Rating: Copy9 crosses line between data protection and snooping
When we stumbled across Copy9‘s range of mobile apps, we really weren’t sure whether they were genuine or malware. The company itself describes the product as ‘spyware’ and cites child protection; monitoring cheating spouses or errant employees as reasons to install its apps. The catch is that you have to provide the Copy9 app will exactly the kind of capabilities you would for a nasty piece of malware. So we asked our old buddies at mobile security software specialist, avast! Software, their opinion. This is what Alena Varkockova, Android analyst with the AVAST Virus Lab, said. “This app is an example of the thin line between malicious and PUP (Potentially Unwanted Program).” So GoMobile News bit the bullet and installed Copy9 on an old Android handset lent to us by ZTE. The app does what it claims to do. It spies on the handset for you. For free.Copy9 is available for Android, iOS, Symbian and Windows Mobile but not Windows Phone 7.5 (Mango) yet. So why were we suspicious?
Well, for starters the Android app isn’t available from Google Play (formerly the Android Market). You have to download the app directly to the handset from the Copy9 web site.
Alarm bells were also triggered by poor use of English on the web site, too. We discovered, however, that the firm offering this software is French. Their English is far superior to our French.
So – following the detailed instructions given on the web site, we installed Copy9 and it does exactly what they claim! It detects the location of your smartphone over the web for free.
We suspect Copy9 isn’t allowed on Google Play because it crosses the line between ‘protection’ and downright snooping. You really can install this app on your spouse’s handset and he/she wouldn’t have a clue. Perhaps.
So how does Copy9 make its money? Ah, well only certain bits of its functionality are free. For nothing you get an app which tracks you via GPS and which the author claims is 100 per cent undetectable.
We’d dispute that. avast!’s Varkockova told GoMobile News that, “We decided to let a person to know that he (or she) has this ‘potentially unwanted program’ thing installed.
I’ve already changed our detection (of Copy9) from ‘malicious detection’ to PUP (Potentially Unwanted Program).”
Of course, Copy9 raises the thorny issue of what employers can do to protect corporate data if they offer a Bring Your Own Device (BOYD) policy.
As avast! bogger, Jonathan Penn, writes, “Using your mobile devices for work purposes should not require you giving up all your privacy rights or give your company effective ownership of your device.”
Nonetheless, GoMobile News believes that some companies’ network nasties would rejoice at what Copy9 can do if you pay the fees.
For example it can provide online histories of the calls; texts (SMS); and URLs that the smartphone owner has indulged in. Plus you can download those data reports remotely.
The nasties would have to remember to turn off detection of the app as malicious, however.
In short. Copy9 opens up a whole can of worms over the morality of ‘monitoring’ employees’ smartphones for conformance with company policies. You read it here first, folks.