Slashdot Mirror
iPhone Users Sue AT&T For Letting Thieves Re-Activate Their Stolen Devices
An anonymous reader writes "Following on the heels of the FCC and U.S. mobile carriers finally announcing plans to create a national database for stolen phones, a group of iPhone users filed a class action lawsuit against AT&T on Tuesday claiming that it has aided and abetted cell phone thieves by refusing to brick stolen cell phones. AT&T has '[made] millions of dollars in improper profits, by forcing legitimate customers, such as these Plaintiffs, to buy new cell phones, and buy new cell phone plans, while the criminals who stole the phone are able to simply walk into AT&T stories and 're-activate' the devices, using different, cheap, readily-available 'SIM' cards,' states their complaint. AT&T, of course, says the suit is 'meritless.'"
If customers reported their iPhones as stolen and had all of the necessary details (serial number, IMEI number, etc) that could uniquely identify their phones, then this suit may well have merit. This info is likely in either their system or Apple's system, especially if they both track serial numbers through sales and registration. If thieves are bringing stolen phones in and that data is in their system then they damned well should be doing something about it.
in Australia, Telstra have a bad rap for fucking over customers, but this isn't an issue with them. A year back I lost my iPhone, reported it stolen, and within a week another Telstra customer began using it. Telstra stopped their service, had them come into a store, and simply took the phone from them and let me know I could collect it. As gravy, the idiot who'd been using it caused a scene in the Telstra store and had the police called on them - they were known to the cops and arrested for other reasons.
On the bad side, I'd already bought another iPhone in the meantime. Win some lose some.
If I call AT&T or its agent and tell them that my phone has been stolen, then they are engaging in a criminal act when they reactivate that phone. There are no legitimate excuses for this behavior.
If somebody steals a car that is equipped with a kill-switch in the engine and I, knowing that it is stolen, disables the kill switch so that the thief can drive the car, then I'm going to go to prison. The only difference between my behavior and AT&T's is that I am not a massive corporation, so I am subject to the laws of the United States.
When I worked at AT&T as a systems engineer in SMS a few years back, we and anybody in customer care were able to perform a search by IMSI (sort of like a MAC address for cell phones). One day the IMSI search feature was suddenly yanked. Thought it was a bit strange, because one time I was able to use the IMSI search to find the new MSISDN (phone #) for a friend who'd lost his phone and it helped him recover it. Makes me wonder if AT&T just didn't want to be involved in stolen iPhonery, or if they yanked the search feature because the profits from the process (noted in the story headline) were just too tantalizing.
RIght, because of course when someone sells a phone they're going to immediately report it as stolen.
It's not like any records might exist that they had put it up for sale or something...
Since corporations are people, AT&T would be sentenced into a 250 year prison sentence for a > 1000 crime spree accross the country.
...The money is in the use of them - if someone wants something that's not traceable to them in the commission of some other criminal activity, they're gonna do one of two things: buy a disposable prepay or steal a phone. Either way, said handsets are going to be used once or twice, then disposed of ASAP. Whether that be from simply binning them or selling them on to some unsuspecting sucker.
ALL carriers should have a mandate to brick handsets reported as stolen. Yes, there is a way of reactivating most handsets (by flashing them), but I don't think $crook would bother with the expense. He'd rather go buy a disposable prepay, and everyone's a winner. You get to keep your iphone, carrier gets to sell more handsets, and GCHQ gets to track more and more unregistered gear ;)
Operation Guillotine is in effect.
If court was to find AT&T guilty of this "aiding and abetting", would they also be liable for any non-phone related damages that happened due to the phone being stolen or how it was stolen(ie. medical expenses due to getting a bottle smashed into your head from behind)?
I don't see how your post could be related to the direct crime of enabling a stolen phone, when it has been properly reported as stolen.
The car analogy is valid. Anyone helping to re-enable a stolen car is committing a crime, why in this case would be different? aren't a phone and a car stolen objects?
The ability to keep track of stolen IEMI numbers and not activate a phone on that list is elementary, and in an age where you can track an iPhone across the planet via GPS, such a simple detail screams that they simply did not want to do it. Worse for AT&T, is the fact that they look up the IEMI to enforce customer use; just try to use an iPhone on a non-Iphone data plan. This check is done autonomously.
There are plenty of instances where registrations are checked to assure that they're not stolen. At one time, cell phones that were stolen were indeed blacklisted. And while I agree that AT&T may not have had a legal obligation to do so, with their customers being robbed, it certainly seems easy to say they have a moral obligation to blacklist the phones.
Of course, the consumer outrage is now full scale, and I'm sure legal requirements may indeed be forthcoming.
My understanding is that not everyone in the USA has a SIM in their phone. Am I correct?
I'll see your Constitution and raise you a Queen.
Because Sprint and a large chunk of Verizon handsets don't use SIM cards, and most people would have brain meltdowns if they saw what the actual retail price of a replacement phone would be. So, they buy a new contract to try and get the purchase price down.
There are two different technologies at work here, gsm and cdma. one requires a sim, and has the convenience of moving your sim to another phone and your service follows it. (and you can have a phone with 2 or 3 sims installed in it, each with a different phone number, so like a business and personal phone all in one) The other just goes by hardcoded sn in the phone to identify itself, and you can't transfer it.
One ties the service plan directly to the handset, the other ties it to the sim card. But both types will have a handset serial number the tower sees in either case, so you can brick a cdma or gsm phone by blacklisting it's serial number. you can't unban the one by changing the sim card.
I work for the Department of Redundancy Department.
Many of those resellers on Craigslist today are hawking stolen wares. The new bricking process will go a long way to stop these crooks. At&T and other carriers should have been brought to account years ago. Those looking for a used phone may want to ask for proof of IMEI registration with the carrier in the future.
Stay skeptical, my friends.
Where do I sign up. I've had 2 stolen.
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
Quote TFA:
“Plaintiffs have been told by AT&T representatives that they will not, and ‘cannot,’ block and effectively kill usage of such stolen cell phones by thieves and criminal organization, however, such representations are false and fraudulent,” states the complaint.
Law Suits is what happen when you finally admit it is possible to disable a phone by knowing its IMEI (as is common in many other countries),
after years of denying they had that ability.
AT&T now joins other carriers to put it in place. (As simple as tying their stolen phone database to the GSM infrastructure, since this capability has long been part of the GSM spec.
Without proof in writing that AT&T said they could not do this, I suspect it will be hard to prove they lied.
That leaves the aiding and abetting claims. The legal team is composed of personal injury lawyers, so unless they get some better hired guns, I don't think this goes too far. Can Shell or Exxon be sued for selling you gas for your stolen car, or Ford be sued for selling you spare parts, simply because they don't want to look up every license plate or VIN?
I suspect this is going to be a very difficult case to win.
I think your analogy is wrong.
Would the DMV be liable if they licensed a car that was reported stolen....I think so.
RIght, because of course when someone sells a phone they're going to immediately report it as stolen.
It's not like any records might exist that they had put it up for sale or something...
That would depend on how they sell it. If they meet up at the corner and everything is done with cash, what record exists? Perhaps, the seller is pissed at the buyer and the seller calls in the phone as stolen out of spite. That would be especially possible if the seller was trading the phone to relieve a debt owed.
Would the DMV be liable if they licensed a car that was reported stolen....I think so
The DMV is required to do this by law, because they are creating a title to real property of significant value.
AT&T isn't required to do that.
They are not granting you a title simply because they are selling you a service.
Sig Battery depleted. Reverting to safe mode.
2) Your analogy fails because the car operates no matter who has a "key". Same with a phone, right? Sort of. The difference is, is the device has to AUTHENTICATE with the carriers servers *before* the device is even put 'on the network.' So, no, the two are not the same. The authentication isn't some sort of magical ether. It happens every time you make a call, every time you turn on your phone and every time your cell goes in or out of range of a tower. Just because that authentication cant "be seen" doesn't mean it's automatic or granted.
Wrong-o me bucko.
You can (and I have) removed my sim from one phone and put it in another phone, (totally different make and model that never once crossed AT&Ts doorstep), fired up the phone and it works out of the gate. The beauty of GSM.
As long as the SIM is good, the carrier does not care about the phone's serial number. You are confusing the authentication between the carrier and the Sim card, with the unique serial number burned into the phone. I ran that new phone for a year, when AT&T only had the IMEI from the old phone in their records.
Sprint phones don't have IMEIs. They have IMEDs. I should have stopped reading your reply as soon as you started talking IMEIs with Sprint. Its clear you have no clue.
Sig Battery depleted. Reverting to safe mode.
Demand that the seller write and sign a bill of sale. When AT&T says no dice, bring your bill of sale and watch the cops arrest your original seller for filing a false police report.
When buying phones off Craigslist I have just insisted that the transaction take place at the carrier's store so that there can be no question about what is going on - no "bad ESNs", problems with activation, etc.
Just about anything electronic can be tracked. Phone, laptop, GPS... Not really rocket science for the manufacturer in this day and age. But why would the manufacturer want to track it? If they find it they can't sell you another one.
Wuddooeyeno? IITYWYBMAD? Like nuts? eclecticallyincorrect.com
I worked at an Apple Store for years. iPhones, or any Apple product, can be flagged as lost or stolen by a phone call to Applecare. If someone brings such a device into a store for a service or swap, the in-store repair application (iRepair) will notify the Genius or FRS by turning red. iRepair also displays the original owner's information.
Apple's practice, while I worked there at least, was to avoid any sort of controversy or legal entaglement and give whoever brought the device in the benefit of the doubt. Since in-store repairs require you to present ID, it was quite obvious which devices had been obtained through dubious circumstances. E.g. phones from other states, other indicators which could be construed as "profiling," etc.
They all were doing it.
---- Booth was a patriot ----
Just because this example is simplified...
1. Sell iPhone to unsuspecting customer
2. Report it stolen.
3. Receive returned phone.
4. Repeat steps 1-3, until finally arrested.
Just being a wise a$$. But what authority does a pimply faced sales clerk have to seize and hold a potentially stolen device? Much less detain an individual while waiting for the Police.
Some people would threaten to sue for defamation and etc for being accused of having stolen a product.
Having lived in a Country which has a Nation wide, Stolen IMEI database where all carriers participate I can tell you.
1)People selling phones then reporting them phones just doesn't happen!
2)Phone property theft is not a problem, stolen phones have no value since they don't work.
Oh its not really bricking the phone, it just prevents stolen phones from registering onto the network(all)
Because the phone wouldnt be WORTH STEALING in the first place, if it wasnt for AT&T.
Car machine shops are at a much different relation because your car doesnt need to be authenticated by the providers network to be able to unlock the car doors.
I thought you had read the original analogy a few posts above. Just in case you don't find it: ""If somebody steals a car that is equipped with a kill-switch in the engine and I, knowing that it is stolen, disables the kill switch so that the thief can drive the car, then I'm going to go to prison. The only difference between my behavior and AT&T's is that I am not a massive corporation, so I am subject to the laws of the United States."
A cell phone is different because it requires service and the service provider has knowledge of both the theft (you wouldn't want them calling all round the world on your dime) and the unique identifier of the phone. If some one steals my VCR...well lets face it....good for them. I'm not even sure it still works ;-) But really....if they stole some piece of electronics gear I do actually care about I would hope they took something I had actually written down the serial number of. I would then, upon reporting the break in to the police, give them a list of the serial numbers I had for the stolen property. The police would then supply that information to pawn shops in an attempt to eliminate a possible avenue for the thieves to relieve them selves of their stolen goods.
Granted the thieves will most likely turn to the grey market of Craig's List and/or eBay to rid them selves of the stolen property they do not intend to use or keep. If they do keep it it's not like they need to call some provider to make it work.
No lets look at the 2nd point. AT&T, or any provider, should require a police report. If you had sold the phone and the next person attempts to get service and is blocked by AT&T they will then have to prove they purchased the phone or risk jail time. So, for the sake of argument let us say it was easy for them to prove they bought it from the original owner. This puts the seller/owner in a bit of a pickle. See the police are now going to knock on his door and take them to the police station where they will have to answer for filing a false police report.
More likely the seller will be the thief. Since the grey markets will have a record (IP of the poster, email addresses, phone numbers, paypal info, etc) they will need to find alternate ways to sell it. This makes it harder for the thieves to sell the phones and makes them less likely to want to steal the phones.
If you buy a stolen phone, don't expect it to operate. If you didn't know it was stolen, someone duped you. Go after them and report them to police. It's no different than if they had shipped you a brick.
now we need to go OSS in diesel cars
However, most cell phones stolen in bigger cities go straight to a black market and are quickly exchanged for $50-$100, and bundled up and shipped overseas. The police know about these stolen phone dealers but do nothing (per San Francisco Examiner) But with a database, the police could focus on dealers with 3 or 4 phones that puts it into the grand theft category, a felony... which makes it one more strike added to a scum-balls record.
You know, the one where you actually had to establish some sort of legal duty that was breached before you could support a claim of negligence, not just come up with something you wish they would have done and then sue them for not doing it.
Where do you get this crazy talk? Now if you'll excuse me I need to enslave another sedan chair carrier.
from a TV set, a VCR, a car radio or any other usually stolen good. If you get your device stolen, it's completely and totally your own damn fault. Don't get me wrong, yes, it sucks, but how is it in any way shape or form AT&T's problem?
If your stolen TV or VCR is recovered, you get it back. AT&T has the ability to tie stolen phones to the people using them, who may or may not be the thief. Either way, the legitimate owner would get their property back.
WIth that said, sure, AT&T could probably come up with a solution and market it, but don't pretend criminals won't just unlock them and bring 'em to verizon, or sprint, etc... heck, iPhone are great iPod touches too.
Network compatibility issues aside, IMEI numbers can uniquely identify a phone regardless of carrier. Which is why they're launching a national database that includes all the major providers.
What I have a beef with is that no one is forcing anyone to buy something new. And then what's stopping someone from selling their iPhone for cash, then claiming it was stolen? No, this is going too far.
I imagine people would learn very quickly to get a receipt when they buy something. I ask for one when I buy something off Craigslist. It's not difficult, just write down what was sold, for how much, and when, then sign it.
Eagles may soar, but weasels don't get sucked into jet engines.
Overpriced, fragile, insecure BS!
That describes my HTC Android phone pretty well, too.
Eagles may soar, but weasels don't get sucked into jet engines.
Used car dealers who assist in the reselling of stolen cars are routinely sent to jail. Pawn shop operators, ditto. Why not cell phone companies?
Im not sure if AT&T has the same sort of agreement with the insurance company they use(probably Asurion) but when I worked for a metroPCS retailer a few years back I'd get people who come to reactivate a phone and it would get rejected by our carrier activation system if the phone had been reported stolen to the insurance company. At the time insurance was about $6, and the deductible on the pricier handsets was $50. I''d explain how things worked if the phone was lost or stolen and customers would gladly sign up.
No, no it isn't. In fact, I think you need to read the reply above yours. If a cell carrier is informed that a given cell phone is stolen, then it needs to be bricked and not allowed back onto the system. Yes, it sucks for people who buy a phone second hand without doing their homework, but it also makes phone theft much much less worthwhile for thieves, which will make the whole thing moot. No phones stolen == no stolen phones bought by foolish people.
Frankly when my first cell phone got stolen I was pissed to find out they would only put a 90 day block on the ESN and then it was free to be reactivated. Imagine if they treated stolen car VINs or other things like that? Would you be protective of allowing such a practice to continue? No, I doubt you would.
I think the real reason that cars have such a system and phones haven't is cultural, with some economic self interest involved. The cultural is that personal transportation, at least in the US, is a big issue. There was a time when horse thieves were simply hanged. If someone comes into you home and steals all you stuff, there is not as much as a furor as a car theft.
Then there is economics. Cars are insured by third parties with no connection to the agent that sold or the agent that provides servie for you car. The insurance company then wants to do stuff to minimize car theft, as they will be out real money for the retail value of a replacement. OTOH, insurance for phones is sold by the carriers, at very high rates, and these firms only need to replace the handset, not pay cash for a retail replacement. Therefore it is in the interest of the carriers to create an environment where customers are highly motivated to acquire this insurance, which they do through contracts and encouraging theft.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
...that's more money they get. It's in ATT's best interest to activate a stolen phone. They sell another device to the previous owner, and they sell a new account to the thief. Of course they're being dismissive of the case. ATT is only interested in the bottom line.
There are 2 groups of people you can make fun of on the Internet without fear of attack. The illiterate, and the Amish.