Analysis: Is Carrier IQ controversy the perfect storm to destroy operator trust?

A few days ago, we published excerpts from a discussion we had with Allison Cerra, an Alcatel-Lucent exec whose new book examines issues of online identity and trust (CP: ALU: Navigating the 'shifting' identity landscape)

One of the key findings of the massive ALU research effort that underpins the book was that although consumers don’t necessarily like their network operators, they trusted them much more than other players that might make use of their location, identity and presence information.

And that trust put them in a good position to assert a primary role as the mobile ecosystem continues to evolve – and expand.

Cerra shared another interesting concept that wasn’t mentioned in the article: so-called “hysteria moments,” that is, situations that – warranted or not – have the power to instantly and irrevocably alter the public’s trust relationship with a particular entity.

Carrier IQ anyone?

What is Carrier IQ, and will the controversy have legs?

If you haven’t heard by now, Carrier IQ is a company and a piece of software that can be deployed on mobile devices and report back performance data and other information. It’s that “other information” that’s set off a firestorm of controversy, as security research Trevor Eckhart reported the software can apparently monitor keystrokes, capture text messages and obtain location data (see Eckhart’s video describing his findings here).

The first wave of the Carrier IQ controversy involved Eckhart’s initial charges and word from the vendor that its software – which it claims is designed to optimize device and network performance, not to spy on users – was deployed on some 150 million devices.

The second wave has seen word of the software being found on various devices and mobile OSs (including Eckhart’s original findings of various Android, Blackberry and Nokia devices on operators including Sprint and AT&T, with the iPhone later being implicated in some quarters), and then various vendors and operators (including Nokia, Verizon, Vodafone and O2 )declaring they have nothing to do with the software. Not surprisingly, the government has also jumped in, with U.S. Sen. Al Franken shooting off a letter asking, essentially, ‘what’s going on here?’

There’s bad, then there’s trust-breaching hysteria moment bad

The mobile industry certainly isn’t the first to be hit with complaints about privacy intrusions (not to mention government inquiry and even intervention). From the dawn of the first “cookie,” the Web and Internet sectors (including Google and others) have been slammed for tracking user activity online, sometimes fairly, sometimes not. These flare-ups target activities that are often less onerous than they first appear, and the complaints do go away (especially when the companies involved own up to their actions and become more open in their practices).

But the impact on a company’s – or an entire sector’s – reputation can be hard to overcome. Truth is, blame for the Carrier IQ controversy falls equally across a number of players – including device makers, OS providers, operators and Carrier IQ itself. So it’s not fair to single out mobile operators here, especially when it appears that at least in some cases, individual operators can honestly distance themselves from the problem.

That said, what will this do to consumer trust? Mobile users seem to be willing to suffer a loss of privacy if they can gain some value in return, from a just-in-time coupon to a personalized service or recommendation. And that’s just the start of this trust-for-value exchange, as the mobile ecosystem is just beginning to bloom and emerge. Indeed, you just can’t stop some users (bloggers, or heavy Facebookers, or Twitter spammers) from telling the world more about themselves than anyone would ever care to know.

That said, consumers will make decisions about who to trust with their most trusted data, including identity, presence and location information. They have options. They could opt to keep it to themselves, and demand that it not be shared at all. Alternatively, they could share it directly with Web or mobile app or retail players. They could also choose to share it with middleman “brokers,” which might allow them to simplify how they share data and gain added value from that sharing.

Who might play that broker role? Think Google, perhaps. Or banks or other trusted financial institutions.

And certainly their mobile operator.

That is if the “hysteria moment” that is the ongoing Carrier IQ controversy doesn’t convince them – fairly or unfairly – otherwise. The impact of the loss of that trust relationship for mobile operators would be huge, far-reaching and difficult if not impossible to counteract.

Ultimately, that’s what’s at stake as the Carrier IQ story plays out; and those stakes couldn’t be higher.