Be careful what you rent — rent-to-own computers from seven companies spied on users, stealing passwords and photographing… sex

You know those scary stories you hear about how a hacker took control of someone’s webcam and videotaped or photographed them without their knowledge? Yeah, well, it turns out hackers aren’t the only ones doing such things — companies that rent out computers do such things, too.

The Federal Trade Commission (FTC) has recently reached a settlement with seven rent-to-own companies that used a program called PC Rental Agent to spy on customers that rented PCs. Through PC Rental Agent, which is estimated to be installed on 420,000 PCs worldwide, the companies were able to to log keystrokes and capture photographs from webcams. This resulted in the collection of extremely sensitive data — such as usernames, passwords, social security numbers, medical records, credit card information, etc. — and the photographing of people without their knowledge. Photographs secretly taken by PC Rental Agent include photos of kids, semi-dressed individuals, and even people having sex.

From the looks of it, PC Rental Agent was originally intended to be a legitimate program for rental companies to use to try to recover stolen computers or rented PCs if customers stop paying; one of the major features of PC Rental Agent is being able to geolocate a PC. However, the program was obviously abused and the FTC says it violated the privacy of customers and its use is “unfair”, “deceptive”, and “illegal”.

It isn’t entirely clear if the guilty parties were made to pay any sort of fine but the FTC has banned the seven rent-to-own companies and the developer of PC Rental Agent from using PC Rental Agent-like software:

The proposed settlement orders will ban the software company and the rent-to-own stores from using monitoring software like Detective Mode [Detective Mode is a specific feature of PC Rental Agent] and will ban them from using deception to gather any information from consumers.  They also will prohibit the use of geolocation tracking without consumer consent and notice, and bar the use of fake software registration screens to collect personal information from consumers. In addition, DesignerWare [developer of PC Rental Agent] will be barred from providing others with the means to commit illegal acts, and the seven rent-to-own stores will be prohibited from using information improperly gathered from consumers in connection with debt collection.  All the proposed settlements contain record keeping requirements to allow the FTC to monitor compliance with the orders for the next 20 years.

Moral of the story? Avoid renting computers. If you must rent a computer, make sure to “read the fine print” to find out if the company you are renting from is spying on you.

[Thanks Eric989 | via BBC, FTC]

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

12 comments

  1. Ed

    I have gotten several computers from rent-to-own places.
    First off, yes you can reformat without the disks. The trick is to tell them you want a brand new computer still in the box because you plan on renting to own it. Per the contract agreement you will not get the restore disks untill you pay off the computer but who needs restire disks when you can make your own right from the start menu of your brand new rented computer. MOST brand new computer purchases do not come with restore disks these days, you must make your own from within the OS when you get your new system set up.
    So yes, I have gotten a brand new rent to own pc from a rental place and have reformatted and reinstalled the OS as soon as I got it out of the box, rental agreeement? who cares.

  2. greg

    @Grantwhy:

    About #2, they come with whatever OS the manufacturer had on them when they were sold, The rental company keeps the “restore” disks and runs it when the PC is returned. When I rented a PC, I used Boot and Nuke to wipe the drive before I returned it.

  3. mukhi

    in the world of hacking and spying, anything can happen specially when i see even a mobile phone can be remotely hacked, tracked, used to take pics, steal info.
    bottomline: restrict network use to limited number of devices, use security software and watch for suspicious activities, and last but not the least, use bizarre passwords.

  4. Grantwhy

    @Daniel:

    1) probably against the rental agreement (to remove) and probably quite hard to find.

    2) I would be surprised if the rental computers go out with the installation disks so the people renting would have to buy/provide their own OS = when you take it back to the shop they would have to remove stuff from/re-format the drive (and probably restore the original OS).

    3) what percentage of people with computers have *ever* re-formated and installed an OS on their own?

    and the main reason: I doubt the vast majority of people renting those computers knew there was software on computer that could be used to spy on them (hard for people to remove software they don’t know is on the computer;-))

  5. Ashraf
    Author/Mr. Boss

    @Ashraf: Oh wait, here it is:

    Those named in the FTC’s complaints include DesignerWare, LLC; its principals, Timothy Kelly and Ronald P. Koller, individually and as officers of DesignerWare, LLC.; Aspen Way Enterprises, Inc.; Watershed Development Corp.; Showplace, Inc., d/b/a Showplace Rent-to-Own; J.A.G. Rents, LLC, d/b/a ColorTyme; Red Zone, Inc., d/b/a ColorTyme; B. Stamper Enterprises, Inc., d/b/a Premier Rental Purchase; and C.A.L.M. Ventures, Inc., d/b/a Premier Rental Purchase.

  6. Ashraf
    Author/Mr. Boss

    @Eric989: FTC’s websites says “The FTC also reached settlements with seven companies that operate rent-to-own stores and licensed software from DesignerWare, including franchisees of Aaron’s, ColorTyme, and Premier Rental Purchase.”