Mobile phone software potentially breaks a bunch of laws

  Last updated September 13, 2019 at 3:10 pm

Topics:  

Readily available consumer spyware products potentially violate a range of Australian laws, relating to harassment, stalking, identity theft and fraud.


Credit: PeopleImages


New research has found that spyware products available for download on most smartphones have the potential to break Australian laws, through their manufacture, advertising and use.


It’s caused the researchers from Deakin University to urge for greater support for domestic violence support services given the risk posed to personal privacy and safety.


Diarmaid Harkin from Alfred Deakin Institue and Adam Molnar, now based at the University of Waterloo in Canada analysed nine commonly used spyware products in the study.


Their research found that without clear consent from both the users and their targets, users can violate a range of Australian laws relating to individual privacy and children and intimate partners are most at risk.


Spyware is a threat in domestic and family violence


Harkin says users may have legitimate reasons for needing to access their child’s or partner’s location, but the range of other functions offered by the software exceeded what would be regarded as proportionate or ethical monitoring in these circumstances.


“Spyware is a particularly acute threat in the context of domestic and family violence and, more troubling, is that multiple companies explicitly encourage and promote the use of spyware against intimate partners,” he says.


“Across our sample, a clear theme emerged from the promotional materials that the main targets of spyware were children and intimate partners as well as employees and thieves.”


Android is more permissive than iPhone


Harkin says the research identified differences between iPhone and Android operating systems.


“In our technical analysis, we found that the Android operating system is significantly more permissive of spyware accessing critical phone functions such as the camera and GPS, as well as other confidential data.”


“In order for an iPhone to be compromised in the same manner, it would need to be jailbroken, or had the manufacturing restrictions removed.”


Their research also revealed that consumer spyware companies rely on cloud-network support services such as Cloudflare, Codero, and Linode, to facilitate their operations.


“If these companies withdrew their support for spyware vendors they could significantly disrupt the ability of spyware companies to operate,” Harkin says.


Recommendations resulting from the research include greater support and resourcing for domestic violence services to enable them to improve responses to the risks facing their clients.


Other recommendations include stronger enforcement by Google of its anti-spyware policy, greater attention and focus from law enforcement and public authorities on the threat of spyware, improving general privacy protections in Australia and more research and support tools to improve on-device scanning.


The full report is available here.


If you are in an abusive situation or know someone who is, you can call 1800 RESPECT or Lifeline on 13 11 14.


Related


Your friends are ruining your online privacy


The problem is trying to regulate Facebook, Google and Amazon


Is anyone listening in on us, Alexa?




About the Author

Deakin Newsroom

Published By

Deakin is a multi-award winning, internationally recognised university. More than 61,000 students study across our five campuses in Melbourne, Geelong and Warrnambool, and at the Cloud Campus and have chosen Deakin for its:

• excellent graduate outcomes

• practical, hands-on approach to learning

• access to state-of-the-art facilities

• teachers with experience and influence in their field

• courses that are informed by industry and offer real-world learning

• exceptional industry connections and work placement programs, in Australia and overseas

• flexible study options, whether on campus or online.

Visit deakin.edu.au


Featured Videos