The creator of a spyware firm located in the United States, whose surveillance products enabled clients to spy on the phones and computers of victims who were unaware of the spying, entered a guilty plea to federal charges. This significant legal milestone is part of the evolving digital landscape we analyzed in our recent report on the Cybersecurity Paradox of 2026.

On Tuesday, Bryan Fleming, the creator of pcTattletale, entered a guilty plea in a federal court in San Diego to counts of computer hacking, the selling and promotion of surveillance software for criminal activities, and conspiracy. The allegations were brought against him following a multi-year investigation.

Federal Investigation and HSI Involvement

After conducting an investigation that lasted for many years, investigators from Homeland Security Investigations (HSI), which is a division of the United States Immigration and Customs Enforcement, brought the plea. As part of a larger investigation into the market of consumer-grade surveillance software, popularly known as “stalkerware,” HSI started looking into pcTattletale in the middle of 2021.

According to official documents from the U.S. Department of Justice, this is the first successful prosecution of a stalkerware operator by the federal government in more than a decade. It is possible that the conviction of Fleming may open the way for more federal investigations against individuals who promote covert monitoring software.

The Mechanics of pcTattletale

pcTattletale was an application for remote monitoring that has been under Fleming’s control since 2016. Apps classified as stalkerware provide customers the ability to purchase software capable of following individuals without their knowledge. This includes tracking romantic partners, which is against the law in the United States and many other countries. For deeper context on these types of digital threats, you can revisit our analysis on Enterprise AI and Regulated Sectors.

Once planted on a device, the application continuously uploaded a copy of the victim’s information—including messages and location data—to pcTattletale’s servers, making it accessible to the person who planted the spyware.

Data Breach and Closure

Following a data breach that occurred in 2024, Fleming decided to shut down pcTattletale. The breach occurred when a hacker defaced the website and stole reams of data, including personally identifiable information. The breach was extensively documented by TechCrunch, reporting that over 138,000 customers were affected.

After erasing the data of pcTattletale’s servers, Fleming stated that his firm was “out of business and completely done.” However, federal investigators had already made significant progress in their investigation into Fleming’s unlawful spyware company.

Undercover Operation and Sentencing

Nick Jones, a special agent with HSI, noted in an affidavit that pcTattletale stood out because it promoted malware for “surreptitiously spying on spouses.” Jones went undercover, pretending to be an affiliate marketer, to gather evidence. Fleming sent photos meant for banner advertising that touted the spyware as a tool to “catch a cheater,” making his illegal intent evident.

Fleming is anticipated to be sentenced later this year. This conviction is a victory for privacy activists like those at the Electronic Frontier Foundation (EFF), who work to combat the growth of stalkerware.

Frequently Asked Questions (FAQ)