Is It Legal to Spy on Someone's Phone?
Key Takeaways
- •Three overlapping federal laws create the backbone of US surveillance law.
- •This is the category that generates the most prosecutions, the most civil lawsuits, and the most questions.
- •Parents occupy a privileged legal position with respect to monitoring their minor children.
- •Employee monitoring is the area where legal permission is most explicit, but the limits are less understood than most employers assume.
- •AirTags, Tile trackers, Brickhouse GPS units, and similar devices have become the surveillance tools of choice for jealous partners, suspicious parents, and private investigators.
- •Federal law sets a floor of one-party consent for recording conversations.
Disclaimer: This post is educational and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a licensed attorney for guidance specific to your situation.
Let's start with the answer nobody wants to hear: in most scenarios where someone is asking "can I legally monitor this person's phone?" — the answer is no. Not because the question is unreasonable, but because the law in the United States (and most Western jurisdictions) has made covert surveillance without consent a serious criminal offense, regardless of your relationship to the target. Marriage doesn't help you. Paying someone's phone bill doesn't help you. Being their parent when they're 19 doesn't help you.
What's remarkable about electronic surveillance law is how consistently it has rejected common-sense arguments about implied consent in relationships. Courts have heard virtually every version of "but she's my wife" and "I own his phone" — and rejected them. Federal prosecutors have charged spouses, employers, private investigators, and parents under statutes that carry five-to-ten year federal prison sentences.
This isn't theoretical. Real people go to federal prison for this. Real civil judgments are handed down with $100,000+ verdicts. Understanding exactly where the lines are — and why they're drawn there — is the difference between lawful oversight and a federal felony.
The Three Federal Statutes That Govern Electronic Surveillance
Three overlapping federal laws create the backbone of US surveillance law. Violating any one of them generates criminal exposure. Violating all three simultaneously — which many surveillance scenarios do — multiplies your criminal counts accordingly.
The Wiretap Act: 18 U.S.C. § 2511
The Electronic Communications Privacy Act of 1986 substantially updated the Omnibus Crime Control and Safe Streets Act of 1968, producing the modern Wiretap Act. Section 2511 prohibits any person from intentionally intercepting any wire, oral, or electronic communication. The word "intercepting" means capturing the communication while it's in transit — a phone call in progress, an SMS being sent, internet traffic flowing across a connection.
The federal baseline is one-party consent: if you are a participant to the communication being recorded, you can legally record it. A telephone conversation you are personally having can be recorded without telling the other party (under federal law — states vary dramatically on this). If you are not a participant — if you are a hidden third party listening in — you need the consent of at least one participant to avoid liability.
Penalties under § 2511: imprisonment of up to 5 years per violation, plus civil damages. The civil provision (18 U.S.C. § 2520) is a private right of action that allows the victim to sue for the greater of actual damages or $10,000 per violation, plus attorney's fees. Each intercepted communication can be a separate violation. An abusive partner who runs a stalkerware app for 30 days intercepts potentially hundreds of separate communications — each potentially a separate $10,000 civil violation.
In re Pharmatrak, Inc. Privacy Litigation (1st Cir. 2003) is instructive: the court found that a web analytics company intercepting communications without proper consent violated the Wiretap Act even where parties had technically consented to some data collection. The courts interpret "interception" broadly.
The Stored Communications Act: 18 U.S.C. § 2701
The Stored Communications Act, enacted as Title II of ECPA, governs access to electronic communications stored on third-party systems — email sitting in an inbox, iMessages stored in an iCloud account, text message logs at a carrier, cloud backup files. The Wiretap Act handles real-time interception; the SCA handles stored data.
Under § 2701, intentionally accessing without authorization — or exceeding authorized access to — a facility through which electronic communication services are provided, in order to obtain stored communications, is a federal offense.
This statute is what makes logging into your spouse's Gmail account a federal crime. You are accessing a facility (Google's servers) without authorization. The fact that you know the password — perhaps because you once watched them type it, or because it's saved on a shared device — does not constitute authorization in the legal sense. Authorization requires the account holder's consent.
Criminal penalties: up to 5 years for first offenses when the offense is not committed for commercial advantage or malicious purpose; up to 10 years when it is.
Cojocar v. Cojocar (D. Mich. 2012) exemplifies this scenario: a husband who accessed his wife's email account during divorce proceedings without her permission faced SCA liability. Divorce attorneys who advise clients to access their spouse's accounts to gather evidence routinely expose both the client and themselves to professional consequences.
The Computer Fraud and Abuse Act: 18 U.S.C. § 1030
The CFAA was enacted in 1986 primarily to prosecute computer hackers. Smartphones are computers. Installing monitoring software on a phone without authorization, accessing someone else's device to retrieve their communications, or remotely accessing a device through malware — these are CFAA violations.
The CFAA has been the basis for some of the most notable surveillance prosecutions. In United States v. Drew (C.D. Cal. 2009), the court wrestled with how the CFAA applies to social engineering and unauthorized access. In United States v. Van Buren (2021), the Supreme Court refined the "exceeds authorized access" standard — clarifying that having permission to access a system does not permit unlimited access to everything within it.
The practical implication: an employer who has authorization to access company systems does not thereby have authorization to access an employee's personal files on those systems. A parent who owns a device does not automatically have authorization to install covert monitoring software against the adult child's will.
Penalties: up to 10 years for first offenses under certain aggravating circumstances, with higher penalties for repeat offenses or offenses causing serious damage.
Federal law contains no marriage exception, no relationship exception, and no "I was worried about them" exception. Accessing your spouse's phone, email, iCloud account, or Google account without their explicit consent simultaneously violates the Wiretap Act (if you're intercepting communications), the SCA (if you're accessing stored data), and the CFAA (because a phone is a computer). Each statute generates separate criminal counts.
Spouse and Partner Surveillance: Where Most People Get This Wrong
This is the category that generates the most prosecutions, the most civil lawsuits, and the most questions. People in troubled relationships, divorce proceedings, or custody disputes routinely seek ways to monitor their partners — and routinely expose themselves to serious criminal and civil liability in the process.
The "I Own the Phone" Argument
Some partners try to justify covert monitoring by pointing out that they pay for the phone or the phone plan. This argument fails legally for a straightforward reason: ownership of hardware does not grant unlimited access rights to the data stored on it or transmitted by it. The CFAA analysis focuses on authorization, not ownership. The SCA analysis focuses on the account holder's consent, not who paid for the service.
State v. Klug (2003) established early precedent that even consensual use of a shared computer does not imply consent to monitoring of the other user's activities. Courts have consistently extended this principle to smartphones.
The "Implied Consent in Marriage" Theory
This one has been tried repeatedly and rejected every time. The argument goes: by virtue of marriage, spouses have an implied mutual consent to access each other's private information. Courts have treated this argument with skepticism bordering on contempt.
The reason is simple: if implied marital consent were a defense to wiretapping charges, it would effectively make domestic surveillance legal — creating a class of persons (married partners) whose communications have no legal protection from their spouse. Congress deliberately chose not to create this exception. Federal courts have honored that legislative choice.
The "I Was Worried About Them" Defense
Also not a defense. Neither the Wiretap Act, the SCA, nor the CFAA contain mental state exceptions for well-intentioned surveillance. Good intentions reduce your sentence; they don't eliminate your conviction.
What Stalkerware Prosecution Looks Like in Practice
FTC v. Retina-X Studios (2019) resulted in the FTC taking action against a company marketing stalkerware apps — MobileTracker Free, PhoneSheriff, and TeenShield — finding that the apps were primarily used for covert spousal surveillance. The company was prohibited from selling monitoring products unless they required verified consent.
More significantly, individual users of stalkerware have faced prosecution. In New York, a husband who installed FlexiSPY on his wife's phone was charged under New York Penal Law § 250.05 (eavesdropping) and faced potential federal charges as well. The wife's discovery of the software led to an emergency protective order being issued the same day.
In United States v. Perez (9th Cir. 2012), a defendant who installed tracking software on an ex-girlfriend's phone was convicted of cyberstalking under 18 U.S.C. § 2261A in addition to wiretapping charges. The court noted that the monitoring continued for months after the relationship ended, but the analysis would have been the same had it occurred during the relationship.
Evidence Obtained Through Illegal Surveillance Is Generally Inadmissible
Divorce attorneys see this play out regularly: a client, convinced their spouse is cheating, installs a stalkerware app or records phone conversations without consent. They obtain evidence of exactly what they suspected. The other spouse's attorney then moves to exclude the evidence as illegally obtained — and often wins, because the evidence was obtained in violation of federal law.
The victimized spouse then brings a counterclaim for civil damages under § 2520. The surveilling spouse is now defending against civil damages, potentially facing criminal referral, AND has no usable evidence. This is a factual scenario that plays out in family courts regularly.
If you are considering covert monitoring of a partner for use in divorce proceedings: consult a family law attorney first. The evidence will likely be excluded. You will likely face a civil counterclaim. The legal costs of that counterclaim will exceed whatever you paid for the monitoring app. And you may face criminal referral.
Parental Monitoring of Minor Children: Broad But Not Unlimited
Parents occupy a privileged legal position with respect to monitoring their minor children. The legal framework here derives from two sources: parental consent doctrine (a parent can consent to certain actions on behalf of a minor child, including monitoring) and the ownership/authorization logic (if you own the device and the account, you have authorization to access it).
This gives parents considerably more latitude than any other monitoring relationship — but it's not unlimited, and it does not survive the child's 18th birthday.
What Federal Law Generally Permits for Minor Children
- Installing parental control software (Google Family Link, Apple Screen Time, Bark, Qustodio, Net Nanny) on devices owned by the parent
- Reviewing the minor child's text messages, emails, social media activity, and browsing history
- Using carrier-level family tracking features (Find My Family, Verizon Family Locator) on accounts you manage
- Enabling location sharing through platform features on accounts you control
- Recording conversations to which you are a party (one-party consent covers this)
The legal basis is straightforward: the parent owns the device, controls the account, and can consent to monitoring on the minor's behalf. This covers all three federal statutes simultaneously.
The Age Gray Zone
Federal law doesn't specify at what age parental monitoring authority begins to fade — that's left to common law, state law, and the courts. The general principle is that as children develop a reasonable expectation of privacy, covert surveillance becomes harder to justify legally and ethically.
Courts in several states have found that covertly monitoring a 16 or 17-year-old's private communications is treated differently than monitoring a 10-year-old. The analysis in Pollock v. Pollock (6th Cir. 1998) — which involved a parent recording conversations on a child's phone without the child's knowledge — established that parental good faith and the welfare of the child are relevant factors. But good faith is not a complete defense when the monitoring becomes a pretext for something else (controlling an older teenager's relationships, for instance).
The Magic Cutoff: Age 18
Once a child turns 18, parental monitoring authority ends completely. A 19-year-old on your phone plan has exactly the same legal protections as any other adult. Monitoring their communications without their informed, affirmative consent exposes you to the same federal liability as monitoring a complete stranger.
This is not hypothetical. Parents have faced legal action for continuing to monitor adult children's devices — particularly in the context of controlling family dynamics where the "parenting" extends well past the age of majority.
The College Student Problem
Many parents continue to pay for their college student's phone and phone plan. Payment for service does not substitute for consent. If your 20-year-old is on your family plan and you install monitoring software on their phone without their knowledge, you are committing a federal offense. Period.
Transparency is both legally safer and demonstrably more effective. Research from the American Psychological Association consistently finds that adolescents who know monitoring is in place — and understand the reasoning — have better outcomes than those who are covertly surveilled and discover it. Apps like Bark take an alert-based approach: rather than giving parents full message logs, they scan for signals of harm (predatory contact, self-harm language, bullying) and alert when something warrants attention. This is both legally cleaner and relationship-preserving.
Employer Monitoring: Broad Permission, Important Limits
Employee monitoring is the area where legal permission is most explicit, but the limits are less understood than most employers assume.
What the Law Generally Permits
Employers can monitor activity on company-owned devices and company networks provided employees have been notified. The notice requirement is critical — monitoring without prior disclosure is legally riskier even when the monitoring itself would otherwise be permissible.
The standard framework:
- Company equipment: Monitoring is strongly defensible on company-owned devices, company email accounts, and company network traffic. You own the device; you set the terms.
- Company networks: Traffic on your business network — even from employee-owned devices — can be monitored with notice.
- Business purpose: Monitoring must serve a legitimate business purpose: productivity measurement, security incident detection, regulatory compliance, IP protection.
- Written notice: Employment agreements and acceptable use policies should explicitly state that monitoring may occur and what it encompasses.
States With Stricter Requirements
Several states have enacted laws that go beyond federal minimums:
Connecticut (Conn. Gen. Stat. § 31-48d): Employers must provide prior written notice to employees before engaging in any electronic monitoring, including monitoring of email, internet use, or telephone communications.
Delaware (19 Del. C. § 705): Similar to Connecticut — written notice of the types of monitoring, the means of monitoring, and the frequency required.
New York (Labor Law § 682): As of 2022, employers must notify employees at the time of hiring about any monitoring of telephone, email, or internet access, obtain a written acknowledgment, and post the monitoring policy conspicuously.
California: The state constitution's privacy provisions give California employees stronger baseline protections. Monitoring must still satisfy a legitimate business purpose test, and the scope must be proportional to that purpose. Courts have found that monitoring of personal communications on company devices can violate employee privacy rights in some circumstances.
What Employers Cannot Do
- Monitor employees' personal devices used for personal purposes off company time (even if the same device is used for work)
- Monitor personal email accounts accessed from company devices when employees have a reasonable expectation of privacy in those accounts
- Use monitoring as pretext for discriminatory action
- Monitor union organizing activities (which may trigger NLRA analysis in addition to wiretapping statutes)
- Monitor employees' home networks or personal internet use outside work hours without explicit contractual authorization
GPS Tracking of Employees
Tracking company vehicles during work hours: broadly legal with notice. Tracking employees' personal vehicles at any time: not legal without consent. Tracking company vehicles outside work hours: legally contested — some courts have found this unreasonable absent specific business justification.
The line is clearest in the following formulation: monitoring activity that occurs on company time, company equipment, and company premises is defensible with notice. Monitoring that extends into employees' personal lives — their personal devices, their personal vehicles, their personal locations outside work hours — requires explicit contractual consent and even then may fail proportionality analysis in some jurisdictions.
GPS Tracking Laws: Stricter Than You Think
AirTags, Tile trackers, Brickhouse GPS units, and similar devices have become the surveillance tools of choice for jealous partners, suspicious parents, and private investigators. The law has moved aggressively to restrict covert GPS tracking.
The Fourth Amendment Foundation
United States v. Jones (2012) established the constitutional baseline: law enforcement attaching a GPS tracker to a vehicle without a warrant and monitoring it for 28 days constitutes an unreasonable search under the Fourth Amendment. While this constrains government actors, it established a framework that courts have applied when analyzing private GPS tracking conduct.
Carpenter v. United States (2018) extended this principle to historical cell-site location data, with Chief Justice Roberts writing that the "seismic shifts in digital technology" require reconsidering how Fourth Amendment principles apply. The decision's reasoning — that sustained, comprehensive location tracking is categorically different from isolated surveillance — has influenced how courts analyze private stalking claims as well.
State-by-State Prohibitions
More than 25 states have enacted statutes specifically criminalizing covert GPS tracking by private individuals:
California Penal Code § 637.7: It is illegal to use an electronic tracking device to determine the location or movement of a person. An "electronic tracking device" includes any device that communicates GPS data. Exceptions exist for vehicle owner tracking their own vehicle, and parents tracking minor children's vehicles. Violation is a misdemeanor, but repeated violations or violations during protection orders can be charged as felonies.
Texas Penal Code § 16.06: Installing a tracking device on a motor vehicle without the owner's consent is a Class A misdemeanor (up to one year in jail, $4,000 fine). The exception for a vehicle registered to the defendant covers spouses only if the vehicle is registered to them — not simply because they are married.
Illinois (720 ILCS 5/12-7.5): Placing, using, or causing to be used an electronic eavesdropping or tracking device on the person of another, without the consent of the person, in order to hear conversations or determine that person's movements, is a Class 4 felony.
Michigan, Missouri, Nevada, New Hampshire, Oklahoma, Tennessee, Virginia, Washington: Similar statutes with varying penalty tiers.
AirTag Stalking: A Growing Enforcement Category
Apple introduced AirTag in April 2021. By January 2022, multiple police departments were reporting a surge in stalking complaints involving AirTags. The devices are small enough to be placed in a bag, jacket pocket, or wheel well, and they leverage Apple's 1.5 billion-device Find My network to provide near-continuous location tracking.
A notable prosecution occurred in Ohio in 2022, where a man was charged with menacing by stalking after placing an AirTag in his ex-girlfriend's car. The victim received an iPhone notification that an unknown AirTag was traveling with her — Apple's anti-stalking feature, added in response to early abuse reports.
In Georgia in 2023, a domestic violence survivor discovered an AirTag in her child's backpack that her ex-partner had placed there. The ex was charged with stalking and violation of a protective order. The AirTag provided the ex with a real-time record of where the children were at all times, including the victim's new residence.
Placing a GPS tracker or AirTag on a vehicle you do not exclusively own — including your spouse's car in a shared household, your ex-partner's vehicle, or a family member's vehicle — is illegal in most US states regardless of your relationship to the vehicle's primary driver. Several documented AirTag stalking cases have resulted in felony charges.
Two-Party (All-Party) Consent States: A Critical Distinction
Federal law sets a floor of one-party consent for recording conversations. Thirteen states require all parties to a conversation to consent before any party may record it. Recording calls or in-person conversations in these states without all parties' knowledge is a state crime — even if you are a participant in the conversation.
The All-Party Consent States:
| State | Key Statute | Maximum Penalty | |-------|-------------|-----------------| | California | Cal. Penal Code § 632 | 1 year misdemeanor + $2,500 fine | | Connecticut | Conn. Gen. Stat. § 52-570d | Civil liability; criminal under related statutes | | Florida | Fla. Stat. § 934.03 | 5 years felony | | Illinois | 720 ILCS 5/14-2 | Class 4 felony | | Maryland | Md. Code Cts. & Jud. Proc. § 10-402 | 5 years + $10,000 fine | | Massachusetts | Mass. Gen. Laws ch. 272 § 99 | 5 years felony | | Michigan | Mich. Comp. Laws § 750.539c | 2 years felony | | Montana | Mont. Code Ann. § 45-8-213 | Felony | | Nevada | Nev. Rev. Stat. § 200.620 | Category D felony | | New Hampshire | N.H. Rev. Stat. § 570-A:2 | Felony | | Oregon | Or. Rev. Stat. § 165.540 | 1 year + $6,250 fine | | Pennsylvania | 18 Pa. Cons. Stat. § 5703 | 2 years felony | | Washington | Wash. Rev. Code § 9.73.030 | Class C felony |
The practical implication is significant: a person in Florida who records a phone call without the other party's knowledge has committed a felony even if that person is their own spouse, and even if they themselves are a participant in the conversation.
California's statute has particular bite. In Kearney v. Salomon Smith Barney (Cal. 2006), the California Supreme Court held that California's all-party consent law applies when a California resident is a party to a recorded call, even if the recording occurs in a one-party consent state. Cross-state recording disputes frequently default to the stricter state's law.
Interstate Call Recording
When a call crosses state lines, there's a conflict-of-laws question. The general rule that courts have applied: if any party to the call is in an all-party consent state, apply that state's law. This means that if you're in Texas (one-party consent) and you record a call with a California resident without telling them, you may have violated California Penal Code § 632.
International Surveillance Laws: A Brief Survey
European Union: GDPR and Criminal Law
The General Data Protection Regulation (GDPR) applies to processing personal data of EU residents. Personal data includes location data, communications content, and any information about an identifiable individual. Covert monitoring without a lawful basis violates GDPR, which is processed separately from any criminal liability under member state law.
GDPR penalties can reach 4% of global annual turnover or €20 million, whichever is higher. These penalties apply to organizations — the more relevant exposure for individual private surveillance is criminal liability under member state law.
Germany's StGB (Strafgesetzbuch) § 202a-202c criminalizes unauthorized interception of data with up to 3 years imprisonment. France's Penal Code Article 226-1 makes it a crime to intentionally intercept, use, or disclose private communications without consent — up to 1 year imprisonment and €45,000 fine.
For employers monitoring EU employees: the GDPR requires a lawful basis (usually legitimate interests), prior notice to employees, a Data Protection Impact Assessment for high-risk monitoring, and often consultation with works councils or employee representatives. The proportionality principle means monitoring must be limited to what is strictly necessary for the stated business purpose.
United Kingdom
Post-Brexit, the UK operates under UK GDPR and the Data Protection Act 2018 alongside its pre-existing surveillance statutes.
Computer Misuse Act 1990 criminalizes unauthorized access to computer material (Section 1), unauthorized access with intent to commit further offenses (Section 2), and unauthorized modification of computer material (Section 3). Penalties up to 10 years imprisonment. Accessing a partner's phone or email without consent falls squarely within Section 1.
Investigatory Powers Act 2016 (the "Snoopers' Charter") governs bulk surveillance by government agencies but also establishes that private individuals cannot intercept communications. The Regulation of Investigatory Powers Act 2000 (RIPA) remains in force for certain interception scenarios.
Stalking and protection orders: The Protection from Harassment Act 1997, as amended by the Protection of Freedoms Act 2012, specifically prohibits conduct including electronic monitoring that amounts to stalking. This has been used to prosecute covert surveillance by intimate partners even where the specific technology-crime nexus was less clear.
Canada
Criminal Code of Canada Section 184 prohibits the interception of private communications. One-party consent is a defense — if a party to the communication consents, no offense. Employer monitoring of employee communications on company equipment is generally permitted with notice.
PIPEDA (Personal Information Protection and Electronic Documents Act) governs how private organizations collect, use, and disclose personal information. Employer monitoring of employees must satisfy PIPEDA's purposes and consent requirements. Several provincial privacy laws (PIPA in Alberta and BC, Quebec's Law 25) impose stricter requirements.
Provincial stalking and criminal harassment laws (Criminal Code § 264) have been applied to covert GPS tracking and sustained electronic surveillance of intimate partners.
The Consequences: What Actually Happens When Surveillance Is Discovered
Criminal Prosecution Scenarios
The following scenarios have all resulted in federal criminal charges in the United States:
Stalkerware installation by intimate partners: Multiple federal CFAA prosecutions. In several cases, the defendant also faced state cyberstalking charges and domestic violence charges simultaneously. Federal sentences have ranged from probation (first offense, cooperation) to 3-5 years imprisonment.
Employer exceeding authorized access: In United States v. Nosal (9th Cir. 2012), the Ninth Circuit held that employees who access computer systems for unauthorized purposes — even with valid credentials — violate the CFAA. Employers who access employees' personal data on company systems under the guise of "authorized access" face the same analysis reversed.
Account access during divorce proceedings: Civil cases are far more common than criminal prosecutions in this scenario, but referrals to US Attorneys for criminal prosecution do occur, particularly when the surveillance was extensive or the victim was harmed.
Civil Judgment Exposure
The Wiretap Act's civil provision (18 U.S.C. § 2520) allows the victim to recover:
- The greater of actual damages or $10,000 per violation
- Punitive damages in appropriate cases
- Reasonable attorney's fees
Each intercepted communication is a separate violation. A stalkerware app running for 90 days can intercept thousands of separate communications — texts, emails, calls. Even if the court awards only $10,000 per violation and limits the count to 20 violations, that's $200,000 in statutory damages plus fees. Civil judgments in wiretapping cases have reached into the hundreds of thousands and, in extreme cases, the millions.
Luis v. Zang (6th Cir. 2016) is a landmark civil Wiretap Act case arising directly from spousal stalkerware use. The Sixth Circuit affirmed that the Wiretap Act applies to covertly installed monitoring apps, rejected the "marital communications" privilege as a defense, and allowed the case to proceed to a jury on damages. The case ultimately settled for a confidential amount.
Protective Orders and Custody Consequences
Courts have recognized covert surveillance — particularly stalkerware installation — as a manifestation of domestic abuse. The discovery of monitoring software is frequently cited as grounds for emergency protective orders. Family courts in custody disputes treat surveillance as evidence of controlling behavior, which weighs heavily against the surveilling parent in custody determinations.
In multiple reported cases, the party who installed stalkerware to gain tactical advantage in a divorce lost primary custody precisely because the installation was treated as evidence of coercive control.
Decision Framework: Before You Touch That Phone
Use this decision tree before taking any action involving monitoring another person's device or communications:
Do you own this device AND does the person using it have no reasonable
expectation of privacy in it (e.g., company device with clear monitoring notice)?
YES → Monitoring may be permissible. Confirm notice requirements met.
NO → Continue ↓
Is the person a minor child in your legal custody?
YES → Transparent parental controls likely permissible. Age matters.
NO → Continue ↓
Do you have the person's explicit, informed, affirmative consent to monitoring?
YES → Monitoring with consent is generally permissible. Document the consent.
NO → STOP. You are in federal felony territory.
No relationship status — marriage, partnership, family — substitutes for a "yes" in that tree. If you cannot check one of those three boxes, the monitoring is illegal under federal law and likely illegal under state law as well.
The Bottom Line
Surveillance law in the United States is built around one organizing principle: consent. Not relationship, not ownership, not good intentions. Consent.
Monitoring with the subject's explicit knowledge and agreement is generally defensible. Monitoring covertly is where criminal and civil liability begins — regardless of how sympathetic your reasons, regardless of how troubled the relationship, regardless of what you suspected or feared.
The practical consequence is that many of the surveillance scenarios people assume are normal or legal — checking a spouse's text messages, installing a tracker on a partner's car, logging into an ex's email — are federal crimes. Not minor infractions. Federal crimes with 5-10 year maximum sentences.
If you are facing a situation where you feel you need to monitor someone — a child's safety, a suspected unfaithful partner, an employee you don't trust — the appropriate steps are:
- Consult a licensed attorney in your jurisdiction before taking any action
- Understand that courts have consistently rejected "I had good reasons" as a defense
- Consider transparent alternatives: location sharing apps that both parties use knowingly, explicit consent agreements, professional help for relationship issues
- Recognize that illegally obtained evidence generally cannot be used for the purposes you intended it for
The law does not distinguish between the jealous spouse and the controlling abuser in its treatment of covert surveillance. Both are committing the same federal offense.