Carrier IQ is a real hot topic right now and I (as everyone probably did) assumed that your carrier was collecting some information on your calling habits, a lit bit of location information etc…. But I was taken aback by just how deep it seemed the carrier could get “inside” your phone and tell exactly what you were doing whenever they pleased. So I decided to dig deeper to find out exactly what the carriers could and could not do and how much they could see what we are doing on our phones.
Here is what I found out from a “person in the know”.
Phones that have Carrier IQ have because it was installed into the phones manufacture. Someone just couldn’t drop some code into the device and let them run with it. You have to open up high level API’s for this to work. These are generally not API’s that a normal developer would have access to. This means that the Carrier IQ software has to be embedded in the OS. It seems the OS maker almost has to make a decision as they are making the OS to use Carrier IQ.
How much information can your carrier find out about you and your habits if your phone has Carrier IQ on it?
A LOT!! Essentially the devices are configured by each carrier to collect the data that the carrier feels is relevant to their investigations. They can include, location, tower in use, battery level, web page, app in use, apps open, apps installed, signal strength, Software version of the device, etc… They probably know more about what your phone is doing at the moment than you do.
That raises the question is this information collected anonymously or does the carrier know it’s my phone?
It seems that the carrier is collecting information in mass and doesn’t really care from who’s phone the data is coming from. It seems user information (MCCID) is not part of the data stream. IP address likely is, but it would take a lot of leg work to pair the IP at a given time to a given user on the network. This data is all transmitted to the Carrier IQ data collection server via the web to what is commonly called a White Listed IP address (Consumer is not charged for data going to and from this server.) Then the carrier can access and manipulate the data through a web portal and make key decisions based on what is seen.
Why would a carrier want this information and how would it be used?
Lets use the example of carriers receiving a lot of calls from New Yorkers saying that they are having signal issues on 5th avenue. The carriers “investigation” team would log in to Carrier IQ and pull up the area in question. They would be able to see call drops, etc… and look at what may be causing them. Then they see that all of the drops are happening on say the Droid Incredible. Then they look deeper, possibly even in another system, depending on what data they can get from the device that is having the issue, and if they see that the device is responding improperly to a network command and inadvertently dropping calls. They then call the manufacturer, file a bug report and wait for the correction. They can also take steps on the network to ensure that the issue is kept in check until a bug fix is in. The theory is that you can also drive this to issues with certain apps. By logging info about apps, like threads that they open, memory that they use, you could potentially find and eradicate apps that are causing device failures as well. There is also to be a self test function. The user could run the self test to see if the hardware and software of the device are behaving properly. But most users aren’t aware of this feature expect for a few developers and hardcore tech geeks.
Are the carriers using this information for malicious purposes?
From what I found out, they are not. It is truly being used to improve service, find out if towers are down, apps/programs have bugs in them and are causing phones to crash, or service to be lost. They could use the Carrier IQ easily for other things but they do not seem to be at the moment.
What’s the bottom line from all this?
The bottom line is everyone that is has a phone with Carrier IQ on it (Again Nokia phones DO NOT have Carrier IQ on them) is the “can you here me now guy” for their carrier if they want to be or not. Which there is not wrong with per say if (and this is a big if) your carrier would have let you know up front in a meaningful way that they were collecting this information.