U.S. Senate weighs in on the Carrier IQ phone-snooping issue.
Carrier IQ has received a letter from the United States Senate Committee on the Judiciary. This committee has a number of roles, and the privacy issues raised in this matter would fall under Internet privacy and possibly federal criminal law. Senator Al Franken drafted the letter as he is chairman of the Subcommittee on Privacy, Technology and the Law.
Given the software has been demonstrated to collect certain keystrokes, intercept SMS messages, and even record information in browsers that should be encrypted, it is easy to see how Internet privacy issues are raised. As Mathew Schwartz wrote Thursday, these actions might run afoul of wire tap laws as well.
Senator Franken has asked Carrier IQ to respond to a series of questions, and then ever so politely ended the letter with "I appreciate your prompt attention to this matter." Translated into English that means "you need to drop whatever you are doing and respond to this letter or face a Senatorial subpoena."
To make sure Carrier IQ understands this is not the usual government inquiry, Franken writes that the logging and transmitting of data "may violate federal privacy laws, including the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act. This is potentially a serous matter."
The letter goes on to pose a number of questions, like are user's locations logged, is the content of inbound and outbound emails and SMS messages logged, are search queries logged, etc.?
Senator Franken wants to know what is transmitted off of the phone to carriers, Carrier IQ's servers, phone manufacturers, operating system providers, or third parties.
The deadline for answering this letter is December 14. Depending on what the answers are, Carrier IQ may satisfy the senate committee, but I don't think there are any answers that will satisfy users. At this point, what carrier or manufacturer would still want this software on their phones?
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.