Stalkerware operator pleads guilty in rare prosecution

The owner of a Michigan-based stalkerware company pleaded guilty on Monday to federal charges for selling a surveillance product designed to spy on people without their consent.

Bryan Fleming admitted to founding and running pcTattletale, a company that marketed its spyware as a way for customers to catch romantic partners cheating. Fleming’s guilty plea is the first successful prosecution of a stalkerware operator since 2014.

Homeland Security Investigations (HSI) began probing pcTattletale and more than 100 other websites selling stalkerware applications in June 2021, according to a search warrant affidavit in the case.

Fleming was unusually public and direct about the product and even filmed a YouTube video promoting how pcTattletale could be used to catch a “spouse you’re worried about [if] you don’t think they’re being honest.”

“You put it on their Android phone, they won't be able to see it,” Fleming said in the video. “As they use their Android phone and click around, you see a movie of everything they've done.”

The pcTattletale website cautioned users against deploying the app for unlawful purposes, but also included a great deal of language promoting its potential for illegally spying on cheating partners, the affidavit says.

One section told customers the app “has been developed for over 15 years and has helped thousands of spouses, family’s [sic], and employers just like you,” according to the affidavit. 

Fleming pleaded guilty to one count of manufacturing, distributing, possessing and advertising wire, oral, or electronic communication intercepting devices. He will be sentenced on April 3.

The guilty plea was first reported by TechCrunch. 

Despite the fact that many purveyors of stalkerware are brazen about how they market their products, criminal prosecutions have been rare, with the most recent conviction of a stalkerware executive dating to 2014, said Eva Galperin, the director of cybersecurity at the Electronic Frontier Foundation.

The Federal Trade Commission has cracked down on stalkerware companies, but the dearth of criminal prosecutions has contributed to a thriving ecosystem for the products, she said.

“We can essentially name all of the companies that have experienced consequences off the top of our heads and number them using the fingers of one hand,” Galperin said. “One of the reasons why these companies operate out in the open seemingly with impunity is that they have been allowed to act with impunity.”

The investigation

Fleming began selling the stalkerware in at least 2017 and continued doing so until at least December 2022, according to court records. 

In November 2021, HSI agent Nick Jones posed as an affiliate marketer — someone who gets a commission for promoting a company’s products — and reached out to Fleming. 

Fleming sent Jones four banners to use for marketing pcTattletale in late 2021, according to the affidavit, telling him in an email that “there are a lot more women wanting to catch their man then the other way around.”

One of the banners Fleming gave Jones said “pcTattletale Cheating Husband? #1 catch a cheater spy app.” 

Days later, Jones posed as a customer trying to install pcTattletale on her boyfriend’s phone, the affidavit says, to which Fleming replied offering assistance.

In January 2022, Jones installed pcTattletale on a phone used for the investigation and was able to remotely monitor the device and see electronic communications, browsing activity and location data. He paid $99.99 for a subscription that allowed him to spy on three devices, the affidavit says.

A promotional video sent by the company to Jones said the pcTattletale software application is “completely undetectable by the user of the phone, and that the application will allow someone to covertly see everything that is happening on the target cell phone, to include text messages,” the affidavit says.

Authorities also received a warrant that allowed them to search Fleming’s emails in July 2022 and found several from customers seeking help spying on romantic partners. 

One customer emailed Fleming in May 2019 to say they worried pcTattletale would show up on their boyfriend’s credit card receipt. Fleming responded, saying the customer could choose for the purchase to show up as a “generic computer scan” without the pcTattletale name. 

The business was shut down in 2024 after a data breach in May of that year exposed more than 138,000 customers, TechCrunch reported at the time. A lawyer for Fleming did not respond to a request for comment.

According to the breach notification site Have I Been Pwned, a hacker defaced the pcTattletale website and posted gigabytes of data to its homepage.

Exposed data reportedly included membership records, infected PC names, captured messages and IP addresses and device information logs.

Fleming’s guilty plea is significant, EFF’s Galperin said, and will likely have a chilling effect on stalkerware operators working in the U.S. Many operators are based outside of the U.S., however, and are out of reach of American authorities.

The stalkerware space does appear to be shrinking, she said, citing a report she worked on with  the cybersecurity testing lab AV-Comparatives, which found 17 stalkerware products available in the marketplace last year, down from 20 found in 2021.