The ins and outs of Carrier IQ revealed by the company behind it

6. Gawain posted on 13 Dec 2011, 09:49 2

Because you are no CarrierIQ's customer. The carrier installed and utilized the reports coming from CarrierIQ. And as the carrier's customer, you agreed to their Terms of Service.

Let's use AT&T as an example. In their ToS we have the following fine print:

3.1 My Device "We may periodically program your Device remotely with system settings... ...most appropriate for your typical usage, and other features that cannot be changed manually."

**the kicker**

3.6 Can I Use Location-Based Services With My Device? "AT&T collects information about the approximate location of your Device in relation to our cell towers and the Global Positioning System (GPS). ******We use that information, as well as other usage and performance information also obtained from our network and your Device, to provide you with wireless voice and data services, and to maintain and improve our network and the quality of your wireless experience.****** We may also use location information to create aggregate data from which your personally identifiable information has been removed or obscured.****** Such aggregate data may be used for a variety of purposes such as scientific and marketing research and services such as vehicle traffic volume monitoring."

Obviously, CarrierIQ is a tool that AT&T, Sprint and T-Mobile have chosen to use.

Now, I know VZW doesn't use CarrierIQ, but certainly they have a similar provision as does Sprint and T-Mobile. This clause, or something similar has been logged since the days of the original "flip phone" in the 90s.

@nuadar1 - several folks have chimed in about HTCs ultra-invasive data collection, a tool of the Sense UI in their Android phones. There has been nary a peep from anyone. That was revealed to be quite a potential security hole. Of course, we're talking Android which basically *is* a security hole.

Folks even only got "a little" mad when it was discovered how Apple tracked usage and location data. No one tilted their head when Apple explained, "the software program isn't supposed to store that data for a year"... :-/

So, I'm genuinely wondering why this element is any different from the multitude of other news that's been reported about location based services. You think Facebook, Twitter, FourSquare, and Sony take their security seriously? We all know what a joke privacy on Facebook is. FourSquare is all about announcing where you are and where you've been and posting that on the internet (that never goes away), Twitter is arguably worse it's all about logging and keeping forever whatever you say. Sony had their gaming network hacked. Here is CarrierIQ, quietly reporting telemetry back to their carrier customers about network performance and hardware performance on that network...suddenly everyone is a student of the Constitution.