Sophos Cloud Optix
California’s state Senate on Thursday passed a measure that would require mobile phones sold in the state to be equipped with kill switches that can brick devices if they’re stolen.
California legislators on 24 April had rejected the bill – SB 962 – saying it would be bad for business.
According to the Los Angeles Times, some Republicans voted originally against the measure because it included provisions for fines up to $2,500 (around £1,500) against retailers that sell phones without kill switches.
Opponents pointed out that many smartphones are made outside the state and could wind up mistakenly shipped to a California retailer without a switch.
Sen. Mark Leno (D-San Francisco) agreed to change the bill to exclude electronic tablets and to delay the date by which kill switches would be mandatory in newly made phones, from January to July 2015.
At this point, the bill applies only to smartphones manufactured after 1 July 2015.
Apple and Microsoft accordingly dropped their opposition, and five Democrats switched their votes to support the measure.
The measure is now headed to the Assembly and will also need to be approved by California Gov. Jerry Brown.
Profit-motivated resistance has galled the members of the Secure Our Smartphones (SOS) initiative, a coalition of politicians and law enforcers formed in June 2013 that’s been fighting for the kill switch as a tool to combat soaring mobile phone theft.
New York Attorney General Eric Schneiderman, co-chair of SOS, in December 2013 wrote to five carriers who refused to allow Samsung to offer the default kill switch that it and LG had both reportedly considered.
In his letters, Schneiderman accused the carriers of being closely tied to the CTIA, the industry trade group that’s argued against the kill switch, and with insurance company Asurion, which provides cell phone theft and loss insurance to consumers.
The CTIA had originally argued that a mandatory kill switch would make it easy for attackers to wipe a phone’s data.
More recently, though, the CTIA has throttled down its kill switch resistance.
In mid-April, the trade group put forth a “voluntary commitment” to anti-theft tools.
The participants signing on to the voluntary commitment plan included the four national US carriers – AT&T, Spring, T-Mobile and Verizon – as well as device makers such as Apple, Samsung, HTC, and Motorola, and Android mobile operating system maker Google.
But the CTIA isn’t happy with California’s move to mandate kill switches.
On Thursday, CTIA vice president of external and state affairs. Jamie Hastings, said in a statement that the measure just isn’t necessary:
We remain opposed to SB 962. The US wireless industry continues to protect its consumers’ information and help stop the theft of stolen smartphones via the ‘Smartphone Anti-Theft Voluntary Commitment,’ which is free to users, as well as the stolen phone databases and individual company and industry-wide consumer education initiatives.
Image of phone courtesy of Shutterstock.
True that it would work not to resell the stolen phone, but what about parts. They don’t sell a vehicle that has been stolen, but rather sell the parts that can’t be traced back to the stolen car. So, the kill switch should render all parts useless.
True, but most of your average phone thieves are not in the business of selling parts, but are interested in quickly / easily selling the entire devices.
I would be concerned about the ability of law enforcement people to lock an iPhone, preventing the owner from sending an “Erase my Phone” signal through iCloud’s “Find My Phone.” This legislation sounds like, with a capability like this in the wrong hands, just another step into a Police State.
“This legislation sounds like, with a capability like this in the wrong hands, just another step into a Police State.”
Exactly the same thing I had in mind when reading this.
I can see the good things that can come out of this for people not already having some security mechanism in order, but I can also easily see the bad thing this can cause by having someone abuse it.
Lets cut the shite, the reason that all carriers and a number of manufacturers are dead opposed to a kill switch is because, at the moment any and all phones stolen can and in all probability are being used again by the thieves/persons they sold them to.
Thus the carriers are now able to sell more airtime to those persons.
And of course they would never even consider making money out of this by selling the customer a new cell phone and charging them for a new sim etc.
And of course lets not forget the vested interests of the insurance companies.
I would agree with the “pure business greed” aspect of your argument if it were not for the huge number of law enforcement and members of the security-industrial complex who are advocating this “feature” — one that is largely addressed by security software in iPhones and Androids already. This is analogous to the kill switches that the same people want installed on automobiles to permit cops to turn off your car if you are fleeing from them.
Ultimately it’s a question of: who owns the technology I just bought?
And the kill switch will never ever have any vulnerabilities, right? Riiiight.
Well one step in the direction the government wants to go. Pretty soon all the phones will have this and they can just track us or shut our phones off any time they want for any reason they want.
CA attorney general in his brief to the supreme court used this as a reason that police do not need a search warrant to search mobile phones. Yet here they are forcing mobile phone makers to do what they fear. How ironic, they take away civil rights to everyone to protect cell phone insurance companies.