Carrier IQ: private data pirates

By Nicole Dionne

It’s possible that the Carrier iq story has been blown out of proportion, but there’s currently no way to tell. The whole situation is sketchy, and those involved aren’t making it any better. Part of the confusion is that what Carrier iq does — and is capable of doing — differs between carrier companies and devices. At best, Carrier iq, which is a third-party metrics service that you’ll find on most smartphones, is sending encrypted diagnostic information to carrier companies. At worst, third party companies can read your text messages. While security experts squabble about just how bad thesoftware is, Carrier iq is continually revealed to be incredibly sinister.

When a security blogger first posted about the issue, Carrier iq shot off a cease-and-desist letter and threatened legal action. Since then, Carrier iq has refused to provide information on what exactly is being collected, how it’s being collected and where that information is being stored. Service providers who are clients of Carrier iq, along with device manufacturers who may have installed the software on the phones, are trying to distance themselves as fast as possible instead of answering the legitimate questions of those people whose information was collected without permission.

This is theft. The information is valuable to the mobile device industry. While diagnostics can and have been used to improve the cellular network and the battery life of cellular phones, such benefits to customers doesn’t make it right to collect data without permission. People have a right to decide if, when and what information is being gathered about them.

The correct way to approach any data information gathering is to make it an opt-in feature where users are informed of exactly what information will be collected and what information will be sent before agreeing. Once you’ve agreed you should be able to rescind it and you should be able to view what data has been collected at any time.

Instead of fixing the issue, parties involved are playing coy, trying to pass blame onto each other. This is the industry’s attempt at damage control, but it’s boiling down to a lack of transparency that’s destroying consumer confidence while our personal information is being taken without consent.

Leave a comment