As Mobile Marketing Watch has covered consistently in recent months, late last year the Carrier IQ scandal sent mobile privacy advocates and smartphone users into a frenzy.
The Carrier IQ software is what’s known as a rootkit that is installed at a carrier’s request on mobile phones. Carrier IQ raises user privacy concerns because it runs in the background and monitors and logs user activity.
Before carrier and handset makers began backing away from it, Carrier IQ was believed to have been installed on more than 100 million devices around the world.
But despite the negative PR black eye that Carrier IQ has endured over the last year or so, AT&T Mobility is still defending its use of Carrier IQ’s software.
That much is clear through a new filing with the FCC. According to the company, data gleaned from Carrier IQ has been “invaluable to AT&T in improving its network and the services it offers to its customers.”
AT&T maintains, however, that the information was acquired and employed responsibly.
“The CIQ data in the archive file is uploaded daily in encrypted format to AT&T servers located inside AT&T’s secure firewalls and is not retained in the archive file on the device,” AT&T said in the filing. “CIQ data is erased so that it is no longer retrievable from the AT&T CIQ servers 60 days after being uploaded from the device, subject to any legal holds that may apply. Personal information is encrypted before CIQ data is sent to downstream systems, which have a 90 day retention period. Data in those systems may be decoded by authorized personnel for certain, specified purposes such as data validation or customer care. After 90 days the encrypted data is eliminated so that CIQ data is only available in the aggregate.”
Does AT&T’s filing and pledge of support for Carrier IQ concern you in any way as a mobile user? Please weigh in with a thought or comment below.
