Sections

Services

Information

US United States

Carrier IQ knows everything you do on your phone … but why?

What if you used your smartphone, knowing you might be sharing certain information, but had no idea what exactly was being shared? Or why you might be sharing it? If you knew someone could be recording…

Ever had the sense someone’s watching over your shoulder? Nick Chill Photography

What if you used your smartphone, knowing you might be sharing certain information, but had no idea what exactly was being shared? Or why you might be sharing it?

If you knew someone could be recording anything you’ve written, said or did; where you went; the applications you used and when; the websites you visit and how you tend to navigate to them?

According to tech bloggers across the web, this is now a reality courtesy of Carrier IQ.

Carrier IQ – a hidden embedded analytics program that developer Trevor Eckhart recently publicised – has been found inside potentially millions of smartphones ranging from Blackberry, to Google’s Android and even – as has been known for some time – Apple’s iOS.

You might think your phone activity is secure because it’s in “airplane mode”, but with Carrier IQ you might want to think again. Everything is potentially able to be logged and transmitted. But to where, exactly and why? No-one knows.

In a statement released today, Andrew Coward of Carrier IQ said the company gathers only very specific diagnostic information, and does not read people’s texts. “We are not storing, analysing or otherwise processing the contents of those messages,” he said.

The company, we are told, uses any information collected to benefit “customers”.

But who are those “customers”? Mobile phone users? Security firms? Data mining and behavioural marketing firms? Or perhaps the carriers themselves? We may never know.

To add to the confusion, volunteer programmers, not the companies that are potentially liable for this privacy incursion, are now showing Android users how to verify and remove Carrier IQ if their phones have the tracking software.

That’s right – we have independent Android developers who not only oversee our privacy but also act as moral customer service and technical support. It’s comforting to know at least a few people care and are taking action.

To my mind, Carrier IQ is one of the fastest-trending technology scandals ever, with privacy and legal implications so massive we can’t even begin to foresee the consequences, which, according to former Justice Department prosecutor Paul Ohm, could involve serious breaches of the US Federal Wiretapping Law.

And there are further complications. How do we explain why hardware manufacturers, such as HTC and Samsung, appear to embed different versions of Carrier IQ, a tracking program meant for mobile “carriers”, deep inside millions of their smartphones?

But it’s not the technical details we should preoccupy ourselves with – it’s the broader ethical ones that concern our relationship with emerging technology.

Our societal definition of privacy is in fast transition. To what, exactly, we can’t say. As with Facebook’s patchy history of “opt-in” sharing and increasingly sketchy privacy “default” settings, companies and service providers now seem impervious to the implications of coercing millions of people into providing sensitive data to third parties without their express consent.

Privacy is too often an afterthought.

Facebook’s privacy breaches were recently settled with the Federal Trade Commission and the company is now on privacy “probation”. But the FTC should not be responsible for protecting people’s privacy.

Mobile phone information is highly personal and sensitive. Call logs, keystrokes, mobile location data and SMS records are about as sensitive as information gets.

Software providers, mobile carriers and hardware manufacturers alike have potentially violated people’s privacy in such a way that it will be a challenge to reconcile and regain their paying – and in many cases loyal – consumers’ trust.

Harvard fellow Danah Boyd defines “privacy” as the ability to control what we share.

It’s crucial to understand privacy in this sense: it’s not about what we share, how we share, or even choosing not to share. It’s about control. Whether providing personal information to others or volunteering our personal data to help with research, privacy is about choosing what we share. It’s about knowing we had a choice.

Establishing practical and ethical boundaries is long overdue. It’s time for governments to take a proactive, rather than reactive, approach when it comes to people’s privacy and information.

Otherwise, as Carrier IQ has demonstrated, corporations and less-than-benevolent interests might take control of it for them.

Read more on Carrier IQ here.