Carrier IQ and thoughts about privacy....

Several days ago a security researcher discovered hidden software running on many cell phones produced by a company named Carrier IQ.  It appears that on certain phones with certain carriers it logs every keystroke, and tracks practically everything the subscriber does with their phone.  Predictably, most people are not very happy about this and there has been a firestorm on technology news sites.  I have tweeted, and Google Plus'ed several thoughts on the subject myself. I am not going into a lot of great detail on what has been covered very thoroughly by other forums.  But this whole thing makes me think - are we really in an era where there is a total lack of expectation of privacy.

I remember 10-15 years ago seeing occasional articles about how the average person's name came up on some computer screen many times a day around the world.  Surely now, that is many thousands of times per day and the detail and quantity of the information vastly expanded. But what about a 100 years ago.  Did you have an expectation of privacy more so than today, or was there an openness of your life commensurate with the technology of the time.  What about when photographic technology came along and suddenly a person's image could be captured walking down the street and printed in a newspaper.  Consider that certain personal information has always been stored in the public domain - property records, birth and death records, income and asset information for tax purposes.  What's the difference?  In my mind the difference is the ability to aggregate, store and process and turn this data into intelligence.  A hundred years ago there was a sizable amount of information available about an individual, but it required a lot of footwork to bring it all together.  Now that information is brought together, aggregated, correlated and processed constantly. In fact there is new category of workers who specialized in crunching numbers, visualizing data and producing marketable intelligence - the "Quants"  as Scott Patterson calls them in his book,  The Quants: How a New Breed of Math Whizzes Conquered Wall Street and Nearly Destroyed It . The difference is astounding and leads us, or at least me, to believe that we do in fact need to be more cautious about privacy than in the past.

To what lengths should you go to protect or guard your privacy.  I know some people who have zero social media footprint for just this reason. Still others refuse to use free, ad-based email providers like Gmail, Yahoo mail, and Hotmail to reduce the footprint of their "dossier".  I remember reading somewhere that people who utilize free services on the internet like storage, email, and social media are not really getting the services free, but rather are making "micro-payments" in their privacy and liberty and because they are "micro", they seem insignificant at any point in time, but taken together represent a stunningly comprehensive view of who you are over a period of time. The other side of the story comes from those who simply say "there is no privacy therefore I will make everything public".  These people freely post there whereabouts using social tracking sites like FourSquare and post thousands of pictures, intimate accounts of activity, purchases, etc on social media sites like Facebook or Google +.  Are they right?  I don't know.

My opinion on this is black and white. With the existing privacy laws and regulations in the U.S. I am not ready to throw all my information into the pile, at least not voluntarily.  Unlike Europe (specifically Germany) where privacy laws are more up to date and stringent, the U.S. just leaves too much up to the goodwill of the collector. So while I may have a Facebook, LinkedIN and Google + profile, I try to limit their reach into my private life and spend a great deal of time tweaking settings because of it.  However in the future, if and when the laws and regulations in the U.S. become more stringent,  I can see an advantage to sharing more information and ultimately living the true digital life.

---
Now, bringing this back around to Carrier IQ and cellphone spying. I think cellphone carriers have a legitimate right to log some data for service assurance as long as their is an opt-out, and the software is not hidden with no ability to disable it - this is why I believe Carrier IQ's software is similar to a "rootkit".  It is unconscionable for them or any other vendor to be keystroke logging and tapping into communications that would ordinarily be not visible. (https).  Bad form and I support the folks who believe it may violate U.S. wiretapping laws.