The CBS TV show “Person of Interest” started as science-fiction, yet despite no change in its premise, it is becoming just drama.  Its premise of pervasive video and audio surveillance is no longer very fictional, and these technologies raise real-world privacy concerns for consumers.

 

In the last week, news has featured Carrier IQ, a wireless smartphone software that might lead to nasty privacy issues.  Carrier IQ is installed on AT&T, T-Mobile, and Sprint smartphones.  It can record all keystrokes and send them back to a carrier’s collection facility, providing one side of a typed conversation.  But by matching the key logs of calling and called parties (which may require cooperation between carriers), the entire conversation could be available. Whether the carrier has activated this key-logging and what each carrier does with the information are unanswered questions.  Note to Congress:  this is not partisan, so don’t pervert it.

 

When asked under FOIA what it knows about Carrier IQ, the FBI refused on grounds, “The information you requested is located in an investigative file which is exempt from disclosure.”  So, is Carrier IQ exempt from FOIA because the FBI is using Carrier IQ to conduct investigations and/or are they investigating others’ potentially criminal use of Carrier IQ?

 

There are secondary questions.  Since the software is not installed by all carriers, it might be for marketing research (“help improve the user experience “) or an engineering tool.  On the other hand there might be a differently-named CDMA equivalent (installed on Verizon smart phones) that accomplishes the same results.  That would make the key-logging and central collection more sinister.  It would be useful to know if Carrier IQ is configured in a way that an individual phone can be activated or whether it’s an all or none choice.  That answer would let us know how useful (and efficient) a tool it could be for law enforcement use.

 

While “Person of Interest” is an amusing drama where Robin Hood-like heroes act on stolen private communications, it’s not an acceptable template for real life.  Without pretending expertise in privacy law, it seems that use of software that enables key-logging and central collection of an individual’s use of his/her phone should be permitted only on an clearly presented (not buried in legal twaddle) consumer opt-in signature or for law enforcement under a court order.

 

Alan Daley is a retired businessman living in Florida.  He follows public policy from the consumer’s perspective.

 

 

 

Share:

With over 20 years in the communications industry, Alan has collaborated on policy development with elected officials and government professionals. He launched two successful businesses; one in mobile communications devices and earlier, a software writing consultancy specializing in financial and economic analysis. He wrote several books on software and technology. He writes on state and national economic policy, regulation, finance and other topics from a consumer perspective.