Spyware: Difference between revisions

(22 intermediate revisions by 7 users not shown)

Line 1:

~~{{Incomplete}}~~

[https://en.wikipedia.org/wiki/Spyware Spyware] is a form of '''malware''' designed to gather information from the infected device. Spyware comes in many different shapes and forms and may be installed intentionally or unintentionally.<ref name=":1" />

~~Spyware~~ is ~~a form~~ of malware ~~designed to gather information from the infected device. Spyware comes in many different shapes~~ and ~~forms and may be installed intentionally or unintentionally.~~

There is considerable debate over the scope of the term malware; while some people and groups qualify certain non-malware software as spyware, such as [[Microsoft]], [[Meta]], and [[Google]]<ref name=":0">{{Cite web |last=Petrino |first=Gene |title=The Data Big Tech Companies Have On You |url=https://www.security.org/resources/data-tech-companies-have/ |archive-url=http://web.archive.org/web/20260111171613/https://www.security.org/resources/data-tech-companies-have/ |archive-date=11 Jan 2026|access-date=21 August 2025 |website=security.org |type=Uses text to communicate information(with some additional imagery)}}</ref> owned software due to the large quantity of data these corporations collect from its users, others disagree with that qualification, due to the user having technically consented to the data collection.

~~In some circles, some may~~ qualify non-malware software as spyware, such as [[Microsoft]], [[Meta]], and [[Google]]<ref name=":0">{{Cite web |last=Petrino |first=Gene |title=The Data Big Tech Companies Have On You |url=https://www.security.org/resources/data-tech-companies-have/ |url-~~status~~=~~live~~ |access-date=21 August 2025 |website=security.org |type=Uses text to communicate information(with some additional imagery)}}</ref> owned software due to the large quantity of data these corporations collect from its users, ~~though~~ others disagree with that qualification, due to the user having technically consented to ~~this espionage~~.

==How it works==

Spyware comes in many different forms. It may present itself as an actual software, while secretly spying on your device in the background.

Malware with deeper level access to your device has more potential for harm, which is a reason some are cautious of [[Kernel level driver|Kernel Level Drivers]].

Malware with deeper level access to your device has more potential for harm, which is a reason some are cautious of [[Kernel level driver|Kernel Level Drivers]] and [[Kernel level anti-cheats]].

Some "free" services, such as [[Google]] services(check here for more info: [[List of Google products]]), often come at the cost of user data being collected to be sold for profit and/or to be used as training data for [[~~Artificial~~ intelligence]].

Some "free" services, such as [[Google]] services(check here for more info: [[List of Google products]]), often come at the cost of user data being collected to be sold for profit and/or to be used as [[Artificial_intelligence/training|training data]] for [[artificial intelligence]].<ref>{{Cite web |date=16 Feb 2022 |title=What Does Big Tech Actually Do With Your Data? |url=https://www.forbes.com/councils/forbestechcouncil/2022/02/16/what-does-big-tech-actually-do-with-your-data/ |archive-url=https://web.archive.org/web/20241206070801/https://www.forbes.com/councils/forbestechcouncil/2022/02/16/what-does-big-tech-actually-do-with-your-data/ |archive-date=6 Dec 2024 |access-date=31 Jan 2026 |website=forbes.com}}</ref>

The ~~Legally~~ collected data may also just be diagnostic data or just a way to make things "more convenient"(like with cookies).

The legally collected data may also just be diagnostic data or just a way to make things "more convenient"(like with [[Web cookie|cookies]]).

=== Data that tends to get collected:~~<ref name=":0" />~~ ===

===Data that tends to get collected:===

* Username

*Username

* ~~Password~~

*Passwords

* Email addresses

*Email addresses

* Diagnostic data(how you use their platform, errors & crash reports, logs, etc)

*Diagnostic data(how you use their platform, errors & crash reports, logs, etc)

* Phone ~~Number~~

*Phone Numbers

* Payment Information

*Payment Information

* Stored videos & photos

*Stored videos & photos

* Metadata of photos & files

*Metadata of photos & files

* Stored documents

*Stored documents

* Contact info from other devices.

*Contact info from other devices.

* Internet-protocol(IP) addresses

*Internet-protocol(IP) addresses

* Browser Type

*Browser Type

* Device Type

*Device Type<ref name=":0" />

==Why it is a problem==

Spyware, as the name ~~suggest~~, spies on the device, which contains the user's data. Spyware is inherently negative for users' privacy. As companies like [[Microsoft]], [[Meta]] and [[Google]] are collecting more information on consumers(either by legal or illegal means), they make users less secure & more susceptible to data breaches/leaks.

Spyware, as the name suggests, spies on the device, which contains the user's data. Spyware is inherently negative for users' privacy. As companies like [[Microsoft]], [[Meta]] and [[Google]] are collecting more information on consumers(either by legal or illegal means), they make users less secure & more susceptible to data breaches/leaks.<ref>{{Cite web |date=2 Jan 2026 |title=Data Breaches 2025: Biggest Cybersecurity Incidents So Far |url=https://www.pkware.com/blog/recent-data-breaches |archive-url=http://web.archive.org/web/20260116190555/https://www.pkware.com/blog/recent-data-breaches |archive-date=16 Jan 2026|access-date=31 Jan 2026 |website=pkware.com}}</ref>

===Spyware & data collection from a consumer rights perspective:===

====Lack of transparency from companies:====

A lack of transparency on a consumers ability to opt-out of data collection if even possible is quite common among popular services.

For example, a usage of [[Deceptive language frequently used against consumers]] or simply hiding things in the terms of service may be enough trick a consumer into thinking there is nothing wrong with the service or may be enough to prevent/discourage a consumer from learning what a company does with their data & what data they collect.<ref>{{Cite web |last=Libbey |first=Madeline |last2=Micek |first2=Peter |last3=Cheng |first3=Sage |date= |title=Going dark: companies today release fewer transparency reports, less data |url=https://www.accessnow.org/going-dark-companies-today-release-fewer-transparency-reports-less-data/ |archive-url=https://web.archive.org/web/20191021184245/https://www.accessnow.org/going-dark-companies-today-release-fewer-transparency-reports-less-data/ |archive-date=21 Oct 2019 |access-date=2026-02-01 |website=accessnow.org}}</ref>

====Lack of a consumers control:====

Many corporations use [[Forced arbitration]] or [[Consent-or-pay]] in order to gain access to user data, with the main incentive/goal of doing this being a desire to make profit(which is why many companies are okay with users opting out of data collection as long as the users still pay for the service as found in [[Consent-or-pay]]).<ref>{{Cite web |date=28 Oct 2024 |title=Forced Arbitration Clauses: What’s at Stake and Why it Matters |url=https://blog.helmerfriedman.com/forced-arbitration-clauses-whats-at-stake-and-why-it-matters/ |archive-url=https://web.archive.org/web/20241114115649/https://blog.helmerfriedman.com/forced-arbitration-clauses-whats-at-stake-and-why-it-matters/ |archive-date=14 Nov 2024 |access-date=31 Jan 2026 |website=}}</ref><ref>{{Cite web |date=21 Aug 2025 |title=Consent or Pay Models: Are Paywall Cookie Consent Legal For Site? |url=https://wplegalpages.com/blog/consent-or-pay-models/ |archive-url=https://web.archive.org/web/20250907105448/https://wplegalpages.com/blog/consent-or-pay-models/ |archive-date=7 Sep 2025 |access-date=31 Jan 2026}}</ref>

====The need for consumer control and proper disclosure:====

Reasons/arguments include:

*Improved user satisfaction

*The ability to opt-out allows users to prevent their sensitive data from being leaked in the event of a data breach

*The option for consumers to properly see the data being collected allows them to more easily infer what data tends to be collected without dealing with intentionally deceptive language<ref>{{Cite web |last=Podolsky |first=Michael |date=31 May 2024 |title=Why Prioritizing Consumer Rights Matters For Businesses |url=https://www.forbes.com/councils/forbesbusinesscouncil/2024/05/31/why-prioritizing-consumer-rights-matters-for-businesses/ |archive-url=https://web.archive.org/web/20251027154921/https://www.forbes.com/councils/forbesbusinesscouncil/2024/05/31/why-prioritizing-consumer-rights-matters-for-businesses/ |archive-date=27 Oct 2025 |website=forbes.com}}</ref>

==Types(~~Illegal~~/~~Malware~~)<ref>{{Cite web |title=What Is Spyware? Definition, Types, And Protection |url=https://www.fortinet.com/resources/cyberglossary/spyware |url-status=live |access-date=19 Jan 2026 |website=Fortinet.com |type=Uses text to communicate information(with some additional imagery)}}</ref>==

==Types(illegal/malware)==

#Adware: This type of spyware monitors user activity to then sell that data to malicious advertisers.

#[[wikipedia:Adware|Adware]]: This type of spyware monitors user activity to then sell that data to malicious advertisers.

#Info-stealer: This type of spyware takes data from the device, such as recent actions, applications, etc.

#Key-loggers: Key-loggers are a type of Info-stealer that gains access to data by observing keystrokes done by a user on an infected machine(This data is then saved onto an encrypted log file).

#[[wikipedia:Keystroke_logging|Key-loggers]]: Key-loggers are a type of Info-stealer that gains access to data by observing keystrokes done by a user on an infected machine(This data is then saved onto an encrypted log file).

#Rootkits: Rootkits allow infiltrators extreme levels of access to a device(around administrator level).

#[[wikipedia:Rootkit|Rootkits]]: Rootkits allow infiltrators extreme levels of access to a device(around administrator level).<ref name=":1">{{Cite web |title=What Is Spyware? Definition, Types, And Protection |url=https://www.fortinet.com/resources/cyberglossary/spyware |archive-url=https://web.archive.org/web/20251213081639/https://www.fortinet.com/resources/cyberglossary/spyware |archive-date=13 Dec 2025 |access-date=19 Jan 2026 |website=Fortinet.com |type=Uses text to communicate information(with some additional imagery)}}</ref>

== Methods used by companies(~~Legal~~)<ref>{{Cite web |last=Davis |first=Lakisha |date=11 Apr 2025 |title=Data Harvesting 101: What Companies Know About You (And How They Use It) |url=https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |access-date=20 Jan 2025 |website=metapress.com}}</ref> ==

==Methods used by companies (legal)==

# Cookies: Small pieces of data stored in files on your device(s). This type of data may include, but is not limited to: Preferences on websites, login information, & your browser history.

#[[Web_cookie|Cookies]]: Small pieces of data stored in files on your device(s). This type of data may include, but is not limited to: Preferences on websites, login information, & your browser history.

# Tracking Pixels: Tracking pixels are incredibly small images that are embedded into websites or emails. This method allows companies to see how users interact with their content on the web.

#Tracking Pixels: Tracking pixels are incredibly small images that are embedded into websites or emails. This method allows companies to see how users interact with their content on the web.

# Accounts & Online Forms: Websites typically have users sign up with an account so they can tie data to it. Both account setup and forms similar to it tend to require data such as: Email addresses, phone numbers, Names, & sometimes data that should be optional(like your location).

#Accounts & Online Forms: Websites typically have users sign up with an account so they can tie data to it. Both account setup and forms similar to it tend to require data such as: Email addresses, phone numbers, Names, & sometimes data that should be optional(like your location).

# Device & location tracking: Some websites will request access to your geographical position(which can be declined), but what tends to be collected more often are IP addresses(~~tends to be~~ outside of your control).

#Device & location tracking: Some websites will request access to your geographical position(which can be declined), but what tends to be collected more often are IP addresses(usually outside of your control).<ref>{{Cite web |last=Davis |first=Lakisha |date=11 Apr 2025 |title=Data Harvesting 101: What Companies Know About You (And How They Use It) |url=https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |archive-url=https://web.archive.org/web/20250419141741/https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |archive-date=19 Apr 2025 |access-date=20 Jan 2025 |website=metapress.com}}</ref>

== See also ==

==See also==

* [[Anti-privacy legislation]](Extremely undeveloped article, but still on the topic of privacy)

*[[Anti-privacy legislation]](Extremely undeveloped article, but still on the topic of privacy)

* [[Data brokers]]

*[[Backdoor]]

* [[Device fingerprint]]

*[[Data brokers]]

*[[Device fingerprint]]

*[[De-anonymization]]

*[[Forced identification]]

==References==

@@ Line 1: / Line 1: @@
-{{Incomplete}}
+[https://en.wikipedia.org/wiki/Spyware Spyware] is a form of '''malware''' designed to gather information from the infected device. Spyware comes in many different shapes and forms and may be installed intentionally or unintentionally.<ref name=":1" />
-Spyware is a form of malware designed to gather information from the infected device. Spyware comes in many different shapes and forms and may be installed intentionally or unintentionally.
+There is considerable debate over the scope of the term malware; while some people and groups qualify certain non-malware software as spyware, such as [[Microsoft]], [[Meta]], and [[Google]]<ref name=":0">{{Cite web |last=Petrino |first=Gene |title=The Data Big Tech Companies Have On You |url=https://www.security.org/resources/data-tech-companies-have/ |archive-url=http://web.archive.org/web/20260111171613/https://www.security.org/resources/data-tech-companies-have/ |archive-date=11 Jan 2026|access-date=21 August 2025 |website=security.org |type=Uses text to communicate information(with some additional imagery)}}</ref> owned software due to the large quantity of data these corporations collect from its users, others disagree with that qualification, due to the user having technically consented to the data collection.
-In some circles, some may qualify non-malware software as spyware, such as [[Microsoft]], [[Meta]], and [[Google]]<ref name=":0">{{Cite web |last=Petrino |first=Gene |title=The Data Big Tech Companies Have On You |url=https://www.security.org/resources/data-tech-companies-have/ |url-status=live |access-date=21 August 2025 |website=security.org |type=Uses text to communicate information(with some additional imagery)}}</ref> owned software due to the large quantity of data these corporations collect from its users, though others disagree with that qualification, due to the user having technically consented to this espionage.
 ==How it works==
 Spyware comes in many different forms. It may present itself as an actual software, while secretly spying on your device in the background.
-Malware with deeper level access to your device has more potential for harm, which is a reason some are cautious of [[Kernel level driver|Kernel Level Drivers]].
+Malware with deeper level access to your device has more potential for harm, which is a reason some are cautious of [[Kernel level driver|Kernel Level Drivers]] and [[Kernel level anti-cheats]].
-Some "free" services, such as [[Google]] services(check here for more info: [[List of Google products]]), often come at the cost of user data being collected to be sold for profit and/or to be used as training data for [[Artificial intelligence]].
+Some "free" services, such as [[Google]] services(check here for more info: [[List of Google products]]), often come at the cost of user data being collected to be sold for profit and/or to be used as [[Artificial_intelligence/training|training data]] for [[artificial intelligence]].<ref>{{Cite web |date=16 Feb 2022 |title=What Does Big Tech Actually Do With Your Data? |url=https://www.forbes.com/councils/forbestechcouncil/2022/02/16/what-does-big-tech-actually-do-with-your-data/ |archive-url=https://web.archive.org/web/20241206070801/https://www.forbes.com/councils/forbestechcouncil/2022/02/16/what-does-big-tech-actually-do-with-your-data/ |archive-date=6 Dec 2024 |access-date=31 Jan 2026 |website=forbes.com}}</ref>
-The Legally collected data may also just be diagnostic data or just a way to make things "more convenient"(like with cookies).
+The legally collected data may also just be diagnostic data or just a way to make things "more convenient"(like with [[Web cookie|cookies]]).
-=== Data that tends to get collected:<ref name=":0" /> ===
+===Data that tends to get collected:===
-* Username
+*Username
-* Password
+*Passwords
-* Email addresses
+*Email addresses
-* Diagnostic data(how you use their platform, errors & crash reports, logs, etc)
+*Diagnostic data(how you use their platform, errors & crash reports, logs, etc)
-* Phone Number
+*Phone Numbers
-* Payment Information
+*Payment Information
-* Stored videos & photos
+*Stored videos & photos
-* Metadata of photos & files
+*Metadata of photos & files
-* Stored documents
+*Stored documents
-* Contact info from other devices.
+*Contact info from other devices.
-* Internet-protocol(IP) addresses
+*Internet-protocol(IP) addresses
-* Browser Type
+*Browser Type
-* Device Type
+*Device Type<ref name=":0" />
 ==Why it is a problem==
-Spyware, as the name suggest, spies on the device, which contains the user's data. Spyware is inherently negative for users' privacy. As companies like [[Microsoft]], [[Meta]] and [[Google]] are collecting more information on consumers(either by legal or illegal means), they make users less secure & more susceptible to data breaches/leaks.
+Spyware, as the name suggests, spies on the device, which contains the user's data. Spyware is inherently negative for users' privacy. As companies like [[Microsoft]], [[Meta]] and [[Google]] are collecting more information on consumers(either by legal or illegal means), they make users less secure & more susceptible to data breaches/leaks.<ref>{{Cite web |date=2 Jan 2026 |title=Data Breaches 2025: Biggest Cybersecurity Incidents So Far |url=https://www.pkware.com/blog/recent-data-breaches |archive-url=http://web.archive.org/web/20260116190555/https://www.pkware.com/blog/recent-data-breaches |archive-date=16 Jan 2026|access-date=31 Jan 2026 |website=pkware.com}}</ref>
+===Spyware & data collection from a consumer rights perspective:===
+====Lack of transparency from companies:====
+A lack of transparency on a consumers ability to opt-out of data collection if even possible is quite common among popular services.
+For example, a usage of [[Deceptive language frequently used against consumers]] or simply hiding things in the terms of service may be enough trick a consumer into thinking there is nothing wrong with the service or may be enough to prevent/discourage a consumer from learning what a company does with their data & what data they collect.<ref>{{Cite web |last=Libbey |first=Madeline |last2=Micek |first2=Peter |last3=Cheng |first3=Sage |date= |title=Going dark: companies today release fewer transparency reports, less data |url=https://www.accessnow.org/going-dark-companies-today-release-fewer-transparency-reports-less-data/ |archive-url=https://web.archive.org/web/20191021184245/https://www.accessnow.org/going-dark-companies-today-release-fewer-transparency-reports-less-data/ |archive-date=21 Oct 2019 |access-date=2026-02-01 |website=accessnow.org}}</ref>
+====Lack of a consumers control:====
+Many corporations use [[Forced arbitration]] or [[Consent-or-pay]] in order to gain access to user data, with the main incentive/goal of doing this being a desire to make profit(which is why many companies are okay with users opting out of data collection as long as the users still pay for the service as found in [[Consent-or-pay]]).<ref>{{Cite web |date=28 Oct 2024 |title=Forced Arbitration Clauses: What’s at Stake and Why it Matters |url=https://blog.helmerfriedman.com/forced-arbitration-clauses-whats-at-stake-and-why-it-matters/ |archive-url=https://web.archive.org/web/20241114115649/https://blog.helmerfriedman.com/forced-arbitration-clauses-whats-at-stake-and-why-it-matters/ |archive-date=14 Nov 2024 |access-date=31 Jan 2026 |website=}}</ref><ref>{{Cite web |date=21 Aug 2025 |title=Consent or Pay Models: Are Paywall Cookie Consent Legal For Site? |url=https://wplegalpages.com/blog/consent-or-pay-models/ |archive-url=https://web.archive.org/web/20250907105448/https://wplegalpages.com/blog/consent-or-pay-models/ |archive-date=7 Sep 2025 |access-date=31 Jan 2026}}</ref>
+====The need for consumer control and proper disclosure:====
+Reasons/arguments include:
+*Improved user satisfaction
+*The ability to opt-out allows users to prevent their sensitive data from being leaked in the event of a data breach
+*The option for consumers to properly see the data being collected allows them to more easily infer what data tends to be collected without dealing with intentionally deceptive language<ref>{{Cite web |last=Podolsky |first=Michael |date=31 May 2024 |title=Why Prioritizing Consumer Rights Matters For Businesses |url=https://www.forbes.com/councils/forbesbusinesscouncil/2024/05/31/why-prioritizing-consumer-rights-matters-for-businesses/ |archive-url=https://web.archive.org/web/20251027154921/https://www.forbes.com/councils/forbesbusinesscouncil/2024/05/31/why-prioritizing-consumer-rights-matters-for-businesses/ |archive-date=27 Oct 2025 |website=forbes.com}}</ref>
-==Types(Illegal/Malware)<ref>{{Cite web |title=What Is Spyware? Definition, Types, And Protection |url=https://www.fortinet.com/resources/cyberglossary/spyware |url-status=live |access-date=19 Jan 2026 |website=Fortinet.com |type=Uses text to communicate information(with some additional imagery)}}</ref>==
+==Types(illegal/malware)==
-#Adware: This type of spyware monitors user activity to then sell that data to malicious advertisers.
+#[[wikipedia:Adware|Adware]]: This type of spyware monitors user activity to then sell that data to malicious advertisers.
 #Info-stealer: This type of spyware takes data from the device, such as recent actions, applications, etc.
-#Key-loggers: Key-loggers are a type of Info-stealer that gains access to data by observing keystrokes done by a user on an infected machine(This data is then saved onto an encrypted log file).
+#[[wikipedia:Keystroke_logging|Key-loggers]]: Key-loggers are a type of Info-stealer that gains access to data by observing keystrokes done by a user on an infected machine(This data is then saved onto an encrypted log file).
-#Rootkits: Rootkits allow infiltrators extreme levels of access to a device(around administrator level).
+#[[wikipedia:Rootkit|Rootkits]]: Rootkits allow infiltrators extreme levels of access to a device(around administrator level).<ref name=":1">{{Cite web |title=What Is Spyware? Definition, Types, And Protection |url=https://www.fortinet.com/resources/cyberglossary/spyware |archive-url=https://web.archive.org/web/20251213081639/https://www.fortinet.com/resources/cyberglossary/spyware |archive-date=13 Dec 2025 |access-date=19 Jan 2026 |website=Fortinet.com |type=Uses text to communicate information(with some additional imagery)}}</ref>
-== Methods used by companies(Legal)<ref>{{Cite web |last=Davis |first=Lakisha |date=11 Apr 2025 |title=Data Harvesting 101: What Companies Know About You (And How They Use It) |url=https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |access-date=20 Jan 2025 |website=metapress.com}}</ref> ==
+==Methods used by companies (legal)==
-# Cookies: Small pieces of data stored in files on your device(s). This type of data may include, but is not limited to: Preferences on websites, login information, & your browser history.
+#[[Web_cookie|Cookies]]: Small pieces of data stored in files on your device(s). This type of data may include, but is not limited to: Preferences on websites, login information, & your browser history.
-# Tracking Pixels: Tracking pixels are incredibly small images that are embedded into websites or emails. This method allows companies to see how users interact with their content on the web.
+#Tracking Pixels: Tracking pixels are incredibly small images that are embedded into websites or emails. This method allows companies to see how users interact with their content on the web.
-# Accounts & Online Forms: Websites typically have users sign up with an account so they can tie data to it. Both account setup and forms similar to it tend to require data such as: Email addresses, phone numbers, Names, & sometimes data that should be optional(like your location).
+#Accounts & Online Forms: Websites typically have users sign up with an account so they can tie data to it. Both account setup and forms similar to it tend to require data such as: Email addresses, phone numbers, Names, & sometimes data that should be optional(like your location).
-# Device & location tracking: Some websites will request access to your geographical position(which can be declined), but what tends to be collected more often are IP addresses(tends to be outside of your control).
+#Device & location tracking: Some websites will request access to your geographical position(which can be declined), but what tends to be collected more often are IP addresses(usually outside of your control).<ref>{{Cite web |last=Davis |first=Lakisha |date=11 Apr 2025 |title=Data Harvesting 101: What Companies Know About You (And How They Use It) |url=https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |archive-url=https://web.archive.org/web/20250419141741/https://metapress.com/data-harvesting-101-what-companies-know-about-you-and-how-they-use-it/ |archive-date=19 Apr 2025 |access-date=20 Jan 2025 |website=metapress.com}}</ref>
-== See also ==
+==See also==
-* [[Anti-privacy legislation]](Extremely undeveloped article, but still on the topic of privacy)
+*[[Anti-privacy legislation]](Extremely undeveloped article, but still on the topic of privacy)
-* [[Data brokers]]
+*[[Backdoor]]
-* [[Device fingerprint]]
+*[[Data brokers]]
+*[[Device fingerprint]]
+*[[De-anonymization]]
+*[[Forced identification]]
 ==References==