Η Google ενημέρωσε τους κανονισμούς του Play Store για να επιβάλει μια “επίσημη” απαγόρευση στις εφαρμογές stalkerware, but as it seems the company άφησε ένα αρκετά μεγάλο κενό αφού επιτρέπει να ανεβάζουν stalkerware στο Play Store σαν εφαρμογές παρακολούθησης παιδιών.
Stalkerware is a term used to describe applications that track a user's movements, monitor calls, messages, and record the activity of other applications.
Stalkerware, also known as spouseware, is commonly advertised to users as a way to find out who is stealing partners, watching children when they are away from home or employees at work.
The main feature of all applications stalkerware, whether intended for use on smartphones or laptops, is that these applications can be installed and run without the knowledge of the device owner. Also these applications run in the background of any operating system.
Over the past decade, the Play Store has hosted hundreds of stalkerware applications.
Google, which has been trying to remove stalkerware apps reported by security researchers, has typically avoided making public statements about the theme.
However today in a updating the Programmer Program Policy, Google reports that all apps that track users and send them data τους σε άλλη συσκευή πρέπει να συμπεριλαμβάνουν την “συγκατάθεση” και να εμφανίζουν μια “επίμονη notice” that the user's actions are being tracked by the application.
The new rules, which take effect next month, October 1, ban stalkerware applications, depriving them of the ability to install and operate without being detected when installed on devices. If user tracking apps do not have these changes, they will not go through the approval process to appear in the Play Store.
But while the new rules seem a step in the right direction, Google has also left a gap that could be abused by stalkerware devs.
According to Google, apps that monitor children can continue to run without asking for the user's consent or displaying a persistent on-screen alert. Adult monitoring applications must include both components, according to the company.
In other words, there is nothing to prevent a stalkerware dev from rebranding his application to continue running smoothly.
In fact, today's announcement is more like an update for all malware developers than a real stalkerware ban, with application developers having almost two weeks to comply with the rules.
This exemption for child tracking apps is the same loophole Google left in a similar ban it imposed on stalkerware ads in July. A research from TechCrunch he found that the ban on stalkerware ads was never enforced, which raises questions about whether what the company says applies or is more about PR.