• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Current News   »   Carrier IQ fallout could lead to mobile data privacy legislation

Carrier IQ fallout could lead to mobile data privacy legislation

  • Posted on:March 16, 2012
  • Posted in:Current News
  • Posted by:
    Noah Gamer
0

 

Discussions of the privacy of mobile data were shoved into the spotlight following the revelation that many consumers' devices came with embedded tracking software developed by Carrier IQ. Now, the issue will get even more attention on Capitol Hill as U.S. Representative Edward Markey is set to introduce the Mobile Device Privacy Act.

Markey, a Democrat, recently released a discussion draft of the proposed legislation that spells out the extent to which carriers would be able to track the activities and locations of their customers.

"While consumers rely on their phones, their phones relay all sorts of information about them, often without their knowledge or consent," the lawmaker said in a statement released on his website. "I am concerned about the threat to consumers’ privacy posed by electronic monitoring software on mobile phones, such as the software developed by Carrier IQ."

Information security researcher Trevor Eckhart set off a firestorm of debate when he went public after discovering the Carrier IQ software comes embedded in many mobile devices. According to Carrier IQ itself, the software was running on as many of 141 million devices. And major services carriers Sprint and AT&T were among those who admitted to using the information the software collected.

Carrier IQ tracked everything from data usage and location to recording text messages, phone calls and voicemails. The company claims such activity is benign and meant to help service providers improve their offerings, but data privacy advocates say it's a serious infringement on the rights of mobile device users.

It's now apparent that Markey shares such views.

“Consumers have the right to know and to say no to the presence of software on their mobile devices that can collect and transmit their personal and sensitive information,” said Markey, who serves a senior member of the House Energy and Commerce Committee and is also the former chairman of the Subcommittee on Telecommunications and the Internet.

As part of the proposed Mobile Device Privacy Act, Markey outlined numerous requirements that are aimed at restricting the tracking capabilities of software similar to that developed by Carrier IQ, as well as mobile service providers.

For one, according to the draft, the disclosure of tracking software would be required at the time a device is purchased, or if the carrier installs such software remotely at a later date. Among the most serious violations of the Carrier IQ incident was the fact that nearly all of the users affected had no idea their activities were being tracked.

The proposed law would also mandate that carriers tell mobile users what types of information are being tracked and collected.

Also, consumer consent would be required before an organization could begin tracking and collecting mobile data. That also means consumers would have the option to opt out of similar programs.

Other provisions of the bill are centered on the relationship between the carrier and the third-party software vendor, according to Markey's draft. Parties receiving collected information would be required to have policies for data security in place to protect the information, while the Federal Trade Commission and the Federal Communications Commission would both have to approve the transmission of the information.

This certainly isn't the first time that mobile data tracking has been an issue. In April of last year, Apple came under fire for tracking the location of its popular iPhones. The news sparked backlash among the company's otherwise loyal customer base, prompting Apple to release a frequently asked questions section on its website.

Data Security News from SimplySecurity.com by Trend Micro

Related posts:

  1. Sprint will remove Carrier IQ from users’ devices
  2. Mobile growth leads to data security questions
  3. Mobile apps can lead to data security challenges
  4. Apple mobile devices emerge as latest data privacy minefield

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.