Agency in the World of CarrierIQ

CarrierIQ probably has had better weeks than the past couple.

People all over are attacking them for their software, embedded in many Android devices. And, truth be told, they clearly shoulder plenty of blame. The carriers that demand their software and the device manufacturers that integrate it are not exactly as pure as the driven snow, though. Hence, it is tough to discern exactly who should be raked over the coals for decisions like:

  • Having a back-door into devices, activated by an SMS, that transmits data to a server that could be intercepted, given sufficient time and talent

  • Having a magic sequence of characters that, apparently typed anywhere, would trigger some similar behavior (in theory, this should only be in the dialer, but then why is the device and CarrierIQ sniffing on all keystrokes, rather than just stuff in the dialer?)

  • And so on

The biggest problem, though, is the attitude that our devices aren’t ours.

As Rupert Goodwins put it in an opinion piece on ZDNet:

The problem with Carrier IQ isn’t in the software or the data, it’s in the culture that hid it, denied it, and took control away from the users.

As danah boyd points out, the key to privacy is agency. The fact that some data is distributed beyond the user’s control isn’t intrinsically a problem — plenty of users do that already just by posting to Facebook. It’s that the users lack control over what is distributed and when that’s a problem.

Admittedly, it’s a slippery slope. Lots of Android developers use analytics to track what’s used (and not) within their distributed applications. But mandatory, control-less analytics is CarrierIQ writ small. Users should be able to control what analytic data gets collected, if any. Few developers offer this level of control, and I suspect it’s for the same rationale that carriers use. Developers say “it’s my app” in much the same way that carriers say “it’s my phone”. While it is the developer’s code and it is the carrier’s network, it is not the developer’s usage data and it is not the carrier’s treasure trove of data mined by CarrierIQ, without the user’s explicit and continued permission.

So, if you are a developer writing apps with the Android SDK, and you use analytics, silent crash logging, or similar sorts of techniques, you really need to ponder why you are any better than the CarrierIQ and cronies cohort. Consider providing SharedPreferences that allow users to opt out, even if you are opting them in initially.

Meanwhile, I need to spend more time figuring out how to get more phones into the hands of more people where the users control what the phones do.


Find out about new posts on the CommonsBlog via the Atom feed, or follow @CommonsWare on Twitter!