Representative Edward Markey (D-MA) has released a draft of a bill that would prevent scandals like the one that surrounded the Carrier IQ software from happening in the future. The Mobile Device Privacy Act (PDF) would require that customers be informed by their mobile phone providers of any monitoring software included on the phone.
The bill includes redundant requirements for disclosure, meaning that users would have to be notified by both the manufacturer of the phone and the service provider. The law would also require detailed disclosure of the kind of information being gathered by any installed monitoring software. The law also requires that any information gathered by such monitoring software The bill as currently written leaves the manner of disclosure and the specific regulations to be enacted in the hands of the Federal Trade Commission.
Though the scandal surrounding Carrier IQ seems to have been rather overblown legislation like this would benefit everybody. Carrier IQ made so much news precisely because no one knew it was on their phones. When an Android developer discovered the software on several models of smartphone, it came as a shock to many, who saw Carrier IQ as evidence that phone carriers, phone manufacturers, and maybe even the government were gathering reams of private data on individual users. Ultimately it seems that the software really was what Carrier IQ claimed: software for monitoring handset and network performance, and nothing more. Had legislation like this been in place, though, it would have saved a lot of headaches on all sides.