It's easy enough to install a program on a computer, phone, tablet or pad that will allow others to monitor you remotely. They will be able to see all of your passwords to all of your accounts; access your social media; see every website you have visited - and what you did while you were on that site; access your gps location and your location history; see your emails and text messages (even deleted ones) and all of your telephone calls; they can even open your camera and microphone on your device and start recording without you knowing anything about it. It's invisible, it's untraceable, and it can't be traced back to whoever put it there, whether it be a physical installation or a remote one. It sounds scary. It is. It sounds illegal. It isn't. Though certain rules and laws must be strictly followed, ie: DPA Section 55 - Unlawful obtaining etc. of personal data; Computer Misuse Act 1990 (CMA); Data Protection Act 1988 (DPA); Regulation of Investigatory Powers Act 2000 (RIPA); Wireless Telegraphy Act 2006 (WTA); Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000. Breaking any of these could land you in prison.
It is very easy to install monitoring on a device, though sometimes things aren't as straightforward as you want them to be.
A client approached me wanting me to install remote monitoring on her son's computer as she was sure that he was up to no good. Legally she's allowed to do that. Her son was under 16 and she'd bought the computer. It's a simple enough procedure to install monitoring: open the computer; install the monitoring; give client remote access. It takes a couple of minutes. On this occasion it turned out to be far more complicated than that.
It turned out that my client's son was a bit of a computer geek and had installed a secure, coded partition in which he held a virtual machine. Although the computer was used by both the mother and son, his 'side' of the was extremely secure, could not be accessed by the other side, and was protected with a complex password.
I have a USB stick which contains a program that automatically bypasses login screens and passwords. On this occasion though the partitioned side was so secure it wouldn't let me in. I gave myself admin access and went into the computer settings. He'd overwritten the USB drives! I couldn't gain access through the cmd (command prompt) either. I inserted a program I'd written into the .bat files - that didn't work! I went to my hacking tools and tried several password-cracking programs - none of them could crack it (not even with a 10 million word dictionary)! I delved into the part of the dark web where harvested passwords are dumped (if any of your accounts have ever been hacked, you should find your passwords in there). His wasn't there. I cloned his login page to present itself before his own login identical login screen and installed a keylogger behind it. He'd already protected himself against such an attack. I searched for any username he'd used on social media in an attempt to access his accounts through them (usually if you have somebody's username on social media you can find out pretty much anything about them) - no other usernames were associated with this person.
Eventually, through guile, cunning, and the use of hidden, tiny video cameras, I got his passwords and installed the monitoring on the computer. Even then, I had to extract some hidden data manually - but I've got a USB for that too.