During the Senate inquiry in which Senator Al Franken questioned several OEMs and carriers regarding the Carrier IQ privacy drama, it was revealed in court docs that Sprint was the worst offender with over 26 million phones utilizing the Carrier IQ keylogger and tracking software, although they indicated that only 1.3 Million devices were ever pinged for information at any one time. It was also revealed that AT&T has over 900,000 phones with the software, that Samsung has over 25 million smartphones with the software, and that HTC has 6.3 million phones with the software.
During the proceedings, Sprint acknowledged that it used the software, but made it clear that it only used it in a limited capacity to help with diagnostics and troubleshooting technical issues and to improve network performance, not to track users data or for advertising. They also stated that they never shared the data with any third party company or governmental agency, and that they only store the data for a limited period of time (approximately 6 months) in a raw encrypted format. AT&T made similar statements to the Senator. T-Mobile, in an email to ComputerWorld, also made similar statements. Here is one of Sprint's statements from the court docs,
Sprint apparently took the issue very seriously and went a step further since then. They made a public statement on Friday that they were no longer going to use the Carrier IQ software. They shared that the Carrier IQ software was disabled on their servers, and that they were in the process of asking all their manufacturing partners to remove the Carrier IQ software from their phones. Here was Sprint's statement on the issue,Sprint has not used Carrier IQ diagnostics to profile customer behavior, serve targeted advertising, or for any purpose not specifically related to certifying that a device is able to operate on Sprintís network or otherwise to improve network operations and customer experiences.
This seems like a more complex issue than it was on the surface. On the one hand, people are definitely justified in wanting to have their data and phone usage kept private. On the other, how does a company draw the line in striving to utilize diagnostic tools to give their network users a better experience? It seems that Sprint did its best to use the data with the best of intentions, and in such a way that it couldn't really harm its users. Still... there is always the possibility of some unscrupulous employee of the company gaining access to something that they shouldn't and using it for nefarious purposes. Also, they probably should have made their customers aware, and offered an opt-out/opt-in option. Share your thoughts on the subject."We have weighed customer concerns and we have disabled use of the tool so that diagnostic information and data is no longer being collected."
Also, here we have provided links to the different statements on the subject from carriers and manufacturers:
Carrier IQ Response and attachment
Source: BGR: (1) & (2) and ComputerWorld