Google has updated its Play Store regulations to impose an "official" ban on stalkerware apps, but it seems the company has left a pretty big loophole by allowing stalkerware to be uploaded to the Play Store as apps monitoringof children.
Stalkerware is a term that usesused to describe applications that track a user's movements, monitor calls, messages, and record the activity of other applications.
Stalkerware, also known as spouseware, is commonly advertised to users as a way to find out who is stealing partners, watching children when they are away from home or employees at work.
The main feature of all applications stalkerware, regardless of whether they are intended to be used in smartphone or laptops, is that these applications can be installed and run without the device owner's knowledge. Also these applications run in the background of each operating system.
Over the past decade, the Play Store friendforeignin hundreds of stalkerware applications.
Google, which was trying to remove τις εφαρμογές stalkerware που τις ανέφεραν researchers security, has usually avoided making public statements on the matter.
However today in a updating the Programmer Program Policy, Google states that all applications that monitor users and send their data to another device must include "consent" and display a "persistent notice" that the user's actions are being monitored by the application.
The new rules, which will come into effect from next month on October 1, ban stalkerware apps, negating their ability to install and run undetected when installed on Appliances. If user tracking apps don't have these changes, they won't pass procedure approval to appear on the Play Store.
But while the new rules seem a step in the right direction, Google has also left a gap that could be abused by stalkerware devs.
According to Google, apps that monitor children can continue to run without asking for the user's consent or displaying a persistent on-screen alert. Adult monitoring applications must include both components, according to the company.
In other words, there is nothing to prevent a stalkerware dev from rebranding his application to continue running smoothly.
In fact, today's announcement looks more like one information for all malicious app developers, rather than an actual stalkerware ban, with app developers having almost two weeks to comply with the rules.
This exception for child tracking applications is the same gap left by Google in a similar ban it imposed on stalkerware ads in July. A survey by TechCrunch he found that the ban on stalkerware ads was never enforced, which raises questions about whether what the company says applies or is more about PR.