Proposed Legislation Seeks to Avoid Another Carrier IQ Incident
When the whole Carrier IQ can-of-worms was opened up late last year, United States lawmakers quickly found themselves at the center of the fiasco, responding to constituent pressure to hold Carrier IQ, the carriers themselves, and hardware manufactures liable for their roles in the affair. One of the most outspoken, leading the efforts to investigate Carrier IQ, was Massachusetts’s Representative Edward Markey. Markey hasn’t forgotten about the issues behind the fiasco, and wants to make sure a similar situation doesn’t happen again in the future. To that end, he’s drafted legislation dubbed the Mobile Device Privacy Act.
The Act seeks to increase transparency and put users more in control over what software resides on their smartphones. Markey explained, “consumers have the right to know and to say ‘no’ to the presence of software on their mobile devices that can collect and transmit their personal and sensitive information.”
Under the MDPA, if a network operator wanted to install the likes of Carrier IQ on its users’ phones, it would need to disclose the software’s presence to its subscribers, and obtain consent to gather and perform actions with data collected from the software. Any sharing of that information with third-party companies would require formal registration with both the FTC and FCC.