FBI never sought Carrier IQ data, director says

Computerworld - FBI Director Robert Mueller today denied his agency has ever sought any information directly from Carrier IQ for any of its investigations.

But Mueller said he couldn't rule out the possibility that some customer data obtained by the FBI from wireless carriers may have been gathered by Carrier IQ's software.

"I'm not talking about Carrier IQ. I'm talking about wireless carriers. We may obtain information that in some way Carrier IQ may have been involved with," Mueller said at a Senate Judiciary Committee hearing today.

Mueller was testifying on a broad range of national security issues at the hearing when Sen. Al Franken (D.-Minn.) asked him about the FBI's use of information gathered by Carrier IQ's software.

In response, Mueller said that the FBI has "neither sought nor obtained any information from Carrier IQ in any one of our investigations."

He said that some confusion had resulted from the FBI's recent denial of a FOIA request asking for information on the agency's use of Carrier IQ-related data.

According to Mueller, the denial was based on a "standard exemption," which was misinterpreted by many as an admission that the FBI was obtaining information from Carrier IQ.

When asked by Franken whether the FBI may have obtained Carrier IQ-related data from wireless carriers, Mueller said he could not rule out the possibility.

He said that the FBI has never specifically asked for data that may have been collected by Carrier IQ. But it is possible that customer data provided to the FBI by wireless carriers in response to specific requests may have been collected using Carrier IQ's software, he said. (Mueller's testimony about Carrier IQ is at 85:35 in this video).

Meanwhile, Carrier IQ spokeswoman Mira Woods today confirmed that company executives have met with officials from the U.S. Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) in response to continuing concerns over the use of the software in mobile handsets.

According to Woods, the meetings were initiated by Carrier IQ, not by the FTC or the FCC. "We sought the meetings with FCC and FTC in the interest of transparency and full disclosure, and to answer their questions," Woods said. According to Woods, the meetings have been taking place this week in Washington.

Carrier IQ has been desperately trying to assuage concerns over the use of its software ever since security researcher Trevor Eckhart released a report last month in which he described it as sneaky, hard-to-remove data logging software that comes pre-installed on millions of mobile handsets.

Eckhart's report has led to at least three lawsuits being filed against Carrier IQ and several wireless carriers and handset makers who have admitted installing the software on their devices.

Earlier this month, Rep. Edward Markey, (D.-Mass.) asked the FTC to investigate Carrier IQ's software and verify whether it is secretly collecting users' personal information, as alleged by Eckhart.

Carrier IQ has steadfastly maintained that the concerns are based on a misunderstanding of its software. The company has claimed that its software is designed to help wireless carriers to collect data they can use to tweak network and device performance.

Earlier this week, the company released a 19-page document in which it offered its most detailed explanation yet of how the software works.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Read more about Privacy in Computerworld's Privacy Topic Center.