Apple

California passes new smartphone anti-theft law, iPhone appears to already comply

California Governor Jerry Brown signed a new law that mandates a remote "kill switch" for smartphones in case of theft.

iOS devices

SB-962 was signed into law on Monday by California Governor Jerry Brown. The bill, introduced in the State Senate earlier this year, was strongly supported by George Gascón, San Francisco's district attorney.

Smartphones that are manufactured after July 2015 will be required to have a kill switch installed to deactivate the phone if it's stolen. A huge amount of street crime, including muggings and robberies, is due to the ease with which smartphones can be resold for quick cash.

Manufacturers are required to have the anti-theft provisions activated by default. According to The New York Times, 2,400 cell phones were reported stolen in San Francisco in 2013, up 23% from the year before, with other major cities reporting similar increases.

Last year in iOS 7, Apple unveiled a new feature called Activation Lock that requires a user's Apple ID password to be entered before a device can be erased and reactivated, signed out of iCloud, or disable Find My iPhone -- Apple's service to locate, lock, and remotely erase lost devices.

In the past year, several law enforcement agencies have said iPhone robberies have dropped significantly following the release of iOS 7 with Activation Lock, falling by 38% in San Francisco, and more than 20% in London and New York City.

The success of Activation Lock likely contributed to the push by California to require kill switches on all smartphones. There's also a federal bill -- the Smartphone Theft Prevention Act -- that was introduced in the House, but it hasn't been considered by a Committee and has a very low chance of being passed this session. However, given the size of the Californian smartphone market, it's likely that all manufacturers and mobile operating system designers will build compatible kill switch systems to sell devices legally in the state.

Also, the CTIA, the mobile industry's trade organization, has a voluntary agreement between members to offer kill switch features to devices first manufactured after July 2015. Committed companies include Apple, AT&T, Google, HTC, Microsoft, Samsung, Sprint, T-Mobile, and Verizon.

It's a non-binding commitment, but it shows that both carriers and cell phone manufacturers are interested in reducing cellular device theft. San Francisco district attorney George Cascón said that cellphone owners in California will be able to "breathe a sigh of relief" because stealing a smartphone "won't be worth the trouble."

For iPhone and iPad users, Activation Lock is turned on by default during the initial activation sequence on devices using iOS 7.

Are you pleased with the new California regulations or would you have left it up to the telecom industry to voluntarily roll out "kill switch" technology like Apple did with Activation Lock? Let us know in the comments below.

About

Jordan Golson is an Apple Columnist for TechRepublic. He also writes about technology and automobiles for WIRED and MacRumors. He has worked for Apple Retail twice and has been writing about technology since 2007.

8 comments
sevvie
sevvie

This is a great example where government oversteps boundaries. Yes, it is unfortunate that phones get stolen, much like other mishaps in life. However, using coercion to get the manufacturers to implement a kill switch is not the answer. 

This is something that the free market can solve, people will vote with their wallets and buy phones equipped with remote disablers if they so wish. If the PEOPLE feel that it is an issue, the pressure should come from the CONSUMER, not the GOVERNMENT in a free market. Apple and a few others are getting this technology ready, so why require EVERY manufacturer to do the same for EVERY make and model?


I guess there will be phones labelled "Not for sale in CA" much like cars, lawn mowers and what have you. What a free country we are...

Eamon_Walsh1
Eamon_Walsh1

A reasonable blanket solution, which should've never been needed if users were able to lock down and services were able to blacklist and enforce the way they were supposed to. A good data protection options nevertheless (bit.ly/1u5uoa6)

smart4
smart4

World's first anti theft smart phone with embedded tamper proof hardware. A phone inside a phone.


http://igg.me/at/fonedao/x


Please contribute to this campaign

inet32
inet32

A remote kill switch will be a wonderful opportunity for Chinese and Russian hackers to bring our entire society to its knees.

knuthf
knuthf

From the limited I have read about the Californian legislation, they enforce nothing that exceed the GSM standard. They demand that the GSM standard is followed when connecting to the net, and bluntly, all GSM carriers will comply if the network has been made correctly - also for prepaid subscribers.


But Qualcomm's CDMA networks is another story.

chriscollingwood
chriscollingwood

I fail to understand why this should have ever become a requirement. The GSM standard has a "Black-list register" which, if the providers ever got around to honouring and using, would immediately remove any phone registered in the Black-list from all networks. 

Of course, you have to get around the network providers basic greed of wanting to make money off every possible terminal, rather than locking those potential money-spinners off their networks, as was originally intended with the standardisation of the Black-list. This greed has really been fed in market-places that support pre-paid services. 


If the Black-list were to be properly used, every stolen phone would immediately become an intelligent lump of plastic and glass, and pretty much worthless for resale

knuthf
knuthf

@chriscollingwood - you are correct, the IMEI register is to be consulted every time you attach the phone to the network, and the "carrier" (operator) can refuse roaming if the original HLR does not approve of the phone.


The problem is incompetent consultants that has rolled out networks, where typically, the IMEI is used to "lock" phones to a subscription, and can only do that. 

According to the GSM definition, the operators are liable for usage, and approval of the phone. if someone use a phone on a foreign network that is stolen, the operator - like Vodafone is responsible for all use in Spain (Telefonica) if the phone has been reported stolen. But Vodafone use the IMEI to trace phone contract and will bar if you violate your contract and that does not include that someone has stolen the phone. Instead, they have been protected by Ofcom, - the regulator in the UK (the FCC in the US), that has branted them the right to pass on the bill for use while stolen to the subscriber. They have also struck deals with the insurance companies, and are way better off offering insurance on the phones, that includes a replacement of the stolen handset. 


So install the security apps that takes picture of the thief, claiming its part of the log-in, and send this to your email with the GPS coordinates of the phone. Mine prompts a message then "We got your photo, we know where the phone is, and ask you to turn it in at a local store!"

Editor's Picks