Eckhart first raised a red flag about Carrier IQ about two weeks ago when he started investigating reports that a software update on the HTC EVO 3D included "user behavior logging" code. The code had worried some geek bloggers when it showed up a couple months ago, but HTC and Sprint insisted that it wasn't much different than normal error-logging software and certainly didn't gather granular data like "contents of messages, photos, videos, etc." Eckhart wrote an exhaustive blog post about his startling findings: CarrierIQ collected lots data, including keystrokes, and there's no way for the user to opt out "without advanced knowledge." CarrierIQ flipped out. The company sent Eckhart a cease-and-desist letter demanding that he keep his mouth shut and threatening legal action. But after the Electronic Frontier Foundation (EFF) took a look at the case and determined that Eckhart was working within his First Amendment rights, CarrierIQ backed off but still denied that its software recorded keystrokes.
This week, Eckhart fired back with a 17-minute long video showing in painstaking detail how much data CarrierIQ collects, effectively undercutting the company's denial. It was even logging contents of text messages! Wired posted the video on Tuesday night and cemented CarrierIQ's status "as one of nine reasons to wear a tinfoil hat." The magazine explains how CarrierIQ even undercuts other companies' security measures:
Oh, we're definitely in tinfoil hat territory now. CarrierIQ and the carriers have yet to respond to the latest claims -- we're doing our best to chase them down -- but if past smartphone tracking scandals are any precedent, they could end up answering to Congress.
Like many things in life, there are a couple of different ways to think about smartphone tracking. One way approaches privacy from a forward-thinking, technology-trusting and, heck, even progressive perspective. GPS-equipped smartphones are incredibly powerful tools that enable mankind to do all kinds of amazing things, thanks to the perpetual stream of data from the Internet. However, that stream flows both ways, and sometimes, the folks that build and maintain the network need to monitor your data in order to improve the technology. Who wouldn't want better service?
This brings us to the second approach. Tracking is creepy. In an Orwellian kind of way, it makes people nervous -- especially Americans -- that the government or the corporations or the system is closing in on them and stealing their freedom. Of course, not everybody feels so strongly about privacy, but as long as you can opt out, it should be fine. This seems be where privacy agnostics as well as advocates both get concerned. Some people don't mind being tracked, but nobody wants to be tricked. Last week, Sen. Charles Schumer spoke out about a program at some malls in Virginia and Southern California that were anonymously tracking shoppers' movements by tracking their cell phone signals, and the only way to opt was by not going to the mall. Schumer did not approve. "Personal cell phones are just that -- personal," the New York senator said in a statement. "If retailers want to tap into your phone to see what your shopping patterns are, they can ask you for your permission to do so."