Google has updated its Play Store rules to impose a “formal” ban on stalkerware apps, but the company has left a pretty huge loophole in place for stalkerware to be uploaded on the official store as child-tracking applications.
Stalkerware is a term used to describe apps that track a user’s movements, snoop on calls and messages, and record other apps’ activity.
Stalkerware, also known as spouseware, is usually advertised to users as a way to discover cheating partners, track children while outside their homes, and as a way to keep an eye on employees at work.
The primary feature of all stalkerware apps, regardless if they’re intended to be used on smartphones or laptops, is that these apps can be installed and run without the device owner’s knowledge, operating in the operating system’s background.
Over the past decade, the Play Store has hosted hundreds of applications that fit into the stalkerware category.
Google, which has intervened to take down stalkerware apps when they’ve been pointed out by security researchers, has usually avoided making public statements on the topic.
In an update to its Developer Program Policy , Google said that all apps that track users and send their data to another device must include an “adequate notice or consent” and show a “persistent notification” that the user’s actions are being tracked by the app.
The new rules, set to enter into effect next month, on October 1, are a ban on stalkerware apps, by negating their ability to be installed and operate undetected when installed on victim devices. If user-tracking apps don’t add these UI changes, they won’t pass the approval process to be listed on the Play Store.