One-on-one with Carrier IQ

The Verge sat down with Carrier IQ VP Andrew Coward to talk about “nearly everything the company does”.

The Verge: In terms of deciding what your software does and does not track, is that something you develop and pitch to the carriers, or is that something they carrier comes to you and asks for?

Andrew Coward: It's a combination of the two. Operators don't necessarily know what's available, or what can be gathered, but as they start thinking through what kind of business problem they have, they'll often ask us "Can you do this?" Some of that will be about collecting new types of information from the device, but oftentimes it's how you process it on the backend and what you're doing with it.

For example, knowing where dropped calls are happening, and where you're roaming from one operator to another — when you shouldn't be roaming at all — came to be really interesting use cases for a number of our customers.

Where is this information actually processed?

Some of the larger operators prefer to have their own systems, in their own data centers... we're pretty ambivalent. What's the fastest way to get you results? You set it up, we set it up, in your data center or in our data center... we don't care.

You definitely keep your own data centers, but what's your policy for keeping user data?

First of all, we have no rights to the data that's gathered, and that's a pretty important point. We're acting on behalf of our customer, the operator. Data ownership is a very complex area, so talking about rights is much easier, and who owns the data tends to become a philosophical question if you're not careful.

Under the contracts we have with operators, we are not allowed to do anything ourselves with the data that is gathered. We are not allowed to resell it, we cannot process it in different ways, we can only do what's been asked for. There's no sort of third use, if you like, for the data.

How long do you keep it?

That's a function of the agreement we have with the operator, and on average, it's about 30 days. What's interesting is that the data degrades really quickly, so the fact that you had a dropped call yesterday or last week is kind of interesting, but if you had a dropped call or an application crash six months ago, it's just not important. The individual data records about what happened have no relevance over a very short period of time.

Now, our understanding is that this data isn't strictly anonymous...

There are two use cases for our software: anonymous or non-anonymous. In an anonymous mode... by the way, the two things that come off your phone to identify you are the IMEI number and the MSID number.

This article originally appeared on theverge.com as Carrier IQ interview: inside the brave new world of carrier phone tracking where you can read the full intervew.