IMO, this is a slippery slope argument. The actual phone OS, which is certainly "logging key presses" is also an opportunity for exploitation via vulnerabilities. I fail to see how software is a special case? Additionally, the carriers are certainly storing and tracking your movement and location, and storing your SMS (how else do you suddenly get them when you turn your phone on after your plane lands?)
I think the subtle difference here is that we as consumers have a implicit understanding that the OS and the carriers must store and handle our data in order to provide the services to us that they do. We must trust them if we use their devices and networks.
That trust is given because the data sensitivity is proportional to the disclosure and scrutiny of the providers. The phone, its OS and who provides the network inherently have access to all your data, a huge responsibility, so no attempts are made to hide or obfuscate who those companies are and what they're doing. You know Samsung makes your phone, it runs on android and you use the Verizon network. CarrierIQ seems to have access to all the same data your OS and carrier has, yet their presence is not made transparent/known to the user of the phone.
That said, it's not clear to me what CarrierIQ's integration is like? Is it purely a software framework Android uses to log and store metrics for the carriers? Is it a 3rd party app installed by the carrier to help them store user metrics? How antonymous is CarrierIQ with the data? Do CarrierIQ engineers see your data or is it just for the carriers? Until that's clear, it's anyone's guess.
I think the subtle difference here is that we as consumers have a implicit understanding that the OS and the carriers must store and handle our data in order to provide the services to us that they do. We must trust them if we use their devices and networks.
That trust is given because the data sensitivity is proportional to the disclosure and scrutiny of the providers. The phone, its OS and who provides the network inherently have access to all your data, a huge responsibility, so no attempts are made to hide or obfuscate who those companies are and what they're doing. You know Samsung makes your phone, it runs on android and you use the Verizon network. CarrierIQ seems to have access to all the same data your OS and carrier has, yet their presence is not made transparent/known to the user of the phone.
That said, it's not clear to me what CarrierIQ's integration is like? Is it purely a software framework Android uses to log and store metrics for the carriers? Is it a 3rd party app installed by the carrier to help them store user metrics? How antonymous is CarrierIQ with the data? Do CarrierIQ engineers see your data or is it just for the carriers? Until that's clear, it's anyone's guess.