Senator and former late-night funnyman Al Franken has called on Carrier IQ to explain why its diagnostic software, buried in the bowels of 141 million smartphones, isn't a massive violation of US wiretap laws. In a letter sent to Larry Lenhart, CEO and president of the Mountain View, California-based software maker, Franken …
Ex-comedian, most serious man in congress.
I don't know if I should be more impressed with Al Franken (and I am) or suprised that the conventional political class can't do much in comparison.
For British readers: don't you wish someone had written a letter like this to start their investigation of the Phorm trials?
Have you seen our comedians?
How do we find a good one.
Gawd help us if Jo Brand, Al Murray or Mark Thomas ever got in as an MP.
And don't even mention Michael McIntyre shudder.
This a well written query. Extremely well written.
Ex-comedian or not, I hope we get some answers out of this..
> Ex-comedian, most serious man in congress.
What the f**k are you on about?
I'm from Minnesota, and I'm still convinced Franken and his supporters committed fraud to get him elected. But at least with letters like this, I don't feel nearly as resentful as I did back then.
@ Dr Ellen
Are you effin serious? Norm Coleman was the one who spent untold millions of out-of-state dollars trying to turn his obvious loss around and in turn cost the state untold millions on a wild goose chase. Minnesota could certainly use that cash now.
Man, a state that gave us Governor Jesse "The Body" Ventura and Senator Al "Stuart Smalley" Franken is a state I wish I still lived in.
Eddie Izzard? If he ran*, they would vote
* For election, not marathons (again)
were either too stupid, too afraid or paid by the culprits. Go Al Go!
Oh, I don't know
I'd probably tip my hat to Chris Morris, Charlie Brooker..
Probably a few others too.. Hugh Dennis.. no doubt a lot more, my list isn't exhaustive. Plus, I'm knackered and have had a few drinks.
But of course, the ones you mentioned would be an absolute embarrassment.
Is Carrier IQ required by law to answer Al Franken's questions? What happens if they a) Ignore the letter, b) Answer falsely?
Not being facetious, as a non-American I have no idea what powers this sub-committee has to enforce its requests.
Not sure about responding to the letter
...they *might* get away with ignoring it or lying (I don't know) but it's not a good idea. I don't *think* either act would be considered illegal, but it would probably just piss of Frankin and co to the point where they call a formal hearing on the matter.
That last bit is the real power of an Al Frankin (or, rather, his sub-committee) in this situation. They can subpoena (i.e. legally compel) the Carrier IQ folks in to attend a hearing, under oath and threat of perjury charges if they lie, in which their only protection not to answer questions truthfully is the 5th Amendment (an Article of our Constitution which protects citizens from being forced to testify against themselves).
For more info around Congress' power to subpoena and the legal background on it this link is pretty good:
If they ignore the letter they should probably expect to receive a summons to appear before the committee Franken is the chairman of and they will appear or be dragged in by law enforcement authorities.
Answering falsely would be much worse. As it would fall under Title 18 US Code Section 1001 it would likely entail prison time for the poor sod they put up as sacrificial lamb. This is what the gov't used to get Martha Stewart since they couldn't actually prove any SEC violation but she did lie about it. Likewise Marion Jones was jailed for lying about taking steroids and not actually taking the steroids.
@AC & Eddy Ito
Great posts - thanks. So basically this is a serious piece of paper, not the fluff that was used with the dealings with Phorm here in Europe.
Good to hear, curious what results it will bring.
Not sure Title 18 applies to congressmembers.
The wikipedia page on it says "Hubbard v. United States, 514 U.S. 695 (1995), was a United States Supreme Court case which held that 18 U.S.C. § 1001 did not apply to the judicial branch, and by implication, to the legislative branch of the Federal Government." As Congress is part of the legislative arm of government, I don't think it is covered, so lying in response to an informal letter written by a congressman is probably ok. (As opposed to lying in a response to a sub poena or in testimony to a committee, which is a different matter, but so far this guy has just written them a letter, exactly like any non-congress citizen could do, and the response is not on oath, so they can say what they like.)
Re: Not sure Title 18 applies to congressmembers.
That makes sense as the case you speak of pertained to a Mr. Hubbard who filed for bankruptcy protection in court and allegedly falsified information. It seems clear that subsection (a) we are speaking of would not apply inasmuch as it is excluded by subsection (b) because the bankruptcy would qualify as a judicial proceeding. I understand the Hubbard opinion cited United States v. Bramblett, 348 U.S. 503 (1955) and felt that decision to be in error but managed to avoid a direct confrontation with or revocation of that case. As it always seems with the Supremes, or any court really, it apparently depends most on who you get and what their mood is on that particular day. Also even when it seems like it should be clear to we non-lawyer types the lawyers and Justices can always make it more complicated than it really seems to be; although I agree with anything that puts some kind of binders on an overzealous justice department.
1001 subsection (a)
"... whoever, in any matter within the jurisdiction of the executive, legislative, or judicial branch of the Government of the United States, knowingly and willfully— (1) falsifies, conceals, or covers up by any trick, scheme, or device a material fact; ... shall be fined under this title, imprisoned not more than 5 years..."
1001 subsection (b)
"(b) Subsection (a) does not apply to a party to a judicial proceeding, or that party’s counsel, for statements, representations, writings or documents submitted by such party or counsel to a judge or magistrate in that proceeding."
The 5th Amendment is in the Bill of Rights, not the Constitution itself, but still carries the same authority as an Article.
Don't get it...
This software does not all of the sudden appear on all different kinds of phones. This software is installed on the phone by someone else.
So why hound CarrierIQ, asking it if they agree that this constitutes a massive leak, privacy problem, bla bla bla? It's their software, it's their revenue selling it to the providers! Of course they will say something along the lines of 'We know nossing... Nooosssing!' (in your best Sergeant Schultz accent)
I would like to know why a Verizon, AT&T, etc. allows this software on their phones.
So far, from what i'm reading, it seems that phone X, sold in the UK, connected to a UK provider, does not contain this software, but phone X bought in the US, from a US provider, does.
What's up with that?
to badly quote a former US President
It depends on your definition of "does"!
Am I the only one who thinks Anonymous and the like are trying like mad to get onto the Carrier IQ servers right now?
I hope they do...
It may be the only way we learn what data they're gathering.
They'd better do it quick. I can hear the shredder starting up as we speak.
Be careful what you ask for
What if this spyware was created at the request of the US government?
Just posted something that addresses this...
After a little digging, I discovered that Larry Lenhart, the CEO of Carrier IQ, is also CEO of an alternative energy corporation called Catilin, Inc. that received $44 million from the Department of Energy under Obama.
So, what you suggest is not at all implausible. The Obama Administration is not at all what it has tried to portray itself as. In fact, Obama makes Nixon look downright virtuous.
I hope this expands to the carriers - the real culprits here. Yes, they have the legal authority to monitor their network, but they can do that already without putting a rootkit on *your* phone.
From the video:
1) CarrierIQ logs form data submitted over HTTPS pages (i.e. bank passwords)
2) It logs traffic sent over *your* WIFI network
3) It continues logging and possibly reporting back to the carrier even after you cancel your service
These have nothing to do with legal monitoring that the carriers are allowed to do. This has everything to do with wiretapping - which means someone needs to go to jail, if found to be true.
Love him or hate him, at least he give a darn about Smart Phone privacy.
"Love him or hate him, at least he give a darn about getting his name in the paper."
Fixed it for you...
THIS LOOKS LIKE A CASE OF.....
a red hot poker up someone's a***.
If true imagine the implications.
You're doing it wrong
The proper phrase is "red hot poker up the jacksie".
Carriers are the people that put this software there
This software in those OS by default, the carriers put it there and they new it. Perhaps they didn't know how 'deep' the CIQ software goes, but the are the people reponsiblity for that software being on your phone.
For me, glad I've got a Windows Phone!
Sometimes it is good to be a minority...
I am glad for you an sad for myself, but per articles on the Internet those are carriers who requst bundling of CIQ software.
To me it looks obvious what are the most profitable smartphones on, say, AT&T - iPhone and the army of Droids - they are wiretapped, Windows phones are not.
On the other hand Verizon does not preinstall wiretapping software on their phones... I wonder if it is the right time to change my carrier.
Hang about, I'd happily have Frankie Boyle as P.M.
Or Boris Johnson as...
Any time a company gets hauled before congress it's not going to end well.
NebuAd got spanked .
Apart from the previous comments, why is Carrier IQ recording its users activity?
With the exception of privacy concerns, I disagree with Sen. Franken on, well, damn near everything. Al, I'm impressed!
After a little digging:
Larry Lenhart, the CEO of Carrier IQ, is also CEO of an alternative energy corporation called Catilin, Inc. that received $44 million from the Department of Energy under Obama.
Does Al Franken really want to pursue this one?
Given the Solyndra scandal...
HELL yeah! As for Carrier IQ and the carriers perhaps being coaxed into putting this in by say the CIA, then it's a case of one hand not knowing what the other is doing: which usually spells trouble anyway.
Won't someone think of the carriers?
People had to authorise the installation of this software on phone before distribution to customers. Are any of those people helping with the enquiries? What are the terms of their contract with Carrier IQ?
They're clearly a sleazy bunch, but that doesn't immediately make them culpable. When was the last time a firearms manufacturer got sued or prosecuted as the result of a shooting, hmm?
Too damned right. The Phorm problem wasn't that Phorm existed or with their software. It was that BT decided to implement it.
The only reason that things like Phorm and Carrier IQ exist is because they know damned well that the carriers are greedy, venal, amoral bastards who'll sell their own children for a load of juicy data to flog to advertisers.
Carrier IQ lied about what the software does (or is capable of).
So it's more like a firearms manufacturer stating 'don't worry - our guns only fire blanks' and THEN somebody using one to commit murder - the gunman could even argue that they thought the gun was safe to play with. Sure, the scumbag who used the gun (carriers) are culpable but the manufacturers would also have a case to answer for any deceit in the matter.
Looking forward to this one to be honest..
Wait until it comes out that Carrier IQ is a major data collection contractor for the NSA.
I'd rather have Mark Thomas, Mark Steel, Marcus Brigstocke, Frankie Boyle or Stewart Lee as an MP than most of the sods that were elected last year.
It's good to see at least some sort of pressure moving on this issue so quickly.
Log reader, not packet sniffer
The video that was posted here on thereg the other day showed the guy reading a log file over USB, he wasn't using a packet sniffer and his video didn't show the data being sent off anywhere.
I said it then, and I'll say it now, I want to see proof that the data is actually being sent off somewhere and isn't just a log file on the phone.
Phorm Mark II?
Calling you out
"former late-night funnyman Al Franken"
When the blazes was Franken funny? Seriously, I remember watching SNL a lot back when he was a regular writer, and I can't say laughs could ever be attributed to him, Al Franken.
Mine's the one with the Best of Garrett Morris dvd in the pocket.
An actual HONEST politician!
One of the few times I have voted for ANYONE and been glad was when I voted for Al Franken. And I'll vote for him again! Hes a great guy.
We don't know it's actually *logging* anything
All the video shows is that it is receiving events when keypresses are made etc - there's no evidence from the video that it is actually logging and/or transmitting any of these on. It might simply be that in order to get the events it reasonably needs for diagnosing issues it has to get *everything* and then ignore the things it doesn't.
On the other hand, it could of course be logging all of this which would be bad, but compare it to for example an AV application on a PC, which does intercept a lot of things to check for viruses, but is not syphoning off any of that data etc...
I have more respect for Mr. Franken than any other member of Congress. Heck, I've been tempted on several occasions to move to Minnesota just so he can be my congressman.
Intelligent, articulate, remarkably well-informed, and not afraid to stand up for/to anybody.
Get the lube ready
CarrieriQ can ignore the letter, respond with a written canned response that is untruthful. Either action would be stupid. CarrieriQ is a privately held firm who has several investors who can't be happy about the events that have taken place up to this point. After Trevor Eckhart reported his findings, which included the company's training materials, Carrier IQ attempted to silence him with a cease-and-desist letter, demanding he replace his analysis with a statement disavowing his research. The company has since retracted its threat and apologized for its behavior, but not without first earning a black eye in the process. This is damaging enough to have caused Franken to write this letter, asking very direct questions which it would be wise for them to not ignore because he can subpoena them to appear before his sub committee and they would definitely HAVE to do that. At such a public sub committee hearing, they will be asked these pointed questions. There is no doubt that CarrieriQ won't go down alone. They will surely point the finger at the carriers and the handset manufacturers. Apple has distanced themselves from them and doesn't allow the type of privacy invasion as what's happening on Android. Their investors may quickly want to distance themselves from the impending scandal.
Ha ha ha ha ha ha ha ha ha ha
Ha ha ha.....etc......
I haven't got a smartphone.