Carrier IQ has come under a lot of fire about how much data its monitoring service collects, and governments are concerned about whether there are any privacy violations occurring. Manufacturers like Apple and RIM have been quick to distance themselves from the company, while others like HTC and Samsung may be liable for their involvement with Carrier IQ.
In response to the backlash, Carrier IQ has released a 19-page document explaining what exactly their app does, and what it doesn’t do. Its primary goal is to inform wireless network operators of when, where, and how calls are dropping so those service providers can make appropriate adjustments. Heatmaps like the one above are generated to give a clear picture of where signal strength is good and where it needs improvement.
Specific customer data is really only accessible through carriers, whose customer service agents can match up IMEI serial numbers gathered by Carrier IQ with the provider’s own records. Beyond recording call drop incidents, information can include which apps you have installed, so carrier customer service can identify those which might be posing an extra burden on the battery, or otherwise affect device performance. The big worry was that Carrier IQ was recording specific keypresses, which we’ve seen being a part of the app’s internal debugging process. That sort of thing is well outside standard practices for app development, but Carrier IQ says that the particular instance caught on video was simply HTC forgetting to turn the “recording everything” switch off.
“Our investigation of Trevor Eckhart’s video indicates that location, key presses, SMS and other information appears in log files as a result of debug messages from pre-production handset manufacturer software. Specifically it appears that the handset manufacturer software’s debug capabilities remained “switched on” in devices sold to consumers. … The IQ Agent does not use the Android log files to acquire or output metrics. “
The specifics of what is and isn’t gathered is determined by a carrier-generated profile, which is shaped largely by their terms of service with end users. There was apparently a bug that captured very specific signal data, which in turn may have given plain text details of SMS messages, but Carrier IQ also clarified that situation in the document:
“Carrier IQ has discovered that, due to this bug, in some unique circumstances, such as a when a user receives an SMS during a call, or during a simultaneous data session, SMS messages may have unintentionally been included in the layer 3 signaling traffic that is collected by the IQ Agent. These messages were encoded and embedded in layer 3 signaling traffic and are not human readable. … No multi-media messages (MMS), email, web, applications, photos, voice or video (or any content using the IP protocol) has been captured as a result of this profile bug, as only SMS traffic is embedded in layer 3 signaling messages to deliver SMSs to/from devices.”
As for who actually loads up the monitoring tool, the IQ Agent app can either be embedded at the manufacturing level to get some deep data on radio strength, or pre-loaded by manufacturers just before shipping phones off to carriers. The app can be loaded up by end-users too, but that’s a relatively rare situation.
Personally, I’m not too worried about this sort of stuff; it’s understandable that carriers need to know some pretty personal information to make sure your phone is working right, and it sounds like there are enough safeguards in place to prevent any significant plain text translation. You can get a closer look at exactly what kind of data Carrier IQ can gather in Exhibit A and B of their release.