Apps are neither good nor evil, but simply tools. However, the increasingly popular use of spy apps is punishable in the vast majority of cases.

There are apps that are able to intercept and share the movements and other information and data recorded by the phone. Such spy apps are especially popular among digital-savvy and jealous partners.

These spy apps are installed by the user on someone else’s smartphone. This is regularly done without the knowledge and especially without the consent of the other person. Installing them therefore regularly requires access to the other smartphone – both physically to the device and digitally by knowing the password. Or the suitably prepared and bugged smartphone is simply given away to the partner.

The disguised App

After the spy app is installed, it runs unnoticed in the background. The app itself disguises itself as a theft app, for example, which can supposedly be used to locate the smartphone if it should get lost.

The spy app then accesses everything in real time that is not blocked by the operating system: GPS data, messages, photos and much more. Some spy apps are even said to be able to record phone calls and secretly activate the microphone and camera.

This spied-out and intercepted data is in turn sent unnoticed by the owner of the smartphone to the person who installed the app. What only secret agents used to be able to do is thus now available relatively inexpensively from several dozen providers on the Internet.

The location data can also be collected, for example, and made available as a movement history on corresponding maps of the surroundings. In addition, critical areas can then be defined so that the software sounds an alarm if the smartphone moves away from or reaches this area.

So if you suspect that your partner is not working overtime at the office in the evening, but is out enjoying himself, you could be notified when he leaves the workplace.

US Survey: One in Ten monitors their Partner

A survey from the USA is said to have revealed that one in ten of the US citizens questioned has already used such spy software at some point to monitor a partner or ex-partner and keep an eye on their movements and interactions.

But it is not only in the USA that these spy apps enjoy some popularity – they are also used in Germany. After a data leak of customer information from just one provider of such an app, it came out that they had over 1000 paying customers in Germany alone. Incidentally, the majority of these customers were men. Among them are said to have been lawyers, as Vice reported. Overall, Germany is probably the European champion in the use of spy apps.

Spying on and intercepting Data is punishable by Law

The use of such a spy app without the knowledge and consent of the smartphone owner will regularly be punishable by law. Depending on the scope of functions of the specific spy app, the violation of the confidentiality of the word according to Section 201 of the German Criminal Code (StGB) as well as the violation of the highly personal sphere of life through image recording according to Section 201a of the StGB come into consideration.

In addition, the basic functions fall at least under the spying out as well as the interception of data according to § 202a StGB as well as § 202b StGB. The range of punishment for these criminal offenses includes up to two and three years’ imprisonment, respectively.

According to the wording of the law, Section 202a of the German Criminal Code (StGB) punishes anyone who, without authorization, obtains access for himself or another to data that is not intended for him and that is specially secured against unauthorized access.

Under Section 202b of the German Criminal Code, anyone who, without authorization, obtains data from a non-public data transmission that is not intended for him or her by using technical means is liable to prosecution. Under Section 202c of the German Criminal Code, preparatory acts for spying on and intercepting data are punishable. Anyone who obtains a corresponding spy app alone is therefore already committing a criminal offense.

It is already clear from the numbering that these norms were only added to the StGB at a later date in order to close gaps in punishability. These gaps in punishability have opened up due to the increasing use of computers and smartphones and the associated technical possibilities.

The good old protection of the secrecy of correspondence under Section 202 of the Criminal Code was no longer sufficient for this purpose. The current formulation of criminal offenses in this regard also goes back to the Council of Europe’s Cybercrime Convention of 2001.

In 2015, for example, the Heilbronn Local Court (AG), applying the Juvenile Courts Act (JGG), convicted a then 20-year-old defendant of intercepting data due to the use of a spy app.

According to the court’s findings, the defendant secretly installed a spy app on the smartphone of his then girlfriend without her knowledge and approval, which subsequently enabled him for a few months to access via the Internet all data generated during the use of the smartphone and thus – as intended – to monitor his girlfriend. In particular, it was possible for the defendant to read contents of chats and short messages, view pictures and photos, and also determine the location of the cell phone.

Other Areas of Use: Children and Employees

A lawful use of spy apps is conceivable at most to a limited extent by parents towards their children. If parents install these apps on their children’s smartphones to monitor the child’s whereabouts, a lawful use in the exercise of their parental care under Sections 1626, 1631 of the German Civil Code comes into consideration.

However, as the child grows older, a corresponding measure may become disproportionate with regard to the child’s right to self-determination. In particular, the parents must take into account the child’s growing ability and increasing need to act independently and responsibly. In addition, it also becomes critical again at the latest when monitoring communications, as the child may be communicating with a third party stranger whose messages would then also be monitored – which will often be punishable again.

In the case of employees, too, it is hardly conceivable that such use would be lawful. Even if, for example, an employee should have consented to the work telephone at the express request of the employer, the first legal question is whether such consent was actually given voluntarily, taking into account the employee’s dependency. In addition, consent may not be given in a blanket manner, but rather the actual scope and the end of the monitoring over time must be specifically defined. Otherwise, the consent would be invalid in each case.

What to do? Prevention, Vigilance and Control

To avoid becoming a victim of such a spy app yourself, the usual security measures should first be observed. These include, above all, providing the smartphone with appropriate access protection. Unlocking the device as well as enabling the installation of apps via facial recognition or fingerprint is probably the safest way to do so.

If passwords are used, they should be kept secret – basically also from the partner. The use of swipe patterns offers some of the worst protection. They can easily be copied and are sometimes still visible on the screen after unlocking.

In addition, new apps that appear on the smartphone and have not been installed by the user should be critically scrutinized. Where did this app come from? Who installed the app? How do I know that the app does what it claims to do?

In addition, there is now corresponding security software that, among other things, searches for spy apps and can detect them on a smartphone based on certain characteristics. Finally, there are also advice centers that can help with suspected spy apps.

Often no Awareness of Wrongdoing

There does not seem to be much awareness of wrongdoing in the use of spy apps – neither among the providers nor among the users. The users caught apparently see it more as a trivial offense, and the providers often simply write in the terms and conditions that the use may only take place with the consent of the other person. How realistic this is and how many such use cases there actually are remains an open question.

In any case, the potential for abuse of spy apps and the associated invasion of privacy is enormous. Appropriate caution is recommended.