Trevor Eckhart, a developer involved in uncovering a huge security vulnerability that affected several HTC devices, was recently threatened by Carrier IQ (CIQ), a company involved in gathering various forms of user data and sending it to carriers or manufacturers for analysis. For those who haven't been following the story, here's what happened:
Trevor Eckhart found several training manuals on CIQ's website. These were publicly available. Trevor shared them with the community, explaining just how far-reaching CIQ's data collection practices are. At this point, CIQ became aware of the fact that sensitive information had been exposed, and pulled the files from their website.
When Eckhart kept sharing the information, CIQ got angry. The company sent Eckhart a cease and desist letter, and threatened legal action due to copyright infringement and defamation. Eckhart promptly contacted the Electronic Frontier Foundation, a foundation that seeks to defend individuals' rights in the digital world. The foundation agreed to help, and quickly confirmed what everyone was thinking – CIQ's claims and threats were totally unfounded, and would not hold up to law.
Today, CIQ withdrew their legal threat in a fax from CEO Larry Lenhart, apologizing "for any concern or trouble that our letter may have caused," and going so far as to offer the chance to discuss the issues Eckhart exposed:
In addition, we would welcome the opportunity to start a discussion with you about these issues that we believe will be helpful to us, to our customers and to customers that use mobile devices.
Looking to do a little more damage control, Carrier IQ even released a media alert to "clarify some recent press on how our product is used and the information that is gathered from smartphones and mobile devices."
In the end, it looks like Trevor's research and reporting was even more useful to the community than previously thought. CIQ's ensuing debacle drew plenty of attention to the company, and the larger issue, making data collection a topic on the tips of many users' tongues in recent days.