Cellphone kill switches: Finally some good security news

The deal won't completely stop mobile phone thefts, but it will make a huge difference in mobile security and privacy.

In the wake of Heartbleed and Target and NSA surveillance, it’s nice to finally see some good news on the security and privacy front. And make no mistake, the deal reached this week by the mobile industry to offer software controls that can remotely “brick” stolen devices is very good news indeed. 

A remote “kill switch” is good for consumers who get their phones taken, but also for everyone who carries a phone. It’s even better for enterprises that let users access their networks via mobile devices, no matter whether those are owned by the company or individual. That’s because If a potential thief can’t expect to use or sell a purloined mobile device, there’s no reason to commit the crime in the first place.

Safer cellphones for everyone

That makes everyone safer, even if their particular phone doesn’t happen to be using the feature turned on. 

After years of unseemly wrangling and resistance from industry organizations like the CTIA, the Smartphone Anti-Theft Voluntary Commitment calls for carriers like AT&T, Sprint, T-Mobile, U.S. Cellular, and Verizon to join device makers like Apple, Google, HTC, Huawei, Motorola, Microsoft, Nokia, and Samsung in agreeing to make the functionality available free for all devices manufactured as of July 2015. 

Of course, the deal came only after lawmakers in many states threatened to make such functionality mandatory — and turned on by default. The deal says only that the software has to be made available, not necessarily pre-installed, much less activated. But CNN reports that ”the data would be retrievable if the owner recovers the phone.”

As long as the industry follows through on this promise, and doesn’t make it too difficult to download and activate the relevant apps, I’m perfectly OK with this approach — and thrilled that something is actually happening. Enterprises will no doubt make the functionality mandatory for their employees, and some carriers and handset makers will likely choose to make the feature the default and then market the hell out of it by claiming to be the safer alternative. 

Would a universal default be stronger?

That’s great, and exactly how it should be. As the functionality becomes commonplace, even those people who are too lazy or clueless to protect their own property will benefit, since the bad guys will have to know that the phone they steal most likely will have no value to them.

Would it be safer if every every phone had this capability? Of course. But even if it was preinstalled and turned on by default on every new device, some people would choose to turn it off for one reason or another. There will always be the chance that a thief might get lucky and grab a phone they could actually use. The key is to make that unlikely enough to make the crime not worth the trouble.

I’m remarkably optimistic that this new deal will reach that level. 

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10