Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

Amid widespread concern over an obscure piece of smart-phone diagnostic software that some experts say could be used to collect and transmit sensitive information, a leading academic has called on the industry to give users a one-click way to see what their gadgets are actually doing.

“It would be good to have some form of auditing function built into our devices,” says Jonathan Zittrain, a Harvard Law School professor and cofounder of the Berkman Center for Internet and Society. “The auditing function can be implemented by Apple and by handset makers through Android. Make it part of the ‘About’ tab. And it would show with whom the phone has been communicating and the sorts of things it has been sending.”

Zittrain raised the idea in an interview following a controversy over software developed by a small company called Carrier IQ. Installed on at least 140 million phones, the software is designed to operate in the background and send performance data from handsets to telecom carriers, allowing carriers to diagnose dropped calls and obtain other network information.

The company was thrown on the defensive recently when a security researcher, Trevor Eckhart, said the software collected more sensitive information including “geographical location of the device, the end user’s pressing of keys on the device, [and] usage history of the device,” and posted a video showing the software capturing the text of his text messages, Google search terms, and location information—even though he’d disabled his GPS.

Carrier IQ has taken issue with the dark implications of the researcher’s report. It says the details of the implementation were up to handset makers and that its product didn’t “record, store, or transmit” personal information. That stance has been backed up by some researchers who have nonetheless called for tighter control over what the software can do and—echoing Zittrain’s proposal—for more visibility for end users.

Already, some members of Congress have gotten involved, with Senator Al Franken, of Minnesota, demanding from Carrier IQ a detailed accounting of what data was collected and who got it, including whether law enforcement ever sought or obtained permission to use the technology as a back door for surveillance. The company is slated to reply to those questions on December 14.

4 comments. Share your thoughts »

Tagged: Computing, security, privacy, Android, mobile phones, surveillance, iOS

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me