Dieter Bohn and Sean Hollister from The Verge managed to score a big interview with Carrier IQ VP Andrew Coward. Coward reaffirms Carrier IQ’s earlier statements, maintaining that the company isn’t violating any wiretapping laws or doing anything untoward but he also manages to open up a bit more about exactly what Carrier IQ does do and why.
The entire interview is well worth the read — and our kudos to Bohn and Hollister for securing such a win — but we were struck by a few aspects of the conversation.
1. The Carrier Is the Customer, Not End UsersThe fact that “Carrier” is in the company title might make this point obvious, but it’s worth reiterating that Carrier IQ’s customers are not end users. Instead, the customers that Carrier IQ is paid to serve are the wireless carriers themselves.
This is one reason Carrier IQ is so quick to try to defer blame and finger waving in their direction. As Coward said to The Verge,
…”If we were a normal application company, we’d have to build up trust and say ‘do you mind if we do A, do you mind if we do B, do you mind if we do C.’ But in the service provider world, that question just hasn’t really come up… until recently.”
2. That Log File Belongs to Android, Not Carrier IQPerhaps the most concerning portion of Trevor Eckhart’s Carrier IQ video was the fact that the software appears to log every keystroke and message on a device.
According to Carrier IQ, however, the log file with so much information doesn’t belong to Carrier IQ. It’s just a standard Android system log file.
Coward says that Carrier IQ has a set list of things that it will log when its software isn’t working correctly. He notes that, “it’s up to the manufacturer to decide whether to place that in the log file of a shipping device.”
Coward also says that logging is the wrong word to describe what Carrier IQ does. Instead, it should be described as “filtering keys that get pressed to pattern match.”
3. Data Is Stored for Roughly 30 Days and Its Use Is Strictly Dictated by the CarrierCoward says that Carrier IQ’s data retention policies are based on operator agreements and that “on average, it’s about 30 days.” Moreover, Coward asserts that data degrades quickly. The implication is that historical data is not only uncommon but un-useful.
Coward also makes it clear that Carrier IQ cannot do anything with the data outside of the auspices of the operators.
“We are not allowed to resell it, we cannot process it in different ways, we can only do what’s been asked for. There’s no sort of third use, if you like, for the data.”
4. Opt-in/Opt-out Decisions Are Up to the Carrier, Not Carrier IQCarrier IQ really doesn’t want to be involved in any decisions about whether or not the user should be able to decide to hand their data over.
Coward says, “we provide the framework where opt-in or opt-out could be delivered, and how our clients choose to implement that is a function of the confidence and trust that they have with their customers.”
He refuses to make a value judgment one way or another about whether Carrier IQ wants data to be opt-in or opt-out. Still, a reasonable person can come to the conclusion that making it more difficult (or impossible) for users to opt-out of data collection is in Carrier IQ’s best interest. After all, what good is data collections software and diagnostics if no one is offering up their data?
5. Carrier IQ Dodges the “How Securely Is My Data Transmitted” QuestionFor us, the most troubling aspect of Carrier IQ isn’t necessarily the amount of data that is being collected. In fact, our own Lance Ulanoff opines that the company isn’t evil, its just misunderstood.
As an end user, my biggest question is about how securely the information that Carrier IQ collects is transmitted. On this issue, Carrier IQ really dodges the issue.
Coward demurs questions about data protection and encryption in transmission, saying he expects that “the guys that reverse engineered that code over the last few days will probably talk all about it.” That might be true, but it doesn’t do a whole lot to inspire confidence about how securely that data is transmitted and then stored.
Moreover, if phone makers are installing and logging their own data — and that data is separate (or even a copy) of the data Carrier IQ is sending, there is no real guarantee that the information is properly protected.
It reminds me of the big brouhaha over Locationgate. As an end-user, my only real concern in that scenario wasn’t that the data was being stored — or even that it was backed up locally. My concern was that the data backups were not encrypted by default.
Even if I trust Carrier IQ to do everything correctly, what’s to say that the standard Android log file that is capturing key strokes and other information for Carrier IQ isn’t accessible through holes in the phone manufacturers code. It’s easy for Carrier IQ to say that isn’t its problem. However, if Carrier IQ is going to collect device information from a phone, it should work with operators and phone makers to ensure that their data collection and storage policies for unrelated (but possible overlapping) data collection is properly protected.