Lock screen adware in the Play Store is nothing new. Last year, Google had a bit of an epidemic on its hands, when once beloved apps such as ES File Explorer started showing unwarranted overlays while phones were charging. We saw a similar thing with the Peel Smart Remote app earlier this year, and the latest offender appears to be Hotspot Shield VPN.

This is a widely trusted app, with more than 50m downloads and a Play Store rating of 4.2 from almost 1m reviewers. However, since it was updated around a week ago, increasing numbers of disgruntled paying users have voiced concerns that the app may have introduced some rather more nefarious practices. There are two lock screen overlay settings available to Elite subscribers. One shows performance metrics and the other shows news, with the odd ad thrown in amongst the stories. The first of those is enabled by default since the update, but some users are alleging that turning them off does not work, forcing the overlays upon them. Here is a selection of comments from the app's Play Store listing:

"Suddenly and with out permission my phone is showing their lock screen on top of mine! Did ask , dont want, can't get it to stop even though selected off, deleted until that goes away!"

"Two, stupid lock screen with ads. Not for me. It'd be better to have ads in the app itself not everything you unlock your screen. You could still monetize your free app but be less intrusive. Very sorry but uninstalled."

"Co stantly gives me ads even though I have elite as well. Really rubbish now. So disappointing."

"The lock screen widget cannot be turned off. It just turns back on! It's hijacked it"

"Latest update hijacks lockscreen by default. Even for the premium paid service. Garbage app developers do this. Stop it and apologize or lose a paying customer."


Left: The performance overlay.  Center: An ad in the news feed overlay.  Right: The relevant settings.

I downloaded the app and signed up for the free trial of the Elite subscription so I could test it out. In my experience, turning off the settings for the lock screen overlays did stop them from showing up, although. It's also worth noting that the enabled-by-default lock screen setting didn't actually show me any ads. It's possible that I didn't test it for long enough or behavior differs between users, however. The news overlay did show ads, as you can see above, but I had to enable that for it to display. The fact that the first option is enabled by default is bad enough, as that would have forced it on every user who updated. Elite subscribers are right to be upset by this, especially considering they are paying a premium for the service.

Aside from the issues with lock screen overlays, there are numerous other complaints about the new version, including connection problems and the removal of a quit button. A good number of users will have removed the app after the new update, but that's not all its developer AnchorFree has to worry about.

In a separate development, it was reported yesterday that a privacy advocacy group, The Center for Democracy and Technology (CDT), has filed a complaint against the developer with the FTC (Federal Trade Commission). In its filing, CDT claims that Hotspot Shield VPN keeps activity logs which it uses to serve ads and redirect customers to partners' websites. This is despite promising not to track, log, or sell user information.

CDT is also accusing AnchorFree of insufficient security practices relating to customer payment data. Altogether, the developer is facing quite serious allegations of "unfair and deceptive trade practices," and when you couple this with recent complaints from users it paints a bleak picture for a once trusted company.

We'll monitor this story as it progresses and keep you up to date with any new information.