Founder of Stalkerware Firm pcTattletale Sentenced to Fine, No Jail Time – First U.S. Conviction Since 2014
What Happened — Bryan Fleming, the founder of pcTattletale, pleaded guilty to manufacturing, distributing, possessing, and advertising a stalkerware application. A San Diego federal judge imposed a $5,000 fine and ordered no additional incarceration beyond the one day already served.
Why It Matters for TPRM —
- The case marks the first U.S. prosecution of a stalkerware vendor in a decade, signalling heightened regulatory scrutiny.
- Organizations that contract surveillance or “employee‑monitoring” tools may inherit legal and reputational risk.
- Vendors operating in the mobile‑app ecosystem could face future enforcement actions, affecting supply‑chain continuity.
Who Is Affected — Employers using covert monitoring software, consumer‑privacy advocates, mobile‑app marketplaces, and any third‑party that integrates or resells surveillance tools.
Recommended Actions —
- Conduct an immediate inventory of any surveillance or “spying” applications used by your organization.
- Update vendor risk questionnaires to explicitly prohibit stalkerware and require compliance with wire‑tap and privacy statutes.
- Review contracts for indemnification clauses covering illegal surveillance activities and consider terminating high‑risk relationships.
Technical Notes — pcTattletale was marketed as an Android app that records a target’s screen activity without consent. The product was promoted via a YouTube video that demonstrated covert installation and real‑time monitoring. No specific software vulnerability (CVE) was cited; the offense stemmed from unlawful interception of communications. Source: The Record