In 2007, the Federal Communications Commission considered and decided against any regulation on mobile handsets to protect consumer telecommunication privacy under the Telecommunications Act of 1996. In April of 2010, a German politician exposed extensive data collection by his carrier, which sparked investigation into the US market. This investigation revealed widespread industry practices of data collection on consumers without their knowledge or consent, also including sharing data with third parties via Carrier IQ. Carriers have since stopped using Carrier IQ to collect data and removed it from many of their devices. However, the FCC recognizes lingering questions about carriers' ability to collect and disseminate information on behalf of their customers and has issued a notice and opened a new comment period to consider new rules about responsibility for consumer privacy on their handsets. This talk will explore implications of the spectrum of carrier responsibility for their customer data and how regulation could impact the customer and industry.