Over at XDA-Developers.com they are reporting the discovery of a rootkit known as CarrierIQ which has serious privacy implications.

The software, installed on many phones with Android, Blackberry and Nokia operating systems, is designed to report “useful” information to your carrier when there is a problem such as a dropped call. This would seem innocent enough until you start digging into what information they can collect.

Location, apps used and browser keylogging are just some of the metrics collected and it would appear that the manufacturers are free to define almost any activity they want to trigger data collection.

So far all the articles I have read only mention US cell phones but I see no reason this could not apply to phones anywhere, regardless of what Data Protection or Privacy laws we think are there to protect us.

I will certainly be reconsidering how I use devices now that everything I do is a commodity for my phone operator to sell.

Here are some links to more information regarding the story:

www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/
http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/

Visa, it would appear, are looking for ways to analyse and sell data on our purchasing habits now. It seems that no matter where you look nowadays someone is trying to figure out how to monetise data we are providing them with unknowingly.

Here is the link to the article on The Register’s website: