Friday, December 02, 2011, 07:43 am PT (10:43 am ET)
German regulators inquire about Apple's use of Carrier IQAttention surrounding Carrier IQ, software found on mobile phones that can record detailed information about how and even where a device is used, has prompted a German data regulator to seek answers from Apple.
Apple issued a statement on Carrier IQ on Thursday, revealing that the data logging software has not been a part of "most of its products" since the release of iOS 5 in October, though traces of the inactive software do remain and will be removed in a future update. But the Bavarian State Authority for Data Protection seeks more answers than Apple provided in its two-sentence statement.
"We read in the press about the privacy concerns the software may pose and decided to ask Apple about the details, " Thomas Kranig, head of the data protection authority, said in an interview with Bloomberg. "If Apple decided to cease the use, all the better."
While much of the attention surrounding Carrier IQ has been about U.S. carriers, the company does have offices for customers in the Europe and Asia Pacific regions. Its U.S. headquarters is in Mountain View, Calif.
Apple was not named in a letter sent to Carrier IQ on Thursday by U.S. Sen. Al Franken, D-Minn., requesting information on how the company's software works. Franken has shown concern that Carrier IQ has the ability to log and transmit "extraordinarily sensitive information," including specific keys pressed and numbers dialed on a smartphone.
"We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update," Apple's official statement on the matter reads. "With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so."
The Carrier IQ controversy took off this week when security researcher Trevor Eckhart uploaded a video demonstrating how the software secretly runs in the background on a stock Android-based handset from HTC, even when in airplane mode with cellular data disabled. Carrier IQ was tracked as having access to every action conducted with the Sprint phone, including key presses, numbers dialed, contents of text messages, websites visited, and even location of the phone itself.
Like Apple, Google has distanced itself from the Carrier IQ controversy, stating that it does not include the company's software in its own devices with the stock version of Android, such as Nexus phones and the original Xoom tablet. But because Android is open source, that has given U.S. carriers, and hardware makers, the ability to quietly add Carrier IQ software into their phones, and run it in a way that it doesn't even appear in the operating system's list of active tasks.
Defending itself, Carrier IQ has said its software counts and summarizes the performance of handsets in an effort to aid carriers. Its software is installed on more than 141 million handsets, and Carrier IQ claims its customers "have stringent policies and obligations on data collection and retention," while its software is "not recording keystrokes or providing tracking tools."
Speaking to John Paczkowski of All Things D, a spokesperson for Carrier IQ explained that while the company's software can "listen" to a smartphone keyboard, it doesn't log or understand keystrokes. This can be used for a technician to have a customer enter a certain code that Carrier IQ will understand.
"It's simply looking for numeric sequences that trigger a diagnostic cue within the software," Paczkowski wrote. "If it hears that cue, it transmits diagnostics to the carrier."
The company explained that it's actually the carriers who decide what is to be collected and how long it's stored. Carrier IQ said that data is typically kept for about 30 days, and the data is in control of the carriers the entire time.
Among U.S. carriers, Verizon has outright denied that it uses Carrier IQ in any of its handsets. In a statement to GigaOm, the company said claims that Verizon uses Carrier IQ are "patently false."
But the other three major U.S. carriers — AT&T, Sprint and T-Mobile — have admitted that they do in fact use Carrier IQ. In statements provided to Computerworld, the carriers said the software is used to improve wireless network performance. Handset makers HTC and Samsung said Carrier IQ was integrated into their handsets at the requests of those carriers.
On Topic: iPhone
- Apple's A8 SoC likely carrying new 6-core PowerVR GPU, clocked at 1.4GHz with 1GB RAM
- Apple's iPhone 6 and iPhone 6 Plus reach record 4 million preorders in first day
- Samsung calls Apple's iPhone 6 Plus a Galaxy Note imitation in new ad
- iPhone trade-in roundup: Apple, Amazon, Best Buy, BuyBack World, Gazelle, NextWorth, uSell, Target & Walmart
- iPhone 6, iPhone 6 Plus preorder delivery dates slip as AT&T sees biggest-ever pre-sale launch