About a month and a half ago it was revealed that there has been tracking software pre-installed on over 141 million cell phones. The software designed by Carrier IQ is responsible for recording and reporting metrics to your phone carrier. This discovery forces a dialogue about the trust relationship that is established between the customers and their carrier and exactly how the carrier treats the information that is being is being stored. There have been many allegations about what is exactly being tracked by the software, some true and some more along the lines of half-truths.
As it turns out Carrier IQ was intended to be a utility that allows for a carrier to be able to intelligently diagnose network and phone issues that a customer might be experiencing. For example, prior to the development of Carrier IQ, a carrier might only be detecting that 1 out of every 100 phone calls being placed on their network are being dropped; when in reality it might be much closer to 8 or 9 calls out of those 100 placed. This disparity between the actual numbers and the ones being recorded by the carrier allowed Carrier IQ to see a possible use case and ended up meeting the needs of the carrier.
They haven’t explicitly admitted everything they track, but have specifically said that they track call drops correlated with GPS information, SMS information, web history and application/CPU usage.
Carrier IQ has made an effort to create a line in the proverbial sand in what they do and do not want to collect from users. They say that they don’t collect any content, whether it be what was actually sent in an SMS text message or the contents of a webpage that you access. They do however track the metadata for your activity, this includes who you sent your SMS message to and if it was successfully sent. The same can be said about your web history, they are tracking the URLs being accessed not what is actually being displayed on your screen.
Carrier IQ thinks that what they are collecting is harmless to the consumer but a debate is now forming on what type of information should be okay to track and what really shouldn’t be. Carrier IQ has stated that they don’t capture the content of what the user is doing. Content is really an ambiguous term. Carrier IQ might not consider my URL history to be a private matter. I consider pretty much all of my usage history sans maybe CPU utilization to be a private matter (no matter how mundane my life really is). Its something that really shouldn’t existing in a database somewhere, ready to be hacked, subpoenaed or looked at by a rogue employee that has decided that they want to know more about me. What becomes even more disconcerting is that this information is being tracked even while I am out of the country, on a Wi-Fi network not even connected to their cellular network.
Who knows, maybe I’m just being a paranoid parrot. Maybe no one really cares anymore about their privacy, it has been said by numerous individuals that “Privacy is dead – get over it.” I for one don’t like it and I think I’ll take my ball and go home. In all seriousness though, this software really should be industry vetted to make sure that it cannot be exploited by malicious individuals and it should be established exactly what information each carrier is tracking and for how long. This would allow consumers to identify what tabs the carriers are keeping on their customers; which I’m sure most consumers won’t like and allow for free market forces to stifle the ones being over exuberant with this tracking technology.
http://www.theverge.com/2011/12/5/2609662/carrier-iq-interview
http://www.wired.com/threatlevel/2011/11/rootkit-brouhaha/
http://www.edition.cnn.com/2011/12/02/tech/mobile/carrier-iq-reactions/
