The owner of a Michigan-based company pleaded guilty to federal charges for selling pcTattletale, a surveillance software marketed to spy on romantic partners without their consent. This conviction marks the first successful criminal prosecution of a stalkerware operator in a decade, highlighting a significant shift in federal enforcement against the industry.
Bryan Fleming admitted to manufacturing and advertising wiretapping devices after founded a business that explicitly encouraged users to catch cheating spouses through covert monitoring. Despite boilerplate warnings against illegal use, Fleming provided customers with undetectable tools and even suggested ways to hide purchase records from victims' bank statements. A Homeland Security investigation confirmed that the software allowed remote access to text messages, browsing history, and location data for a subscription fee.
The investigation into pcTattletale began in 2021 as part of a broader probe into over 100 websites selling similar surveillance applications. Federal agents posing as both affiliate marketers and customers interacted directly with Fleming, who provided promotional materials focused on catching unfaithful partners. These interactions revealed that Fleming was personally involved in helping users bypass privacy hurdles and ensured the software remained hidden on target devices.
While the Federal Trade Commission has previously taken civil action against such companies, criminal cases have remained rare until now. Cybersecurity experts note that the lack of prosecution has historically allowed stalkerware developers to operate with a sense of impunity. This case is seen as a major precedent that could deter other operators within the United States, even as many similar companies continue to base their operations overseas to avoid legal reach.
The pcTattletale service remained operational until May 2024, when a massive data breach exposed the information of over 138,000 customers. A hacker defaced the company website and leaked gigabytes of sensitive data, including captured messages and device logs, effectively ending the business. The breach highlighted the inherent security risks of such invasive software, which often collects vast amounts of personal data without robust protections.
Fleming is currently awaiting sentencing, which is scheduled for early April. While the number of available stalkerware products on the market has shown a slight decline in recent years, advocates emphasize that continued legal pressure is necessary to protect individuals from digital surveillance. This conviction signals to the industry that marketing tools specifically for non-consensual domestic spying carries serious criminal consequences.
Source: Stalkerware Operator Pleads Guilty In Rare Criminal Prosecution