There’s been a growing buzz over the last couple of weeks about Carrier IQ and its presence on several Android devices across several major US carriers. There is no question that Carrier IQ has deep access to sensitive user data, and questions around the handling of that data are completely legitimate. While this is true, there are also credible reports that a deeper look at the mechanics of Carrier IQ’s software indicate a bit of hyperbole in labeling it a root kit. In short, it doesn’t appear that they are sending your keystrokes straight to the carriers.
We’ve received a number of inquiries from our customers as they’ve learned about Carrier IQ, and we’re encouraged that the mobile community is paying increasing attention to privacy risks associated with their mobile data. Based on what we know so far, it doesn’t appear that Carrier IQ’s software is malware, and for that reason it’s not flagged as such by Lookout. It is software that is developed in partnership with carriers with the intent to improve network performance. As far as we can tell, it meets this description in execution.
Metrics are all the rage these days, and it’s hip to be a metrics-driven company. It’s critical to consider users’ privacy, however, and the more sensitive the data that is being touched, the more critical it is to give your users a clear opt-out path. While this isn’t currently an option provided by Carrier IQ and its partners, we’re hopeful that it will become one in the near future.
We intend to continue this conversation with our users, network operators, Carrier IQ, and the mobile ecosystem in general. We’d also like to know how you feel about it – feel free to sound off in the comments or reach out to us directly at feedback@lookout[dot]com.