Back in June, San Francisco District Attorney George Gascón and New York Attorney General Eric Schneiderman launched an initiative called Secure Our Smartphones, and a coalition of consumer advocates, police, prosecutors and other officials in an effort to put pressure on smartphone makers to stop smartphone theft and dry up the secondary market. One of the goals was the introduction of an industry-wide “kill switch” that would allow consumers to remotely render a stolen smartphone worthless.
Now five months later, the New York Times reports that wireless carriers are not keen with the idea. Gascón was reportedly working on a deal with Samsung Electronics to include antitheft software with its phones in the United States. Unfortunately, this software requires approval from the wireless carriers that service the phones: in this case, AT&T, Verizon Wireless, T-Mobile and Sprint. All four rejected the idea of kill switch software.
If fact, according to Gascón, the carriers were downright unwilling. He reportedly viewed emails that took place between a Samsung executive and a software developer that revealed the four carriers’ reluctance to allow the software. The emails suggested that the four were more concerned about the profits made through insurance programs that are purchased to cover lost or stolen phones.
"Corporate profits cannot be allowed to guide decisions that have life-or-death consequences," Gascón said. "This solution has the potential to safeguard Samsung customers, but these emails suggest the carriers rejected it so they can continue to make money hand over fist on insurance premiums."
Yet the CTIA, the industry trade group that represents the carriers, has a point: what if the kill switch is installed and a hacker gains control of the phone? They could disable the device and lock owners out, including law enforcement and officials in the Department of Defense. Even more, if the customer deactivated the phone and then later retrieved it, the phone cannot be deactivated.
In the case of Apple’s Activation Lock, that’s not entirely true: the customer can disable the phone if it’s been lost, and then reactivate it with the correct username and password if found. For Android Device Manager, users can remotely lock their smartphone or tablet with a new password, or remotely reset the device to the original factory settings. The latter doesn’t stop thieves from selling the device on a secondary market, but at least the user data is mostly erased.
The CTIA reportedly supports a nationwide database meant to deactivate phones that have been reported stolen. The group also supports a legislation by Senator Charles E. Schumer that proposes to make it a crime to modify smartphones to circumvent the stolen phone database. Meanwhile, Gascón is reportedly evaluation what action can be taken against the carriers refusing to cooperate with the kill switch initiative.
"We have repeatedly requested that the carriers take steps to protect their customers. We are now evaluating what course of action will be necessary to force them to prioritize the safety of their customers over additional money in their pockets," he said.