Be careful what you rent — rent-to-own computers from seven companies spied on users, stealing passwords and photographing… sex

You know those scary stories you hear about how a hacker took control of someone’s webcam and videotaped or photographed them without their knowledge? Yeah, well, it turns out hackers aren’t the only ones doing such things — companies that rent out computers do such things, too.

The Federal Trade Commission (FTC) has recently reached a settlement with seven rent-to-own companies that used a program called PC Rental Agent to spy on customers that rented PCs. Through PC Rental Agent, which is estimated to be installed on 420,000 PCs worldwide, the companies were able to to log keystrokes and capture photographs from webcams. This resulted in the collection of extremely sensitive data — such as usernames, passwords, social security numbers, medical records, credit card information, etc. — and the photographing of people without their knowledge. Photographs secretly taken by PC Rental Agent include photos of kids, semi-dressed individuals, and even people having sex.

From the looks of it, PC Rental Agent was originally intended to be a legitimate program for rental companies to use to try to recover stolen computers or rented PCs if customers stop paying; one of the major features of PC Rental Agent is being able to geolocate a PC. However, the program was obviously abused and the FTC says it violated the privacy of customers and its use is “unfair”, “deceptive”, and “illegal”.

It isn’t entirely clear if the guilty parties were made to pay any sort of fine but the FTC has banned the seven rent-to-own companies and the developer of PC Rental Agent from using PC Rental Agent-like software:

The proposed settlement orders will ban the software company and the rent-to-own stores from using monitoring software like Detective Mode [Detective Mode is a specific feature of PC Rental Agent] and will ban them from using deception to gather any information from consumers.  They also will prohibit the use of geolocation tracking without consumer consent and notice, and bar the use of fake software registration screens to collect personal information from consumers. In addition, DesignerWare [developer of PC Rental Agent] will be barred from providing others with the means to commit illegal acts, and the seven rent-to-own stores will be prohibited from using information improperly gathered from consumers in connection with debt collection.  All the proposed settlements contain record keeping requirements to allow the FTC to monitor compliance with the orders for the next 20 years.

Moral of the story? Avoid renting computers. If you must rent a computer, make sure to “read the fine print” to find out if the company you are renting from is spying on you.

[Thanks Eric989 | via BBC, FTC]

Related Posts