When the story first made the rounds, the focus was on Carrier IQ, the “evil” company whose rootkit program in your smartphone tracked your keystrokes. It was scandalous. It was outrageous. It was either harmless or insidious, according to who was doing the talking.

In short, Carrier IQ is only providing network and end-point analysis tools, and what happens to your data they collect afterwards isn’t their concern. We know however that, far from simply collecting anonymous data, according to Carrier IQ’s own description of their Mobile Service Intelligence : “What’s more, the combination of the MSIP and IQ Insight lets you move seamlessly from broad trend data across many users, through comparative groups down to diagnostic data from individual devices. Now, not only can you identify trends, you have the power to drill down to specific instances, giving you the insight your specialists need to make a difference. That is the power of Mobile Service Intelligence.”

It all sounds so harmless… until you see among other things Carrier IQ’s tools are capturing your text messages.

What wasn’t mentioned at the time was who was not doing any talking.  That would be your friendly, neighborhood FBI.  And they still aren’t, which is pretty much the only answer needed.  Via Andy Greenberg at Forbes :

Want to know if Carrier IQ, the dialer- and location-sniffing software installed in millions of phones, is being used by the FBI for law enforcement investigations? The FBI won’t reveal much about the controversial application. And why not? Because, the Bureau says, doing so might interfere with ongoing or prospective law enforcement investigations.

Whether they were on the case from the outset, or figured out as the scandal broke that Carrier IQ had something that was really useful, isn’t clear.  What’s clear now is that if they didn’t know about it from the beginning, they surely do now.

That’s the strange and potentially revealing logic the FBI used earlier this month to deny a Freedom of Information request filed by Michael Morisy, a blogger for the website Muckrock.com. After a video surfaced that seemed to show the software logging keystrokes and monitoring data traffic on the more than 140 million phones on which it’s installed by default, Morisy had asked the Bureau for any “manuals, documents or other written guidance used to access or analyze data gathered by programs developed or deployed by Carrier IQ.”

The FBI responded that the material couldn’t be provided, and cited an exemption to the Freedom of Information law for situations in which handing over documents “could reasonably be expected to interfere with law enforcement proceedings.”

As Greenberg notes, this doesn’t mean they already have their hands on your text messages, or even that there’s any cooperation on the part of Carrier IQ.  Indeed, there may be a passel of issues surrounding any effort to gain access to every keystroke you ever tapped on your smartphone, though it would appear that since it’s in the hands of a third party, no Fourth Amendment right attaches.  On the other hand, since no one knew this was happening, and it came as a huge, and scandalous surprise to the public, a court should be hard pressed to conclude that it passes scrutiny under Katz’s reasonable expectation of privacy test.

But now you do know. And so does the FBI. And as long as you continue to tap, tap, tap on that cute little qwerty keyboard, you can’t deny you took the risk of exposure to the government by Carrier IQ.

We’re inundated with the magic of technology, making our world easier, faster and perpetually more fabulous.  Those who adore technology gush over every shiny new toy.  And to a large extent, the toys are great fun and occasionally useful.  But nobody wants to be serious about the perils.  And there is no shortage of perils.

My deep understanding of all things technical precludes me from discussing the potential of evils that could stem from this rootkit.  I don’t even know what a rootkit is.  But I know too well that the government will have no qualms about using it to their advantage if they can get their hands on it.  I know too well that innocuous text message, commonly shorthand missives designed to provide a quick detail or word to a recipient who already knows the gist of the communication, can be easily spun into some nefarious conspiratorial act. 

They are vague by nature, and vague opens a person up to interpretation at convenience.  Anyone who has ever read draft transcripts of wiretaps knows only too well how “see you at 3 with the package” turns into “plan to meet at 3 to conclude multi-kilo narcotics transaction,” even if it happens to refer to a holiday fruit cake.  Who wants to take the stand to testify to a fruit cake?  Who has the video to prove it?

By the time a court rules that some technology I’ve never heard of is so common and pervasive that no reasonable person could expect privacy, the cutting edge is already a thousand light years ahead of it.  I learn about it via some of the more technologically astute (and, naturally, younger) lawyers, like Keith Lee, but so does the government.  If there’s data to be mined, they’ve got their pith helmets at the ready.

So enjoy those new, shiny toys.  Tap to your heart’s content.  Hang in the clouds.  Eventually, we’ll find out whether you had some unexpected company with you, and by the time it reaches a circuit court and a decision is made about how unreasonable you were to expect that your private, personal communications and messages would remain private, it will be too late to worry about it.  By then, you will be informed that everyone knows that there’s no privacy in the technological, digital, shiny toy world.  But by then, it will be too late to worry about it.