The PROTECT Initiative will use a database of phone and tablet serial numbers to render lost or stolen devices inactive and educate the public on protective steps.
The Federal Communications Commission is leading a new effort to combat what it called an epidemic of smart-phones and tablet thefts, and protect the devices’ data when lost or stolen.
FCC, law enforcement agencies and the wireless industry, with the support of a U.S. senator, have launched the PROTECT Initiative, a voluntary program that will create a shared database of devices’ identifying serial numbers. When a user reports a lost or stolen phone to their wireless carrier, the carrier will access the database and block the device from being used again, the FCC said.
The initiative also will attempt to raise awareness about the seriousness of mobile device theft and encourage people — through automated prompts on their devices — to password-protect their phones and tablets, and make use of applications that can lock, locate or wipe data from a lost device.
The growth of mobile communications has had a lot of benefits, but “is also creating some very real safety concerns” surrounding the theft and resale of the devices, FCC Chairman Julius Genachowski said in prepared remarks announcing the initiative. “The numbers are alarming.”
Smart phones and other cell phones are involved in 40 percent of all robberies in New York City, 38 percent of robberies in Washington, D.C., and 30 percent to 40 percent of robberies in other large cities, Genachowski said. And robberies, he pointed out, often are violent crimes.
And in addition to losing phones and possibly suffering injuries, victims’ data often can be taken as well, because many of the devices are not secured.
Using a database to make the phones inoperable once they’re stolen or lost would reduce the incentive for robberies, since thieves couldn’t resell a phone that doesn’t work, nor could they make use of the data.
Along with protecting everyday users, the initiative could help organizations developing “bring your own device” policies for employees who use their personal smart phones and tablets on the job. One aspect of the security concerns with BYOD practices is that devices can easily be lost or stolen, with sensitive or proprietary data going with them. A recent study by ESET and Harris Interactive found that auto-lock and password protection was employed by fewer than a third of BYOD smart-phone users and only about 10 percent of tablet users.
Organizations that require their employees to register their devices’ unique identifiers — Electronic Serial Numbers (ESN) or International Mobile Equipment Identity (IMEI) numbers, depending on the type of phone — with the PROTECT database would gain a measure of protection.
Wireless carriers including AT&T, T-Mobile, Verizon, Sprint — which cover 90 percent of U.S. subscribers — are on board with the plan, and will promote device security through advertisements and a public education program, the FCC said.
Carriers also will seek to educate users on using passwords and lock/locate/wipe apps by sending messages directly to their phones and including the instructions in devices’ Quick Start guides.
Device manufacturers Apple, Motorola, Qualcomm, HTC, Microsoft, Nokia, and RIM also are supporting the effort, Genachowski said.
At this point the program, which the FCC expects to be in operation in 18 months, will be voluntary, but the commission would consider making it mandatory if people don’t willingly join up, a spokesmen told InformationWeek.
Genachowski’s announcement was joined by the police chiefs of New York, Philadelphia and Washington, along with D.C. Mayor Vincent Gray and Sen. Chuck Schumer (D.-N.Y.), who plans to introduce legislation making it a crime to tamper with mobile devices’ ESN or IMEI numbers.