If you’ve set up a new mobile phone recently, you were likely prompted with an innocent-sounding request for your “usage information.” The phone probably assured you that it would collect your data “anonymously,” and that it would send the information back to the carrier or phone manufacturer to “improve your service.” In theory, this sounds reasonable. If your phone keeps dropping calls when you’re at work, wouldn’t you want it to report back its troubles? If all your coworkers’ phones also drop calls, maybe the carrier will notice that it has a dark spot in its network and try to fix the problem. For just this reason, I’ve always opted in to my phone’s diagnostic monitoring—I consider it a kind of civic duty, like calling the fire department if you see a cat stuck in a tree (though you’re not actually supposed to do that, turns out).
The problem with diagnostic monitoring, though, is that phone companies don’t say how they do it. What kind of information can they collect from your phone? How often? What do they do to ensure that the data isn’t personally identifiable? Over the last few weeks we got some answers to these questions. They’re not pretty.
Trevor Eckhart, a 25-year-old software-systems administrator in Connecticut, posted internal documents and a scary video showing what our phones know about us. Eckhart exposed the capabilities of Carrier IQ, a company that makes software used by several carriers and phone companies to gain “insight into their customers’ mobile experience,” as the firm describes it. Carrier IQ’s software, which is completely hidden from users (and could continue to work even if you opt out of your phone’s diagnostic monitoring), is capable of logging and reporting back pretty much everything that happens on your phone. It can see the apps you use, the sites you visit, your physical location, and it can even log your individual keystrokes, which means that it can read your text messages and passwords.
Carrier IQ says that while its software can collect a lot of data, it only stores and analyses a subset of information (like dropped calls and text messages that don’t go through) which carriers ask for. The company initially threatened Eckhart with a copyright-violation lawsuit for posting the documents, and then retreated when the Electronic Frontier Foundation offered to back him. Since then, Carrier IQ, phone manufacturers, and major carriers have offered various vague and unenlightening statements assuring users that they’ve done nothing wrong.
It’s hard to believe them: After seeing what Carrier IQ can do, you don’t have to be paranoid to fear that your phone is watching you. Indeed, that’s probably a rational assumption at this point. Earlier this year, researchers showed that the iPhone regularly logged users’ physical location and saved it to a file on their P.C.s. Apple countered that the phone didn’t actually log your location—it kept a database of Wi-Fi hotspots near your location, which is sort of like the feds reassuring you that they’re not watching your house, they’re just watching all your neighbors. Still, Apple’s justification sounded justifiable. The firm argued that logging location data allows your iPhone to find itself on a map very quickly.
But these innocent explanations are exactly why you should worry that your phone is secretly invading your privacy: Between the manufacturer, the carrier, the O.S. maker, and all the other hands that touched your phone, there are more than enough opportunities to add software that overreaches, either benignly or with some malicious purpose. I’m generally wary of lawmakers who jump on a scandal to capture headlines, but I’m glad that Sen. Al Franken is demanding that Carrier IQ thoroughly explain how its software works. I hope other lawmakers and telecom regulators not only join Franken, but go further: There should be a law requiring that phone manufacturers disclose exactly what their handsets are capable of monitoring and where it sends that information. This information should be right there on the box or the contract, like a surgeon general’s warning.
We need such a law because our phones seem to know a lot more about us than we know about them. It’s even difficult to tell which phones come with Carrier IQ and which don’t. Apple, Google, HTC, Research in Motion, Samsung, AT&T, Sprint, and T-Mobile have all issued statements that essentially pass the buck. HTC, for instance, says that mobile carriers “required” the company to install Carrier IQ on its phones. RIM, meanwhile, says it does “not pre-install the Carrier IQ app on BlackBerry smartphones or authorize its carrier partners to install the Carrier IQ app before sales or distribution.” But do carriers need authorization to install the app—can they do so on their own? Apparently so, because as Eckhart pointed out, Carrier IQ does make a version of its software for BlackBerry phones. Then there’s Apple, which says, “We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update.” Wait, what’s with the “most” there—which Apple devices have it and which don’t? And what if you’ve got an iPhone that’s too old to run iOS 5, the company’s latest mobile operating system—does that mean your phone’s got the spy software? Apple hasn’t said.
There is another school of thought on mobile tracking that goes roughly like this: privacy, schmivacy. As long as the phone companies aren’t actually breaking into your bank account, who cares if they’re watching where you go and what you do? You’re probably not very interesting, so what’s the worst that could happen? As David Pogue says, “Yes, Big Brother is watching you. … And you know what? I’ll bet he’s bored to tears.”
Most of the time—when it comes to Facebook, for example—I agree with that argument. But I don’t think we should blindly agree to being monitored. It may be inevitable that our phones will watch everything we do. But at least they should tell you what they’re looking at, so you can decide if you want to hide.