US Sen. Al Franken today demanded answers from Carrier IQ about what kind of data its software for smartphones collects and how it is used and stored. Noting that Carrier IQ has been “accused of secretly logging location and private information of millions of smartphone users,” Franken forwarded the company 11 questions, many of them with multiple parts, and asked for answers by Dec. 14.
Franken started out by asking for specifics on what types of information Carrier IQ collects, specifically whether it includes location, numbers dialed, the contents of text messages and e-mails, URLs of websites visited, search query histories, contact information from address books, and keystroke data. “What if any of this data is transmitted off of a users’ phone? When? In what form?” Franken asks. “Is that data transmitted to Carrier IQ? Is it transmitted to smartphone manufacturers, operating system providers, or carriers? Is it transmitted to any other third parties?”
Franken further wants to know if Carrier IQ has disclosed user data to federal or state law enforcement, whether Carrier IQ lets users opt out of logging and transmission of data, and what steps the company takes to protect this data against security threats. The senator strongly hints that he believes Carrier IQ has violated various federal laws.
“Does Carrier IQ believe that its actions comply with the Electronic Communications Privacy Act, including the federal wiretap statute (18 U.S.C. § 2511 et seq.), the pen register statute (18 USC § 3121 et seq.), and the Stored Communications Act (18 U.S.C. § 2701 et seq.)?” Franken’s letter asks. “Does Carrier IQ believe that its actions comply with the Computer Fraud and Abuse Act (18 U.S.C. § 1030)? Why?”