14
Sep
170px-Seal_of_the_United_States_House_of_Representatives.svg

Privacy on your mobile phone is kind of a big deal. And a company named Carrier IQ made it an even bigger one about a year ago by getting all up in a bunch of people's business. If you don't remember the Carrier IQ debacle of last winter, let me give you a rundown.

First, a guy named TrevE figured out that a company called Carrier IQ had its software installed on a bunch of phones, and that it was taking a lot of data from those phones. Like, scary amounts. And all that data went back to Carrier IQ, who then passed on some of it to the carriers.

Then, Carrier IQ basically denied this was happening. It was complicated. Then they kind-of-sort-of decided it actually was happening (sometimes), but that it wasn't really their fault.

And then, they sued TreE, over some bogus copyright infringement allegation. Two days later, Carrier IQ decided that was actually not a very good idea, and dropped the lawsuit.

The end result of this was a truly epic PR disaster for the company, a mass-exodus of its major clients, and even statements by non-clients attempting to distance themselves from the whole debacle. This all really upset Al Franken, too. The public reaction, though, can best be summed up in this video:

So, a guy (congressman, whatever) by name of Edward Markey (D-MA) decided that this probably shouldn't happen again, and introduced a bill in the US House of Representatives today called the Mobile Device Privacy Act.

The gist is this: if your phone comes with tracking software, it needs to tell you that from the moment you turn it on. Then, it needs to give you an option to opt-out of that tracking. It also needs to tell you what it's tracking, who gets the information, and how it will or might be used. Anyone collecting mobile device data would have to keep tabs with the FTC and FCC on exactly what sort of tracking they're doing, and both agencies would gain new authority to enforce these rules (probably through fines).

Will it pass? That's pretty hard to say. The mobile industry (carriers, in particular) is vehemently opposed to such a bill, as tracking software allows them to collect information about coverage, quality of service, and regional demand - all extremely important in planning network rollouts, or identifying trouble spots. Handset makers collect data about usage, bugs, and various other stats, as well. This bill would give users a choice in deciding whether or not they want these companies getting such data, so they're going to fight it tooth and nail.

We'll doubtless see how this plays out in the next few months, but don't be surprised if the bill gets stuck in committee - lobbying money has a funny habit of finding its way into policy discussions.

Mobile Device Privacy Act via Extreme Tech

David Ruddock
David's phone is whatever is currently sitting on his desk. He is an avid writer, and enjoys playing devil's advocate in editorials, and reviewing the latest phones and gadgets. He also doesn't usually write such boring sentences.

  • http://www.facebook.com/profile.php?id=567821345 Pablo Enrique Mojica

    Too bad money will get involved in the decision making. Ideally this is how it should be.
    But even if passed there will be other loopholes. Carriers will simply put an "accept this agreement or refuse to use our services" type of scenario.

  • Asphyx

    You know what really bothers me about all this crap is not the tracking of personal data because hell half the people who have phones give it all away anyhow by running all these social apps...
    But the fact that they have to transmit all this tracking data somehow and all that data usage winds up on YOUR bill that YOU pay for!
    They complain they can't give unlimited data accounts because the bandwidth is just so tight that they need to ration it, yet there is more than enough bandwidth for them to pass tracking data on my dime!

  • JG

    Does anyone know how likely people are to OK random user statistics to be sent back to HQ on some software (I believe Firefox & Chrome both ask)...I'd imagine this would have a similar acceptance rate... I know I generally allow it - and probably would on the phone... Then maybe the carrier could see that there's a big dead spot in the middle of town & they need to set up a new tower or whatever... Or Google could quickly find out that their new Maps update is FUBAR on 99.9% of all Rezounds, so they can call up HTC & figure out whats causing it to quickly get a fix out....

    Also, I'm curious if the bill will enable carriers (or OEMs, etc) to be able to "punish" users who decline to be tracked, or "force" users to agree... "It is mandatory to accept tracking in order to participate in our Truly Unlimited Everything plan"... Or "Check out this awesome app... It only works if you're being tracked, other wise it just sits on your phone taking up space, eating up your monthly bandwidth and you can't do a thing about it"

  • http://www.facebook.com/andresdroid Andres Schmois

    funny video (still not sure which side it takes but w.e.). As for the actual article, I'm totally ok with giving my information away as long as it can't be traced back to me, and it will be used to improve things, like Google does with their GPS service.

  • Dan

    "Accept this agreement or get the hell off our network" is exactly how it will be and how it SHOULD be. Regardless of the FUD being shoveled all over the place, the fact remains that you WANT your carrier to be keeping track of signal strength on your phone, dropped calls, etc. That's the only cost effective way to make the network not suck.

    As for "personal information", WTF are you talking about? Are you scare they're going to read your text messages? Every damned text message you send has to GO THROUGH the carrier's network. If they want to see what you're texting, they can just read the damned things on their servers and/or store them for as long as they like. They don't need to install anything on your phone to do it. Don't like it? Get off their network or shut up.

    Is your contact list part of the "personal information" that you're so worried about? Guess what? You're using a freakin' Android which means that 99.997% of you have your phone's contact list backed up to Google contacts. How does that data get to/from the Google servers? By going through the carrier's servers! Is that data encrypted before it leaves your phone so that the carrier can't just keep a copy of it? I'll bet you have NO FREAKIN' CLUE what the answer is without going and trying to look it up on the web somewhere. If it's so damned important, how is it possible that you don't already know the answer?

    What about your emails? DUH! Same answer. Does your email client encrypt the data before it leaves your phone? Unless the answer is YES and unless you are absolutely 100% certain that it's yes without needing to go look stuff up on the web, then you're just being stupid by raising a fuss about this. So, is it encrypted? Do you honestly, 100% know the answer? If not, then this entire topic matters to you only because somebody has decided to play on your ignorance and stir you up for their own purposes.

    What about your desktop computer? Every game or app that you've ever installed on your computer is capable of reading every document on your drive, including your emails and contact list if you're using Outlook or another non-web email client. Why don't you have your panties pulled up your crack over that horrible "security problem"?

    tl;dr
    This is FUD designed to stir up the mindless. Stop being sheeple and take 5 minutes to actually THINK.

    • AnonymousIndustryEmployee

      I don't like the idea of "accept this or don't user our network" for mobile-based monitoring applications, but Dan's got a valid point. If a bill like this passes, the monitoring will just move to the network instead of the phone. There's no net privacy improvement here, but at least we won't be (directly) footing the data bill for unwanted monitoring traffic.

      • AnonymousIndustryEmployee

        "use" not "user". Though "user" as a verb could make for some interesting connotations.

      • DCMAKER

        if they monitor network their are ways to protect yourself. TOR, Hamachi whenever win8 comes, VPNs, and other avenues. You are not out of options

  • jurrabi

    Man, if this works out I might even start to think that the US is not that bad after all...

  • Tim Thompson

    congressman needs to mind his own business... imo

    • D

      Right.. like those nice folks at CIQ do?