The U.S. Federal Trade Commission has reaffirmed its decision to bar Scott Zuckerman, the founder behind several notorious spyware brands, from participating in the surveillance software industry. The agency declined his recent request to reverse or soften the restrictions placed on him following a major privacy scandal.
Zuckerman previously operated Support King and its associated apps, including SpyFone and OneClickMonitor—programs designed to secretly monitor individuals’ phones. In 2021, the FTC permanently prohibited him from marketing, selling, or even promoting any kind of surveillance product after investigators uncovered severe data security failures. The order also required Zuckerman to wipe all customer data collected by SpyFone and implement stricter cybersecurity measures within his other business ventures.
The original ban was rooted in a 2018 incident where a researcher discovered that an unsecured Amazon S3 bucket belonging to SpyFone had exposed a massive amount of highly sensitive information. Among the leaked data were selfies, messages from multiple chat platforms, audio recordings, contact lists, GPS details, and login credentials. The exposed records included over 44,000 email addresses and thousands of photos and recordings harvested from more than 3,600 devices running the spyware.
Despite the seriousness of the breach, Zuckerman argued in his recent petition that the FTC’s ongoing security requirements have placed a financial burden on his remaining businesses. He stated that he no longer runs Support King and is now focused on operating a restaurant and planning tourism-related projects in Puerto Rico. The FTC, however, was not convinced and ruled that the ban would remain fully intact.
In past years, reports indicated that Zuckerman may have attempted to sidestep the ban by operating a new spyware service through third-party developers. The leaked data from that period showed clear links between his old companies and these newer operations, raising concerns that he continued engaging in activities the FTC strictly prohibited. Notably, some of the data discovered included files from SpyFone that he had been legally ordered to delete, as well as access credentials for OneClickMonitor.
Experts who monitor the stalkerware industry welcomed the FTC’s decision. They emphasized that this sector has repeatedly shown disregard for user safety and privacy, with more than two dozen similar companies suffering hacks or exposing personal data online in recent years. According to researchers, such ongoing negligence leaves both the spyware users and their unwitting targets at serious risk.
