Smartphone Kill Switch Gets Breath of Life
Apr 16, 2014 2:44 PM PT
CTIA-The Wireless Association and major mobile manufacturers, providers and operating system makers have entered a voluntary agreement to include antitheft measures in smartphones.
The security and safety of mobile users is the top priority for the industry, according to CTIA, and the agreement is intended to protect consumers from smartphone theft while providing companies' with the ability to innovate.
Signatories to the agreement include Apple, Google, Microsoft, Motorola Mobility, Samsung, HTC, Huawei, Nokia, Asurion, AT&T, Sprint, T-Mobile, U.S. Cellular and Verizon. Among the notable names missing is BlackBerry.
The signers agreed to ensure that starting July 2015, smartphones manufactured for retail sale in the U.S. will have a baseline antitheft tool (or so-called kill switch) either pre-installed or downloadable. The tool will be available to consumers at no cost.
It must be able to remotely wipe personal information such as contacts, photos and emails. The function needs to be able to make the device inoperable to anyone unauthorized to use it -- in other words, locking it so it can't be operated without a pin -- but must still be usable for 911 calls and emergency numbers added by the phone's legitimate owner.
The tool also must prevent reactivation of the device without the authorized owner's permission. Thieves must not be able to restore the device to factory settings. Lastly, the antitheft measures need to enable the legitimate owner to reverse the measures that made it inoperable to thieves and restore personal data to a feasible extent (for instance, using data stored in the cloud).
Consumers also can use other technological tools to protect their devices and data, such as remote activation of a siren on the phone, or remote capture of photos using the phone's camera.
For devices manufactured prior to July 2015, CTIA has put together a list of apps consumers might use to locate, lock, or disable lost or stolen devices.
The agreement mirrors initiatives to require the wireless industry to add such measures to devices. The Minnesota legislature is on the verge of passing the first kill switch law in the U.S., said the author of the bill, Rep. Joe Atkins.
Going Too Far?
"It's always better for the industry to solve it's own problems as opposed to having the government step in. The government may mean well, but it always goes way too far," telecom analyst Jeff Kagan told TechNewsWorld. "This proposal from the wireless industry makes sense and solves the problem. The problem is simply protecting your private data if your phone is lost or stolen."
There are other measures intended to tackle or curb smartphone theft, such as a national database, launched in November, of lost and stolen phones which carriers monitor. Carriers can remotely block the devices from accessing their voice or data services. The wireless industry in Canada has a similar database.
Among the potential strengths of the plan from the kill-switch proponents' perspective are data security, savings (in terms of lower insurance costs), and "eventually fewer thefts, as thieves would be less tempted to steal smartphones with this feature," according to Ronald Gruia, emerging telecoms director at Frost & Sullivan.
"Lower theft would also mean people would not be as apprehensive to splurge and buy very expensive models because they would attract more attention," he told TechNewsWorld.
However, "protecting a smartphone should be a voluntary, opt-in technology that should be in principle controlled by the owner of the phone, not mandated by legislation," Gruia added. "Hackers would be tempted to figure out a way to counter the kill switch ... . Hackers can also exploit kill switch technology to shut down phones of consumers or law enforcement officials."
Though generally welcome, the initiative could have other drawbacks for consumers and the wireless industry.
"From proponents' standpoint, any motion is probably better than the foot-dragging carriers have demonstrated to date," Charles King, principal at Pund-IT, told TechNewsWorld.
"That said, there are two major weaknesses in the plan," he noted.
"First, rather than making a kill switch a standard part of every phone, the plan places responsibility for requesting the technology on individual consumers. That's a bit like making people request that seat belts be installed in their cars," King pointed out.
"Second, the CTIA plan gives members until July 2015 to comply, meaning many or most consumers will remain unprotected for over a year," he observed.
"For the industry, the biggest weakness is that deploying the technology will deeply dent or effectively end the estimated $2 billion in revenues generated by phone insurance policies," King said. "But creating its own compliance plan is far more attractive to the wireless industry than waiting for government regulators to get into the game."