The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator.
Bryan Fleming, who ran the now-defunct surveillance software company pcTattletale from his luxurious home in Michigan, entered a guilty plea on January 6 in a San Diego federal court to charges including computer hacking, conspiracy, and the unlawful advertising of surveillance software.
The case is significant not just for its rarity, but for how brazenly Fleming operated. Unlike many stalkerware operators who hide behind anonymity, Fleming openly promoted pcTattletale via YouTube videos filmed at his own home, marketing the software as a tool to “catch a cheater.”
If you visited the pcTattletale website you would be told that it was “employee and child monitoring software” designed to “protect your business and family.” But, of course, what it actually was was a way to surreptitiously spy upon other people’s phones and computers – secretly viewing everything they did.
The software bragged about being “100% Undetectable,” which raises an obvious question – why would pcTattletale need to be undetectable if it were only used to monitor employees or children?
Surely a parent or employer would only use such software with the explicit permission and knowledge of their child or staff member?
The reality is that stalkerware like pcTattletale can also be used for tracking the location and activities of people without their knowledge. In fact, for many purchasers this will have been the only reason they bought the software – to spy upon spouses and domestic partners without their consent.
Law enforcement began looking into pcTattletale in 2021. An agent went undercover, posing as an affiliate marketer and then as a customer. Fleming provided promotional banners advertising pcTattletale as a way to “catch a cheater,” noting in emails that “there are a lot more women wanting to catch their man then the other way around.”
Court documents revealed that when one customer worried pcTattletale would show up on their boyfriend’s credit card receipt, Fleming reassured them purchases could appear as a “generic computer scan” instead.
Regular readers of “Hot for Security” may remember that it was a data breach – rather than a federal investigation – that ultimately brought pcTattletale’s operations to a halt.
In May 2024, a hacker exploited vulnerabilities in pcTattletale’s infrastructure, defacing the website and leaking gigabytes of data including details of over 138,000 customer accounts. Fleming shut down operations shortly after.
Fleming claimed through his lawyer that he “genuinely had no idea the product might violate any laws.” It’s a claim that looks questionable, when you consider the software was marketed for the purposes of illegal surveillance.
Fleming faces up to 15 years in prison and will be sentenced on April 3 2026.
Law enforcement agencies have indicated that pcTattletale is just one of several stalkerware operations currently under investigation – news which may spell bad news not just for those who run such companies, but also for those who have purchased spyware from them in the past.
Using stalkerware to spy on others without their permission is never acceptable.
If you’re concerned that someone might be using spyware against you, visited the website of the Coalition Against Stalkerware for advice and information.