The founder of a spyware company that was banned from the surveillance industry following a previous data breaches is now trying to revoke the ban, according to the Federal Trade Commission.
In a notice Friday, federal observers said Scott Zuckerman had attempted to withdraw or change the 2021 ban imposed by the FTC on his company Support King and its subsidiaries.
The ban included a provision that required Zuckerman to maintain certain cybersecurity practices and undergo frequent audits of any of his business after the spyware subsidiary Spyfone leaked thousands of private phone data, including photos, messages and location data, to the public web.
Five commissioners at the FTC banned Zuckerman and banned King’s activities in the surveillance industry by voting unanimously to help provide, sell and promote phone surveillance apps.
Zuckerman now claims that the order has placed “unnecessary burdens” as the financial costs required to comply with the order have made it more difficult to expand his other businesses.
A review of Zuckerman’s petition is expected to be closely monitored by privacy advocates and critics in the surveillance industry, and could represent one of the first major cybersecurity tests of a Republican-controlled federal agency. Once an agent changes an order or moves to remove it completely, it will open up a way to prevent surveillance vendors with a history of data breaches from being legally hampered again.
Despite the ban coming into effect in 2021, Zuckerman was involved in another spyware operation within less than a year.
In 2022, TechCrunch received a cache of violated data from a server of a phone spyware app called Spytrac. This revealed that FTC bans are being carried out by a group of freelance developers with direct links to support King who may skirt. The compromised data also included records from Spyfone despite the FTC’s orders, despite the requesting that data be removed illegally from the victim’s phone. Spytrac went offline shortly after contacting Zuckerman for comment.
Zuckerman’s petition has already faced criticism from the security community.
“I think this petition should be loud and vehemently opposed. Zuckerman has repeatedly shown that he is flouting FTC by continuing to run a stalkerwear company even after the ban is issued.
“There’s no doubt that both the ban and the ongoing reporting requirements will be a burden on him personally, but I argue that’s the point,” Galperin said. “There is no doubt that the moment Zuckerman thinks he can get away with it, he will launch another Stalkerware Company.”
It was not clear how the FTC would vote for Zuckerman’s petition, and the agency also did not set a date. A spokesman for the FTC did not comment when TechCrunch reached it. The FTC is required by law to request comment on the petition to revoke an agency’s order.
Nationals can leave feedback on Zuckerman’s petition until August 19th.
The FTC is chaired by Trump-appointed Andrew Ferguson, who serves alongside two other Republicans, Mark Meadowl and Melissa Holyoak. The massacre of Democratic Secretary Rebecca Kelly was reappointed to the FTC last week after the Trump administration tried to fire her. The remaining fifth commissioner seat is vacant.
In his petition, Zuckerman appealed directly to Ferguson, appealing to the committee’s “current executive philosophy.” “On ensuring regulations actually have a positive impact on consumers and the public,” Zuckerman told TechCrunch.
Meanwhile, Galperin said it is important to maintain reporting requirements for Zuckerman’s future ventures “as it repeatedly demonstrates that it cannot ensure sensitive user data.”
