"Mostly network diagnostic stuff, especially connection failures and disconnects, and areas where signal strength is poor or non-existent."
Which you point out can be obtained from the network (and is done so in the UK), since when a handset drops without disconnecting is known to the network.
"It can also be used to collect metrics such as calls made (number and duration), SMS messages sent and received, web usage, how apps are used"
As the security expert points out they're intercepting the URLS, including web searches and URLS for https sessions. This is Phorm all over again, only far far worse.
"network data throughput"
Which is measurable on the network.
"Carrier IQ promotes their service as a way for network operators to improve the network and user experience, not a snooping tool."
And Phorm promoted their service as a way of making money.
"Does the data collected information that can identify the user?"
It is collected PER HANDSET, it includes the HANDSET ID, the carrier has the HANDSET ID for billing purposes, ergo it IDENTIFIES THE USER.
"Q: Do you think that Carrier IQ is a privacy issue? ... No and yes....Carriers already have access to a lot of information"
This is the key point, this app serves no useful diagnostic purpose, the useful stuff the carrier already has. What it collects is stuff that the carrier has no business knowing, what videos you play, what music you play, what searches you make on Google's HTTPS service, when/where you take photographs etc..
The carriers DO NOT MAKE THE HANDSETS, they do not program the handsets. This was a HTC app, branded by HTC, installed by the maker of the handset.
The actual network bandwidth, bad disconnects, etc, all of this is measurable on the network.
Discussion on:
Message 5 of 1
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
