FCC Plans Stolen Phone Database to Discourage Theft

Wireless carriers and the Federal Communications Commission are working together on a plan to make stolen cell phones worthless. Together with law enforcement, they plan to create a database of phones reported as stolen. Wireless carriers would then disable voice and data services for these stolen phones, making them a lot less attractive on the black market. When a phone is stolen today, users can cancel their service through their wireless carrier, but that doesn't stop thieves from reactivating the device under a separate service plan. Verizon and Sprint already block stolen phones from being reactivated, but GSM-based carriers such as AT&T and T-Mobile, whose phones use swappable SIM cards, do not. The database will consist of Unique Device Identifiers, or UDIDs, so if carriers are blocking a specific UDID, inserting a new SIM card won't work. GSM carriers will roll out their own database by Oct. 31, and a common database for all LTE smartphones will be in place by Nov. 30, 2013. Although thieves can modify a UDID, some lawmakers are working on legislation to outlaw the practice.

For users whose smartphones are stolen, a bigger concern may be what happens to the information on the device. As part of carriers' agreement with the FCC, they'll encourage users to password-protect their devices, and will educate users on the remote wipe features of smartphones. “Our goal is to make a stolen cellphone as worthless as an empty wallet,” Senator Charles Schumer of New York said. The plan isn't perfect, however. As the stolen phones are often shipped overseas. Some countries have their own databases, and the FCC is calling for interoperability, but there's no guarantee that the FCC's plan will be enforceable everywhere. Besides, criminals who sell stolen phones on the black market may not have qualms about modifying UDIDs, even if it's against the law.

There are also other issues to consider, such as what happens if the phone's owner recovers the device after reporting it as stolen. Officials haven't said how long they'll need to clear the database of a recovered phone's UDID, or what safeguards they'll put in place to prevent false claims -- say, by an angry ex-spouse. It's also unclear how much information will be collected in the database beyond UDIDs. That's not to say the effort isn't worthwhile, but hopefully the FCC and wireless carriers will have more to say on specifics before the database program begins this fall.