Carrier IQ is still working to temper privacy concerns over its software, which is preloaded on smartphones and used to log information about dead zones, glitchy applications and network congestion.
On Friday, two separate class-action lawsuits were filed against the company alleging it violated federal laws on wiretaps and consumer privacy.
Questions over how the company tracks and uses information arose two weeks ago when a security researcher accused the company of tracking the location and usage history of wireless customers without their knowledge.
Carrier IQ could not be immediately reached for comment on the lawsuits but has been battling to protect its image against a flood of accusations that it records user’s keystrokes and sends them to wireless providers – known in technical jargon as a rootkit keylogger.
The company denied that it captures, records or transmits keystrokes, but its statements failed to damp down allegations from some tech blogs, which vilified Carrier IQ’s technology as “the rootkit of all evil“ and “Carrier IQ creeps out everyone.”
Carrier IQ says the accusations are completely unfounded – it only collects information operators need to figure out problems with devices and network performance.
Andrew Coward, Carrier IQ’s vice president of marketing, told Wireless Week in a November interview that the company did not track keystrokes or users’ location.
“We do look at a lot of attributes of the device to understand that information, but as to keylogging and location tracking, we do neither of those things,” he said. “If you have a dropped call, we’re going to log where you were when it happened. But we don’t follow you around and keep a map of where you’ve been all day.”
Coward’s claims are backed up by independent security researcher Dan Rosenberg, who said in a recent post on his blog that “based on my knowledge of the software, claims that keystrokes, SMS bodies, email bodies and other data of this nature are being collected are erroneous.”
To prove itself, Carrier IQ gave researcher Rebecca Bace access to its confidential documents. She also confirmed that the technology only served its purpose – to help with network diagnostics.
Filed Under: Industry regulations + certifications