Is Carrier IQ, Samsung and HTC Violating the Federal Wiretap Act?

  • After an Android security researcher discovered that CarrierIQ was capable of collecting personal information from SMS, emails, photos, keystrokes and URLs, the company has been the target of severe criticism.
  • Now, CarrierIQ faces a class action lawsuit — as do Samsung and HTC — for violating the Federal Wiretap Act.
  • Plaintiffs are demanding millions of dollars in penalties paid to users with the logging software on their devices.
  • The company vehemently denies the charges, restating that the software is used solely to help wireless operators provide optimal service by logging information concerning dropped calls and failed messages.
  • TechCrunch notes that no carriers face charges as of yet, but are likely to in the near future.

Carrier IQ Responds with Claim its Software Only Monitors Service Messages

  • Earlier this week, ETCentric featured a PC World article that claimed “an app called Carrier IQ is logging literally everything you are doing on your smartphone including keystrokes, SMS messages and HTTPS sessions.”
  • The network diagnostic tool maker has since told AllThingsD it does not log or understand keystrokes but only monitors them looking for a specific code that support technicians use to cue appropriate diagnostic information.
  • CIQ also noted that it does not read SMS messages or content associated with website URLs even though it can see messages come in or capture URLs.
  • “Okay. Then what information is being captured and passed along to the carriers who use Carrier IQ?” asks AllThingsD. “Data related to call quality, battery life, device crashes — everything you’d expect, really.”
  • Andrew Coward of Carrier IQ explains, “If there’s a dropped call, the carriers want to know about it. So we record where you were when the call dropped and the location of the tower being used… Similarly, if you send an SMS to me and it doesn’t go through, the carriers want to know that, too. And they want to know why — if it’s a problem with your handset or the network.”
  • According to a related Ars Technica article, Apple has issued a statement hoping to curb fears about tracking via the iPhone and iPad: “We stopped supporting Carrier IQ [a piece of software that tracks user activity] with iOS 5 in most of our products, and we’re going to remove it completely in a future software update.”

Is the Carrier IQ Rootkit Tracking Everything on Your Smartphone?

  • As an Android, Blackberry or Nokia user, you may not know that an app called Carrier IQ is logging literally everything you are doing on your smartphone including keystrokes, SMS messages and HTTPS sessions. Other articles on Carrier IQ report that this information is being sent to the carriers.
  • Apparently, there is no way for a user to turn Carrier IQ off without replacing the operating system.
  • A former Justice Department prosecutor has told Forbes that this is “likely grounds for a class action lawsuit” as it violates federal wiretapping law. This story is beginning to get a significant amount of attention online.
  • To see Carrier IQ in action, watch the 17-minute video posted to the PC World article.