Carrier IQ is killing the interwebs.
Just to be clear, it isn’t a measure of how intelligent our nation’s warships are. No, Carrier IQ has gone from being a fairly benign Android-specific nuisance to being labeled as a consumer privacy menace that has attracted the attention of Congress. And it managed to do that in less than a fortnight.
In proving wrong the adage that “all news is good news,” CIQ has managed to also give us a few lessons in how not to manage a media crisis.
Just what is Carrier IQ?
Way back in February, an XDA forumite, while sharing a ROM he had created, revealed a program he had discovered interwoven in stock ROMs of Samsung (and later, HTC) devices. He pointed out that though it was billed as a a metrics collecting tool, the potential of what it could do was far greater … even the ability to collect keystrokes.
That last piece of news was greeted with a good deal of consternation by affected Android users. At the time, there was a lot of finger pointing, but CIQ was able to deflect a lot of criticism by playing blame pong with the carriers (specifically Sprint). There was plenty of discussions about to how to get it removed in the development community, and the story did get a lot of attention within Android circles.
Fast forward to November. An Android developer named Trevor Eckhart claimed that he discovered that CIQ existed not only deep within the OS of Android devices, but within Nokia and… security experts worldwide may gasp — BlackBerry devices as well. And then came the gravest revelation of all: specific iPhones were included in the list. And this is where it began to get very, very ugly.
When Eckhart revealed some of the more insidious features of CIQ, such as how stealthy it was, a collective consumer scream was unleashed. The carriers and manufacturers acted as expected… they (minus Verizon, which seems to be the only one of the Big 4 US carriers that does not package CIQ software into its devices) did the ostrich to start, and then came the denials and hot potato handling. And then, not to be undone, CIQ decided that shooting itself in the foot was the preferred option.
At this point, the situation was still manageable. CIQ probably could have shielded itself from more scrutiny by deflecting inquiries to the carriers.
CIQ decided to play The Bully. It threatened legal action against Eckhart, and demanded a public apology. Unfortunately for CIQ, the uproar attracted the attention of the Electronic Frontier Foundation, who came to Eckhart’s aid; CIQ had to back down and apologize themselves. The legal threats against Eckhart ended up hurting CIQ even more than anything else. People started wondering what CIQ had to hide.
Senate has asked them to testify. And, to answer the question on everyone’s mind, yes, a class action suit is already underway.
Now, people are divided as to what the CIQ software actually does. Even more polarizing is what entity (carriers, CIQ itself) is more culpable. The one thing that seems clear is that CIQ could (and should) have dealt with it better. A detailed public relations campaign contingency plan should be developed by corporations in an internet age.
The moral of the whole dilemma dealing with issues of an ethical nature, it may be wise to collect oneself before firing from the hip… or else, Al Franken may come calling.