Mobile spying apps fuel domestic violence, US senator says

Franken calls on Congress to pass a bill banning the creation of mobile spy apps

The U.S. Congress must pass legislation to ban mobile spying apps in order to protect victims of domestic violence, a senator said Wednesday.

Groups aiding victims of domestic violence report growing numbers of clients being stalked through mobile apps secretly installed on their phones by abusers, said Senator Al Franken, a Minnesota Democrat. Tens of thousands of U.S. residents are stalked each year through spy apps, he said.

One mobile app advertises itself as a way to track cheating spouses as a "spy in their pocket," said Franken, during a hearing of the Senate Judiciary Committee's privacy and technology subcommittee. One other spy app advertised that it allowed users to "track every text, every call, and every move they make," he said.

While police can arrest stalkers, "it's not clearly illegal to make and to market and to sell a stalking app," Franken added. "Nothing happened to the companies making money off of the stalking."

A bill pushed by Franken would ban the sale of mobile spying apps, and also regulate the commercial collection of geolocation data. Some critics questioned Wednesday whether his Location Privacy Protection Act is too broad, however.

While many mobile spy apps bill themselves as allowing users to monitor their children or employees, they are often used for stalking, critics said. The apps call themselves parental monitoring apps "because they seem more friendly that way," said Detective Brian Hill of the Anoka County Sheriff's Office in Minnesota.

Legitimate apps that monitor children's location or employee activity don't need to hide themselves on mobile phones, said Cindy Southworth, vice president of development and innovation at the National Network to End Domestic Violence.

With legitimate parental monitoring apps, "the child knows they're being monitored," she said. "From the moment they turn the computer on, they can see that there's monitoring happening."

Franken called on Congress to pass the Location Privacy Protection Act, which would ban the development and sale of GPS stalking apps.

The bill would also require companies to get permission from smartphone, tablet and car navigation device owners before collecting location information, except in emergencies. It would require companies collecting the location data from more than 1,000 devices to post information online about the kind of data they collect, how they share it and how people can stop the collection.

Franken and witnesses at the hearing referenced several mobile spy apps. Representatives of Spyera and Flexispy, two apps called out by Franken, didn't immediately return messages seeking comment on his criticisms.

While senators and witnesses applauded Franken's effort to target cyberstalking, some raised concerns that the bill may be too broad. The bill's requirement that mobile apps or devices that track location get a user's permission may not work in all cases, said Robert Atkinson, president of the Information Technology and Innovation Foundation, a tech-focused think tank.

Some geolocation devices, such as wearable exercise-tracking equipment, don't have an interface to allow notification, Atkinson said. Another device that enables parents to track the location of their children is a GPS tracker that fits in a backpack but doesn't have an interface, he said.

Atkinson urged lawmakers to focus on cyberstalking and not on limiting the commercial use of geolocation information. Regulating how businesses can use geolocation information would "stifle innovation in an area that is rapidly evolving," he said.

The bill doesn't need to address many apps that have geolocation components to deal with cyberstalking, Atkinson said. A weather app, for example, wouldn't be useful to a stalker because he wouldn't have access to it on the victim's phone, he said.

The bill's provision allowing private lawsuits against app makers is also worrisome, Atkinson said. Many small app developers, "if they were faced with the potential of a $1 million fine for making a small coding mistake, or putting something inaccurate on a website, I believe would think twice about developing a mobile app," he said.

Franken questioned the concerns raised by Atkinson and some other senators.

"If we want to stop stalking apps, we can't target just apps that label themselves as stalking apps," he said. "We also have to lay down a few basic rules of the road."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is

Join the CSO newsletter!

Error: Please check your email address.

Tags U.S. SenateInformation Technology and Innovation FoundationBrian HillNational Network to End Domestic ViolenceCindy SouthworthAl FrankenmobilegovernmentlegislationprivacyRobert AtkinsonAnoka County Sheriff’s Officesecurity

More about IDGTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place