Skip Tags

Popular Tags

Decorative icon

The Resource Center Online Security Issues & Protection | post

An Interesting Complaint Was Lodged Recently with the Federal Trade Commission

by Steve Schwartz on

The American Civil Liberties Union is accusing the nation's largest wireless carriers of "deceptive business practices" for failing to update the software on the Android smartphones they have sold and have on their networks. The ACLU complaint charges the failure to update software leaves the phones exposed and vulnerable to hackers.

This is an issue that my colleague Joe Mason wrote about previously. The problem is that it's not clear who exactly is responsible for disseminating system updates for Android-based smartphones. It's an expensive undertaking, and who should bear the cost — Google who developed the Android operating system and actually issues most of the security patches, the smartphone maker, or the wireless carrier that sells the phone?

The problem is called "fragmentation," and the result is that Android updates often take many months to reach users, if they reach them at all.

The targets of the ACLU complaint are the four largest wireless carriers — Verizon Wireless, AT&T, Sprint Nextel and T-Mobile USA. Google is not named in the complaint, nor are the phone manufacturers.

Interestingly, Google also sells its own line of smartphones and tablets, but those devices receive regular software updates automatically. Also, Google does incorporate security fixes in its latest versions of its Android operating system software, such as Jelly Bean 4.2, but once the phones are sold it again becomes problematic if all security updates reach them.

The issue is important because, according to Google, only one in four Android phones currently in use in the U.S. has the latest generation of its operating system. More than 50 percent are using operating systems that are two years old or older.

"We really feel this is like a defective product," said Christopher Soghoian, principal technologist for the ACLU and a former official with the FTC. "The companies know about the flaws, so they should either recall the products or tell consumers so that they can make an informed choice."

Within the federal government, the Federal Trade Commission has taken a lead role in overseeing the rapidly expanding technology industry, and it has the power to regulate how the industry deals with its customers.

The ACLU complaint asks that the wireless carriers be required to alert consumers to the problem with the software updates or offer to replace outdated devices.

There is a word to the wise in all this. How old is your Android phone and how old are the phones being used by your kids? This question is especially relevant if your kids are using your "old" phones, which you handed down when you got a new one.

"Old" in this context is relative. If the phone's operating system is more than two years old, maybe you want to consider trading up to one using Jelly Bean 4.2. Every day hackers devise new ways to capture the data on smartphones, and you best not keep yourself vulnerable.