Secure Permission: If Retina-X revives the products, the new user agreement must limit use to employees, children, or a consenting adult.
- Visible Icon: The older versions of MobileSpy, PhoneSherriff, and TeenShield didn’t install an icon on the device screen. New releases must include one that can only be removed by a parent or legal guardian on a child’s device.
- Better Reporting: Retina-X must now leap through several costly reporting hoops on an annual basis.
- Better Security: The company must beef up its information security apparatus to protected collected data.
You could argue that Retina-X and Johns got off lightly since the FTC didn’t fine the company nor its principal.Retina-X was the first company that the FTC disciplined on this topic. In other words, the commission hadn’t previously defined parameters for this type of app. As such, the company is getting off (arguably) a bit easy. Moving forward, however, the FTC will expect businesses to know about this case and the related consequences.
Connect with an FTC Defense Lawyer
Is the FTC accusing you of an unfair and deceptive marketing violation? The Gordon Law Group regularly defends individuals and businesses against these types of claims, and we’ve beaten the commission in court.
Remember: Just because the FTC accuses you of marketing violations doesn’t mean you’re automatically at fault. Get in touch today to learn more about how our FTC defense team can help you.