Carrier IQ, maker of a network diagnostic tool installed on millions of smartphones, has a simple rebuttal to accusations that its software logs keystrokes on the devices on which it is installed:
While CIQ might “listen”* to a smartphone’s keyboard, it’s listening for very specific information. Company executives insist it doesn’t log or understand keystrokes. It’s simply looking for numeric sequences that trigger a diagnostic cue within the software. If it hears that cue, it transmits diagnostics to the carrier.
So, for example, if during a support call a technician asks a customer to enter a short code, CIQ will be listening for it; when it’s entered, CIQ will relay the appropriate diagnostic information to the carrier. Any keystrokes beyond that are ignored.
“The software receives a huge amount of information from the operating system,” Andrew Coward, Carrier IQ’s VP of marketing, said. “But just because it receives it doesn’t mean that it’s being used to gather intelligence about the user or passed along to the carrier.”
So what are we really seeing in security researcher Trevor Eckhart’s video, which shows Carrier IQ collecting all sorts of information about how a phone is being used and where?
“What the Eckhart video demonstrates is that there’s a great deal of information available on a handset,” says Coward. “What it doesn’t show is that all information is processed, stored, or forwarded out of the device.”
Okay. Then what information is being captured and passed along to the carriers who use Carrier IQ? Data related to call quality, battery life, device crashes — everything you’d expect, really.
“If there’s a dropped call, the carriers want to know about it,” says Coward. “So we record where you were when the call dropped, and the location of the tower being used. … Similarly, if you send an SMS to me and it doesn’t go through, the carriers want to know that, too. And they want to know why — if it’s a problem with your handset or the network.”
And Coward is quick to point out that CIQ isn’t doing anything nefarious with our text messages, either.
“We don’t read SMS messages. We see them come in. We see the phone numbers attached to them. But we are not storing, analyzing or otherwise processing the contents of those messages.”
The same is true of Web site URLs. CIQ has the ability to capture them, but not the associated content. So it might note a device having trouble accessing Facebook, but not the content on Facebook itself.
Which is reassuring. That said, CIQ still has the ability to capture a wide variety of user data. So who is determining what exactly is being collected?
The carriers. They decide what’s to be collected and how long it’s stored — typically about 30 days. And according to Carrier IQ, the data is in their control the whole time.
“It’s the customer that determines what data is collected,” says Carrier IQ CEO Larry Lenhart. “They make that decision based on their privacy standards and their agreement with their users, and we implement it.”
On this point, Lenhart is particularly emphatic. “We capture only the data they specify, and provide it to them,” he reiterates. “We don’t capture more than that.”
Which sounds a bit like “we only do what they asked us to,” but, as Coward reminds us, the carriers’ behavior is governed by their contract with customers.
“What’s actually gathered, stored and transmitted to the carrier is determined by its end-user agreement,” he says. “And, as I’m sure you’re aware, the carriers are highly sensitive about what data they’re allowed to capture and what they’re not allowed to capture.”
Trevor Eckhart did not respond to a request for comment.
(*Handy euphemism for “pattern match filtering.”)
Here’s a freshly released Carrier IQ statement:
MOUNTAIN VIEW, Calif., Dec 01, 2011 (BUSINESS WIRE) — To clarify misinformation on the functionality of Carrier IQ software, the company is updating its statement from November 23rd 2011 as follows:
We measure and summarize performance of the device to assist Operators in delivering better service.
While a few individuals have identified that there is a great deal of information available to the Carrier IQ software inside the handset, our software does not record, store or transmit the contents of SMS messages, email, photographs, audio or video. For example, we understand whether an SMS was sent accurately, but do not record or transmit the content of the SMS. We know which applications are draining your battery, but do not capture the screen.
“Having examined the Carrier IQ implementation it is my opinion that allegations of keystroke collection or other surveillance of mobile device user’s content are erroneous,” asserts Rebecca Bace of Infidel Inc. a respected security expert.
Privacy is protected. Consumers have a trusted relationship with Operators and expect their personal information and privacy to be respected. As a condition of its contracts with Operators, CIQ operates exclusively within that framework and under the laws of the applicable jurisdiction. The data we gather is transmitted over an encrypted channel and secured within our customers’ networks or in our audited and customer-approved facilities.
Carrier IQ is aware of various commentators alleging Carrier IQ has violated wiretap laws and we vigorously disagree with these assertions.
Our software makes your phone better by delivering intelligence on the performance of mobile devices and networks to help the Operators provide optimal service efficiency. We are deployed by leading Operators to monitor and analyze the performance of their services and mobile devices to ensure the system (network and handsets) works to optimal efficiency. Operators want to provide better service to their customers, and information from the device and about the network is critical for them to do this. While in-network tools deliver information such as the location of calls and call quality, they do not provide information on the most important aspect of the service – the mobile device itself.
Carrier IQ acts as an agent for the Operators. Each implementation is different and the diagnostic information actually gathered is determined by our customers — the mobile Operators. Carrier IQ does not gather any other data from devices.
CIQ is the consumer advocate to the mobile operator, explaining what works and what does not work. Three of the main complaints we hear from mobile device users are (1) dropped calls, (2) poor customer service, and (3) having to constantly recharge the device. Our software allows Operators to figure out why problems are occurring, why calls are dropped, and how to extend the life of the battery. When a user calls to complain about a problem, our software helps Operators’ customer service more quickly identify the specific issue with the phone.