FCC Releases Massive Study On Mobile Phone Theft, Asks Wireless Companies To Start Making Changes

Smartphones are amazingly convenient: tiny little hand-sized computers that make it easy to organize our lives on the go. They’re also amazingly good targets for theft: tiny, portable, expensive, and full of personal information. Mobile device theft is on the rise, just as mobile devices are, and the FCC has been trying to find ways to protect consumers when their devices get yanked from their hands.

The commission formed a working group earlier this year, which has been churning their way through all of the data on mobile device theft for months. This week they came up with a final report (140-page PDF) on the matter. The report had a few key findings on reducing and handling smartphone theft.

First: it’s really hard to know just how many phones are stolen. There is no national-level data. With approximately 18,000 separate law enforcement agencies operating in the nation, the aggregation of data is “a significant challenge.” On the one hand, the actual number of incidents may be lower than the best estimates consumer advocates have come up with so far. But on the other hand, a significant number of thefts may be going unreported.

Second: It’s really hard to know what happens to phones after they’ve been stolen. Where are they sold? To whom? Who’s making money? Nobody really has any clear data. Anecdotally, the report says, it seems likely that significant numbers of stolen phones are resold in nations “that are both geographically and politically remote from the U.S.” That means that addressing the problem top-to-bottom in any meaningful way will require a lot of international cooperation.

Third: Tech and telecom companies can’t exactly stop someone from running up and snatching an iPhone from a passenger waiting on the subway platform, but they can take steps to make those phones a lot less useful to re-use or resell. And those steps will help to protect consumers.

In that third bucket, the working group ultimately came up with a few recommendations for things that mobile companies can do:

  • Making lock/wipe/restore functions enabled by default on all devices they sell
  • Making the electronic “fingerprints” (unique identifiers) of phones secure so that thieves can’t “re-flash” them
  • Making sure that wireless company retail store employees double-check appropriate databases to make sure the consumer-owned phones they’re activating aren’t stolen property, and
  • Making sure those databases about stolen phones are actually up to date with accurate information.

These changes are not exactly optional: FCC chairman Tom Wheeler yesterday sent letters to the top executives of AT&T, Sprint, T-Mobile, US Cellular, and Verizon giving them thirty days to respond to the report with a list of “measurable steps” that the companies will take. The goal is to have the mobile companies begin implementing the changes by the end of next year’s first quarter.