Η Google ενημέρωσε τους κανονισμούς του Play Store για να επιβάλει μια “επίσημη” απαγόρευση στις εφαρμογές stalkerware, αλλά όπως φαίνεται η εταιρεία άφησε ένα αρκετά μεγάλο κενό αφού επιτρέπει να ανεβάζουν stalkerware στο Play Store σαν εφαρμογές monitoringof children.
Stalkerware is a term used to describe applications that track a user's movements, monitor calls, messages, and record the activity of other applications.
Stalkerware, also known as spouseware, is commonly advertised to users as a way to find out who is stealing partners, watching children when they are away from home or employees at work.
The main feature of all applications stalkerware, whether intended for use on smartphones or laptops, is that these applications can be installed and run without the knowledge of the device owner. Also these applications run in the background of any operating system.
Over the past decade, the Play Store has hosted hundreds of stalkerware applications.
Google, which was trying to remove stalkerware apps reported by security researchers, has typically avoided making public statements on the matter.
However today in a updating the Programmer Program Policy, Google states that all applications that monitor users and send their data to another device must include "consent" and display a "persistent notice" that the user's actions are being monitored by the application.
The new rules, which take effect next month, October 1, ban stalkerware applications, depriving them of the ability to install and operate without being detected when installed on devices. If user tracking apps do not have these changes, they will not go through the approval process to appear in the Play Store.
But while the new rules seem a step in the right direction, Google has also left a gap that could be abused by stalkerware devs.
According to Google, apps that monitor children can continue to run without asking for the user's consent or displaying a persistent on-screen alert. Adult monitoring applications must include both components, according to the company.
In other words, there is nothing to prevent a stalkerware dev from rebranding his application to continue running smoothly.
In fact, today's announcement is more like an update for all malware developers than a real stalkerware ban, with application developers having almost two weeks to comply with the rules.
This exception for child tracking applications is the same gap left by Google in a similar ban it imposed on stalkerware ads in July. A survey by TechCrunch he found that the ban on stalkerware ads was never enforced, which raises questions about whether what the company says applies or is more about PR.