A carrier insider talks about Carrier IQ

Why do the network operators want or need with technology like Carrier IQ?

A network engineer from a major UK operator has spoken to me under condition of anonymity and spills the beans on Carrier IQ.

Q: Had you heard about carrier IQ before this data logging story broke?

A: Yes, it's a name that's been going around for a few years now. I think the company has been around since 2006, but I first became aware of them in 2010.

Q: When did you first hear about Carrier IQ?

A: The company was promoting it's services to the company I work for.

Q: Did the company you work for use Carrier IQ technology?

A: No.

Q: Are you aware of any carrier using Carrier IQ?

A: As far as I'm aware of, no carrier in the UK uses Carrier IQ.

Q: What about specific handset manufacturers?

A: Yes, they can use it for their own data collection. Depends who licenses the service.

Q: Apple, for example?

A: Yes, I understand that the iPhone has used this technology.

Q: Why is Carrier IQ not used by UK carriers?

A: Compared to the US networks, the network in the UK is pretty small and has fewer handsets connected to it. Also, the carriers themselves can collect most of the diagnostic information they want from the network itself. I suppose there could be regulatory issues too, but I'm not in a position to comment on that.

A: So it's used in the US?

A: Yes.

Q: Which carriers?

A: I know for a fact that AT&T use Carrier IQ. Not sure about the other carriers.

Q: What's Carrier IQ used for?

A: Mostly network diagnostic stuff, especially connection failures and disconnects, and areas where signal strength is poor or non-existent. It can also be used to collect metrics such as calls made (number and duration), SMS messages sent and received, web usage, how apps are used, network data throughput and even how often the handset crashes. Carrier IQ promotes their service as a way for network operators to improve the network and user experience, not a snooping tool.

Q: Is it opt-in?

A: Check your contract. Chances are it specifies that the carrier can collect diagnostic information as a condition of you connecting to the network. If that's the case, you've opted-in already.

Q: Can Carrier IQ be used on tablets?

A: Yes.

Q: Does the data collected information that can identify the user?

A: Not as far as I'm aware of. The data that I've seen only identifies handsets by make and model.

Q: Does Carrier IQ collect keystroke information/phone numbers/SMS contents/web searches/contacts, etc?

A: Not that I'm aware of. I can't see how that information would be relevant. If nothing else it would also be a lot of information to collect and send. That kind of thing would also attract all sorts of problems. Whatever network the handset was registered to would already have access to data on calls, SMS and web usage anyway, so it wouldn't make sense for any carrier to pay a third-party to collect that direct off the handset.

Q: So why does it look like Carrier IQ is collecting information on SMS messages and keystrokes?

A: Can't say. Maybe it's a hidden feature. Maybe it's there by mistake.

Q: Do you think that Carrier IQ is a privacy issue?

A: No and yes. No in that I don't think that any carrier is using it to snoop on what users are doing. Carriers already have access to a lot of information on what its subscribers are doing simply because it's their network being used (that's how they know how much to bill you!). A carrier that was snooping on its users would be opening itself to a world of pain if caught. However, if Carrier IQ is actually logging keystrokes and SMS messages, then that's a problem because it's possible for that stored data to leak from the handset, either accidentally or through malicious intent.

Related:

• Android bloatware results in serious security flaws
• Zack Whittaker: Which phones, networks run Carrier IQ mobile tracking software?
• 7 questions that Carrier IQ needs to address immediately
• So, there’s a rootkit hidden in millions of cellphones
• How to disable the Carrier IQ ‘rootkit’ on your iPhone
• CarrierIQ: Follow the money and it is the carriers behind it
• Finding and cleaning out your smartphone’s Carrier IQ poison
• Senator demands answers over Carrier IQ mobile phone tracking
• AllThingsD: Carrier IQ Speaks: Our Software Monitors Service Messages, Ignores Other Data