Carrier IQ: We Only Collect Diagnostic Data

| News

Carrier IQ has come under fire for allegedly collecting personal data about user activities from smartphones, but the company says those concerns are unfounded. To help clarify exactly what types of data are collected, and why, the company has published a report detailing its role in information monitoring.

In an interview with AllThingsD, Carrier IQ CEO Larry Lenhart stated,

We’re a diagnostic software company. We love diagnostic information. We are not interested in content. And that’s where we draw the line. We don’t want content, and we don’t have the ability to capture it. Remember, the information that’s captured off a user’s device is determined by the carrier, according to their privacy agreement.

Carrier IQ found itself in the media spotlight after Trevor Eckhart posted a video showing everything he did on his Android-based smartphone logged into a file. That file, he said, included every keystroke and was being transmitted to Carrier IQ’s servers. He didn’t, however, show proof that the data actually was collected by the company.

Carrier IQ says it's not behind smartphone data loggingCarrier IQ says it’s not behind smartphone data logging

“Well, from our perspective, some of what was shown in the video was erroneous and wrongly attributed to Carrier IQ, so we obviously wanted to correct those misperceptions, and that took some effort,” vice president of marketing, Andrew Coward, said. “And, of course, there’s been a continuing clamor for understanding more about what Carrier IQ does.”

He added that the data Mr. Ekhart showed were actually Android log files and they included information that shouldn’t have been there.

“To be blunt, there was information there that shouldn’t have been. In order for Carrier IQ to get information off a device, we work with the manufacturers to deliver that information through an API,” he said. “We don’t read from Android log files; we don’t see Android log files. That info just shouldn’t be there. And, ultimately, what goes in that log file is up to the manufacturer.”

The company’s software is found on many smartphone models, although end users haven’t been aware it’s there and running until now. Traces of the company’s software has been found on the iPhone, too, although Apple said it stopped relying on Carrie IQ with the release of iOS 5.

Despite his insistence that Carrier IQ doesn’t have access to personal data and smartphone activities, Mr. Coward confirmed that in some situations SMS messages are collected, but only as a side effect of a software bug.

“We found that if an SMS was sent simultaneously while a user is on the phone, the SMS would be captured by our software. Obviously, this is something that doesn’t happen very often, but we discovered that it could happen, and we caught it,” he said.

Mr. Coward stressed that the accidentally collected SMS messages aren’t ever decoded and aren’t ever used.

The information Carrier IQ is offering now, however, won’t be the end of the questions. The company is responding to an open letter from U.S. Senator Al Franken seeking details about how data is collected from smartphones and how that information is stored and used.

Congressman Edward Markey has asked the Federal Trade Commission to look into Carrier IQ’s practices, too.

The ordeal has already spurred a class action lawsuit against companies that use Carrier IQ’s software, including Apple, Samsung, HTC and Motorola, and U.S. carriers AT&T, Sprint and T-Mobile.

The company’s data collection service, which is geared towards improving phone and network quality, could potentially be used by law enforcement as a way to gather evidence, but Mr. Lenhart says that isn’t happening. “We have been approached by law enforcement about using our technology, and every time it’s happened, we’ve determined that that’s not an appropriate use of it,” he said.

Carrier IQ’s full report is available at the AllThingsD website.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

2 Comments

BurmaYank

“The company?s data collection service, which is geared towards improving phone and network quality, could potentially be used by law enforcement as a way to gather evidence, but Mr. Lenhart says that isn?t happening. ?We have been approached by law enforcement about using our technology, and every time it?s happened, we?ve determined that that?s not an appropriate use of it,? he said.”

Would he (i.e. Carrier!Q) necessarily even be able to to know if government agencies or hackers or customized apps by the carriers were accessing Carrier!Q’s backdoors, and if there was a secret court/law ordering such access, wouldn’t he be required to deny it under current USA law? 

I’m very ignorant about these matters, but with what little I do know, it seems most unlikely that his statement could possibly be truthful.

archimedes

So what’s their excuse for logging HTTPS URLs again?

Oh I see, “what goes into the log file is up to the manufacturer.”

So Carrier IQ is completely innocent - it’s those nasty “manufacturers” who are to blame for using Carrier IQ’s software.

Log-in to comment