Carrier IQ - A Not-So-Private Function

Carrier IQ - A Not-So-Private Function Dominic Smith investigates the firestorm surrounding Carrier IQ and looks at what mobile network operators must do to rebuild the trust of their customers.

Barely a week seems to go by without privacy issues hitting the headlines. Usually it is the likes of Facebook who are pushing the envelope and falling foul of their users, but last week it was a much lower profile company, Carrier IQ, who hit the news for all the wrong reasons.

Carrier IQ, the company, provides an application of the same name that runs in the background on many featurephones, smartphones and tablets. It is mainly used (though not exclusively) in the USA and essentially it does what it says on the tin, i.e. it provides intelligence to mobile network operators (or carriers) about how each device and the services it is running are performing. So far so good. We’re all in favour of MNOs monitoring and improving network and services performance.

However, trouble started brewing the moment a YouTube video was posted apparently showing the application recording keystrokes on a device. So it appeared that the application could track everything that you do, including recording usernames, passwords and all manner of other sensitive data. And once the video went viral, Carrier IQ found itself engulfed in a PR disaster which it is still trying to undo.

Whether or not Carrier IQ does all the nasty things that have been alleged, is not for me to say. However the idea of an application residing on each device to gather diagnostic data sounds entirely sensible to me. For all the QoS monitoring you can do on the network side, there’s no substitute for gaining the direct user experience in the field which is why things like drive testing have been so widely used.

But the proliferation of different devices and service types, means that the user experience can vary greatly according to which device and service is actually being used, and it’s no longer just about making ‘test calls’, there’s data services, streaming video and so on that need to be monitored.

The big problem with Carrier IQ is the fact that most consumers had no idea that it was actually there when they purchased their device. So suddenly it seems like there’s a covert surveillance operation going on and someone is snooping on what they are doing!
One of the great benefits of the internet is how quickly and easily information can be distributed and shared. The problem with this is that misinformation spreads just as fast, if not faster. And so when there’s a lack of real information about what is happening from the operators or application providers, then the rumour mill goes into overdrive and everyone believes the worst.

The reality is that in the digital age in which we all now live, there is an exponentially increasing amount of data being generated and processed about our lives on a daily basis. Whether it is our grocery shopping habits at the local supermarket, or the public transport network that we ‘swipe-in’ and ‘swipe-out’ of, this information is being collected and analysed in order to improve the services that we are provided.

The difference with most of these schemes though is that we are in some way incentivised or rewarded for opting-in, through special promotions and discounts relating to our usage profile. So maybe this is where the MNOs using Carrier IQ went wrong? If consumers had been offered discounted handsets or reduced tariffs for agreeing to have the application activated on their devices then perhaps the reaction would be different?

Whilst the younger generation, or ‘digital natives’, are growing up with a large digital footprint seeming normal, it is the older generations who are na├»ve when it comes to how the basic technology works. For example, it’s all very well objecting to having a mobile phone mast in your street, but then don’t complain when the network coverage is poor in your area. You just can’t have it both ways.

Although there is an understandable focus on making applications intuitive and easy to use, the flipside to this is that when applications ‘just work’ it may be lulling users into a false sense of security. What is really needed here is education. Much more effort has to be made in increasing awareness of how communications technology works, so that consumers can avoid unwanted surprises.

Just look at the ‘phone-hacking’ fiasco here in the UK. In most cases this was not so much hacking, but more the result of people in the public eye not understanding why they might need to change their voicemail PIN from the default code. Similarly, the regular stream of bill shock stories is the result of many users still having no understanding of how data services are charged when roaming.

There’s clearly a long way to go in educating the public, and with technology evolving so quickly it will need to be a continual awareness programme. Whilst Bob Hoskins famously said ‘It’s good to talk’ in the BT adverts of the 1990s, Google now says it’s ‘Good to Know’ in its UK campaign to promote safer Internet use. Delivered in partnership with the Citizens Advice Bureau, the campaign is running in newspapers and on public transport and explains some of the basics about things like password security and cookies.

I’m sure the Google-haters and cynics will see this as just advertising, which in plain terms it is. However by offering security advice and explaining how they use the vast amount of data collated through search, Google are building the confidence and all-important trust of the public. Following the firestorm around Carrier IQ, MNOs and perhaps the industry associations could take a leaf out of Google’s book when it comes to promoting communications technology awareness and explaining it in plain and simple terms.
Blog post currently doesn't have any comments.
 Security code