a glitchy edited screenshot of the landing page for a stalkerware product

#FuckStalkerware pt. 0 - intro + what is stalkerware?

lets ruin some shitty peoples lives wooo

content warnings:
mentions of abuse/controlling behaviour

alright, it's time to embark on a new mission, over the course of the next few blog posts/weeks/months we are going to try and slowly ruin the stalkerware industry. some of the most vile, somehow not illegal, types of businesses to exist. but to do this i should first do a basic intro into what stalkerware is and why it's so bad.

what is stalkerware

stalkerware is an umbrella term for most privately, commerically available spyware, more specifically ones hidden from the target (spyware that doesnt hide its purpose (such as child monitoring software like life360) will be referred to as watchware in this series). it is also often referred to as spouseware due to the prevalence in use by controlling partners to "catch cheating partners", but i dislike this term because use of such software against children (or by employers against employees) is just as bad and abusive as against partners.

stalkerware usually works by giving the spying person access to a dashboard where they can track all phone activity of a victim, be it phone calls, text messages, notifications, geolocation, their photos or anythign else you can imagine, as well as a mobile (or desktop) applcication. the client malware component usually either requires for the spying person to either have physical access to a device to install a client which hides itself upon finished setup, or sending their victim a link to a disguised application (such as a ringtone creator application) which then asks for an activation code also provided by the spy.

a lot of the industry advertises in a way that implies that software such as this is to be used to "keep children safe", but some just blatantly say you can use it to secretly spy on your partners. but absolutely without exception basically all companies in this industry tell you that you need consent to use tools such as these (i am curious now has anyone ever been convicted anywhere for secretly spying on their partner/children?).

why is it bad

ok i feel like it should already just be clear from the previous section why stalkerware (and watchware) is bad. generally even with consent. but just to make my points more explicit and point out some extra reasons for why it's bad, here we go.

  1. using, especially hidden, tracking tools on anyone is controlling abusive behaviour
  2. everyone has a right to privacy
  3. yes that includes children (children are not your property)
  4. even with ""consent""/informing the person to be spied on, especially if they are your child or you otherwise are someone with authority over them, it is still controlling. children deserve privacy and their own spaces, if they trust you they will talk to you about shit thats going on, if they dont youre only going to ruin everything more by fucking spying on them.
  5. stalkerware providers almost always end up getting hacked, leaking all the detailed recorded data of everyone.

so what is this series gonna be about

alright so, see point 5 above? yea that, i will be collecting stalkerware breaches sent to me, looking into companies myself, and blogging about them one by one. revealing (as far as possible) how unsecure they are, who's behind them, trying to get comment, and helping other journalists with stalkerware related reporting. two blog posts are already in the works, and if you have anything to contribute to potential reporting (vulns you find in stalkerware software, leaked data, investigations, insider info [your identity will be protected], etc) or are a journalist looking to cover anything in this series in more detail, contact me.

note: the EFF has also been doing really important work rooting out stalkerware for many years now (cool website to learn even more about stalkerware too)