New research says Canada isn’t doing enough to crack down on stalkerware, a malicious form of technology that can be secretly planted on a person’s smartphone – often by a controlling spouse or romantic partner– to track their every move.

The report, published Wednesday by the University of Toronto’s The Citizen Lab, raises alarm bells about apps typically advertised as a way for parents to monitor their children’s online activity or for employers to monitor staff.

Researchers say these tools can be downloaded within minutes and used by abusers, typically men, to spy on the smartphone activity of women and children. Depending on the technology, stalkerware can provide remote access to an individual’s text messages, their internet browsing history and even their current physical location.

And while stalking a partner through their smartphone could break several laws, little is being done in terms of enforcement, according to study author Christopher Parsons.

“The difficulty is that, to date, we haven’t seen a consistent, coherent and holistic response on the part of government to try and crack down on this malicious software,” Parsons, a senior research associate at the Citizen Lab, told CTV Toronto.

The report looked at eight companies that offer the software and found that, in six cases, the technology is explicitly advertised as a way to target one’s spouse. But even without such direct advertising, it’s easy for a stalker to make use of the tool.

“So even when ostensibly legitimate applications, such as those (to) find your lost phone or monitor employees or track your child, even when you have access to those on the market, they can be repurposed by stalkers,” Parsons said.

Legally, someone who uses the technology to stalk someone could face a number of consequences. Researchers say a host of civil and criminal charges, including privacy infringement and criminal harassment, could be laid against an abuser.

Companies that offer stalkerware could also be held accountable, Parsons said, with regulators such as the CRTC stepping in.

Researchers also found what they call “significant and disturbing failures” by companies offering the technology to obtain ongoing consent from users. Researchers say these failures seriously increase the risks for those targeted by stalkerware because users may not be aware that the software is on their phone in the first place.

The report offers a number of recommendations to address the problem, including pushing the federal government to strengthen the Privacy Commissioner’s powers over companies.

Those recommendations could help, but researchers say they cannot address the larger issue of gendered violence and inequality. Instead, researchers say companies need to be conscious of how their technology could be misused.

“In effect, we believe that application developers need to conduct gender-specific analyses of products prior to launching them to ensure that they do not inadvertently (or, in some cases, advertently) create dangers for women, non-binary persons, girls, and children,” researchers wrote in the report.

Original Article