Imagine having a rental computer in your home and knowing that the company renting you the device has spyware installed on the machine that logs your every keystroke, and even takes photos of you doing whatever it is you’re doing in the room. This is the reality for over 420,000 customers of seven different computer rental companies.
Photos of them in various stages of dress, their children, and even sexual encounters were transmitted to these stores in order to help them collect on debts. Not only that, but passwords and other things typed by the customers were also logged and transmitted, often revealing personal and unchecked information about their customers to whatever employee came across it.
Seven rent-to-own companies were placed under investigation and ultimately forced to stop using this spyware on their customers by the FTC (Federal Trade Commission). The FTC even went so far as to report that this spyware captured and transmitted pictures of customers having sex in the privacy of their own homes, all because they had a rent-to-own computer sitting in the room with the webcam uncovered at the time.
Why Did This Happen?
Rent-to-own companies have a responsibility to keep track of their equipment. When a customer goes in arrears, it’s the right of the company to have its merchandise returned. In order to facilitate this, companies turned to DesignerWare, LLC, a company that licensed software to rent-to-own stores to help them track and recover rented computers. Unfortunately, this software went well above and beyond location reporting and remote lockout.
Employees at the rent-to-own stores could pop up fake software registration notices that required users to enter personal information such as their name, address, and phone number in order to continue using the computer. This information was then used to repossess the hardware. This might sound perfectly reasonable, but the software captured a lot more than just the information entered by the user.
It captured keystrokes from virtually all customer activity. Personal chats, screen shots, and other online activity was recorded and transmitted by the software.
Perhaps the most disturbing element was the use of the built-in webcam to capture images of the room in which the computer was located. This capture happened whether someone was using the system or not, and you could imagine what a webcam can see when located in various rooms of the home.
According to the FTC Report, the companies involved include:
Those named in the FTC’s complaints include DesignerWare, LLC; its principals, Timothy Kelly and Ronald P. Koller, individually and as officers of DesignerWare, LLC.; Aspen Way Enterprises, Inc.; Watershed Development Corp.; Showplace, Inc., d/b/a Showplace Rent-to-Own; J.A.G. Rents, LLC, d/b/a ColorTyme; Red Zone, Inc., d/b/a ColorTyme; B. Stamper Enterprises, Inc., d/b/a Premier Rental Purchase; and C.A.L.M. Ventures, Inc., d/b/a Premier Rental Purchase.
Why the FTC Intervened
Signing a rental agreement does not mean giving the rental company access to your entire personal life. The companies, by using this software, went above and beyond the terms of the contract. This violation of privacy went largely unknown to the customers as no part of the customer agreement mentioned spyware such as this.
Rental companies can track their merchandise using location reporting, as well as remotely lock customers out pending their contract being current. This much of the software is perfectly legal. It’s the point where companies start prying into aspects of their unaware customers’ lives that things get shady.
For now, the rental companies can continue to use tracking and remote lockout software. Customers have to be made aware of these programs and how they operate prior to signing a contract.
Do you rent a computer? Did you know something like this was going on?