The Carrier IQ privacy controversy shows little signs of letting up, as three lawmakers today called for a Congressional hearing on the implications raised by the use of the company's software by wireless carriers.
Reps. Henry Waxman (D-CA), G.K Butterfield (D-NC) and Diana DeGette (D-CO) sent an open letter (download PDF) to Rep. Fred Upton (R-MI), chairman of the House Energy and Commerce Committee, asking for an investigation of the data collection and transmission capabilities of Carrier IQ's software and similar products.
The letter, sent to Upton and two other subcommittee chairs, also asked Congress to find out whether Android phones were sold with security problems that would have exacerbated the problems caused by Carrier IQ's software.
"Data collection and transmission by Carrier IQ and similar software is widespread, and consumers appear to have little knowledge and even less control over the practice," the three lawmakers wrote. "There continue to be many unanswered questions about the handling of this data and the extent to which its collection, analysis, and transmission pose legitimate privacy concerns for the American public."
The Carrier IQ controversy erupted in late November, after independent security researcher Trevor Eckhart published a report showing how Carrier IQ's software could be used by wireless carriers to capture detailed information from Android-powered mobile devices, iPhones and other smartphones. Read more...
Consider the U.S. Patriot Act. It was recently revealed that U.S.-based cloud providers may have to comply with Patriot Act requests for data that's located in a provider's European data centers, even though this conflicts with the European Union's 1995 Data Protection Directive.
In response to that conflict, the European Commission recently announced that it plans to propose reforms to the EU directive by the end of January 2012.
Of course, cloud computing was not even a buzzword when the directive was first formulated in 1995. But all of this serves as a good reminder to ensure that your cloud-computing contract effectively addresses issues associated with data location and legal requests for data access. Read more...