iPhone Users Sue AT&T For Letting Thieves Re-Activate Their Stolen Devices

An anonymous reader writes "Following on the heels of the FCC and U.S. mobile carriers finally announcing plans to create a national database for stolen phones, a group of iPhone users filed a class action lawsuit against AT&T on Tuesday claiming that it has aided and abetted cell phone thieves by refusing to brick stolen cell phones. AT&T has '[made] millions of dollars in improper profits, by forcing legitimate customers, such as these Plaintiffs, to buy new cell phones, and buy new cell phone plans, while the criminals who stole the phone are able to simply walk into AT&T stories and 're-activate' the devices, using different, cheap, readily-available 'SIM' cards,' states their complaint. AT&T, of course, says the suit is 'meritless.'"

Only if they reported it.

[DurendalMac]

If customers reported their iPhones as stolen and had all of the necessary details (serial number, IMEI number, etc) that could uniquely identify their phones, then this suit may well have merit. This info is likely in either their system or Apple's system, especially if they both track serial numbers through sales and registration. If thieves are bringing stolen phones in and that data is in their system then they damned well should be doing something about it.

Re:Only if they reported it.

[Beardo+the+Bearded]

Which is more likely?

That a company that puts someone in a 3-year contract worth thousands of dollars per customer has no record of what they are selling or they figured that they could get away with selling the same service twice to two different people?

"Your phone was stolen? It's only $550 to get another one, or we can just charge you for the services. Hang on, I've got a Mr. Crowbar McGee on the other line, how odd, same phone as you but no receipt."

Re:Only if they reported it.

[aztracker1]

Yea, but the DMV doesn't issue a new registration tag to the theif.

Re:Only if they reported it.

[AngryDeuce]

I fail to see how these companies could validate with 100% certainty that the device reported stolen actually belong to the owners that claimed to own them.

It's called a police report. It's good enough for the company insuring the phone against theft, so why would it not be enough for AT&T to cut the service?

If the police report is fraudulent, well, there are already legal mechanisms in place to deal with that. The point is, obviously they could do something, they just choose not to because it benefits them financially.

Re:Only if they reported it.

[gstrickler]

The carrier probably has it in their phone records for that account. The IMEI is part of how a device identifies itself to the network. It's used to prevent using stolen phones in many other countries.

Re:Only if they reported it.

[AngryDeuce]

No, but if the thief tried to register that car, it would show up as stolen and the DMV would not allow him to register it under his name. They call the police.

Why is it so unreasonable that AT&T do the same? They can tell the damn phone is registered to someone else, they can't take a minute to see if it was stolen or not? How many people sell cell phones to strangers with all their personal information on them? I mean, really?

Re:Only if they reported it.

[girlintraining]

The point is, obviously they could do something, they just choose not to because it benefits them financially.

And that in turn benefits America, because when a corporation makes a profit, that creates jobs, which improves the economy. So why the hell are you doing your patriotic duty and stealing from your fellow citizens so you can give to the corporation?

On a less sarcastic note, the police have often refused to get involved even after a police report is filed _and_ the person knows exactly where the cell phone is (hello? They're radio transmitters). Police resources are only used in cases of violence, property damage, or theft of corporate property. Theft of private property is just... not important.

Re:Only if they reported it.

[Shoten]

I fail to see how these companies could validate with 100% certainty that the device reported stolen actually belong to the owners that claimed to own them. This is important; because if you can't validate the owner with 100% certainty, then you open the door to situations where person A falsly reports persons B's phone stolen and gets it bricked. This would be a denial of service prank/attach and I'm sure it would be a much larger liability for AT&T than simply letting theives reactivate a device that was obtained nefariously. Are they going to make everyone that claims to have a phone stolen produce a receipt to validate ownersihp? To requre AT&T to get involved would be a disaster. When you require/allow corporations to get involved in things that should ONLY be law enforcement investigations, then you open a whole new can of worms.

It's been done in just about every other country in the world for some time now. The process works, and it also cuts WAY down on smartphone theft. In Washington, DC (where I live) there has been a rash of armed holdups for smartphones for some time now, and the chief of police has been begging AT&T (because iPhones are the prime target...sorry Android users) to do this. Police departments in cities all over the country have been calling for this to be done.

Yes, it's possible to cause trouble for someone else by filing a false police report. It's also a felony, and quite certain to get you caught. I could cause trouble for you by claiming you stole my phone. But then, AT&T would happen to have that phone associated with your name, SSN, credit card, address, and blood type...and would have had that association for quite some time. So, I would go to jail instead. Following your logic, we shouldn't allow people to say that their cars were stolen, either, because I could just walk up to you in your car and say "THIEF!" and send you to prison while I drive away in your vehicle.

Re:Only if they reported it.

[geekoid]

I'll wager the are using the term brick in modern usages, and not archaic usage(5 years ago)

Making rendering it unable to make calls or connect.

Disable would have been a better term for them to use.

I know I know, we have are precise language, and then non nerds get a hold of it and butcher it to the point where hacking is using a facebook account that someone didn't log off from.

Re:Only if they reported it.

[AngryDeuce]

Cars are located and disabled with OnStar, but all vehicles do not have OnStar. If a car with OnStar is reported as stolen, OnStar will work hand in hand with police to get the car recovered. This is a core feature that sells the OnStar service. Ditto with services like LoJack (which they provide for computers now, I used to sell it myself). However, you cannot register a stolen car with any DMV in this country. They check their databases specifically for this reason. The DMV is not a police officer, but I'm betting most reasonable people are cool with them electing not to register cars reported stolen.

For one thing, 99 times out of 100, the police do not recover the phone at all. If it's not resold and reactivated, it either ends up a toy for some thief's kid to play with or broken into a million pieces or rotting at the bottom of a lake or river. How many reasonable people have ever lost or had stolen something like a cell phone and actually expected to see it again? Stolen property, especially stolen property that's relatively cheap like a cell-phone, is not a priority for any police department in this country. If they come across it while investigating other crimes, they'll be good enough to give you a ring and have you come pick it up (unless they need to keep it as evidence), but they don't actively check personal electronics to see if they're stolen unless they have a compelling reason to do so. They don't have the time. No police force in this country has that kind of time, obviously.

Your only recourse now if your phone gets stolen is to call the police and buy a new one. Nobody is expecting anything any different there. All they're asking is that the thief not be able to take that stolen cell phone into another store and reactivate it when AT&T can tell perfectly well that it is a stolen phone. AT&T is not being singled out here. Any time a person has a reasonable suspicion that a good may be stolen they're required to act accordingly regardless of their relationship with that person. If someone offered to sell you a brand new PS3, still in the box, for $50 out of the back of a van, for instance, and it turns out it's stolen, you can't feign ignorance because a reasonable person would have known better and you are guilty of a crime. If a used car salesmen agrees to buy a car with scratched off or non-matching VINs, they are guilty of a crime.

Your "Orwellian society" and "Corporatocracy" claims are pretty ridiculous when people are trying to make a corporation be accountable for once, and requiring them to brick phones they know to be stolen is part of that. As I said above, there is plenty of precedent already covering this, the concept is not new.

What exactly is it that you're worried about here? That AT&T is going to vindictively brick cell phones? That they're going to just let any old person call up and brick any phone he wishes? You can't even talk about your fucking bill without giving them a whole bunch of personal information first, so what exactly are you worried about here? What power is this going to give the corporation to abuse? They've already got this power, so if they were going to abuse it, they would have long before now...

Re:Only if they reported it.

[Phroggy]

On a less sarcastic note, the police have often refused to get involved even after a police report is filed _and_ the person knows exactly where the cell phone is (hello? They're radio transmitters). Police resources are only used in cases of violence, property damage, or theft of corporate property. Theft of private property is just... not important.

They're right, it's not important, compared to catching murderers and rapists and the like. The problem isn't that the police don't care about less important cases like the theft of an iPhone. The problem is that we as a society have decided that WE don't care enough to properly fund our police departments, so that they can handle these less important cases in addition to the more important ones.

Every time you vote to reduce taxes, and vote for politicians who say the government is too big, this is what you're voting for.

Say what you will about Telstra...

in Australia, Telstra have a bad rap for fucking over customers, but this isn't an issue with them. A year back I lost my iPhone, reported it stolen, and within a week another Telstra customer began using it. Telstra stopped their service, had them come into a store, and simply took the phone from them and let me know I could collect it. As gravy, the idiot who'd been using it caused a scene in the Telstra store and had the police called on them - they were known to the cops and arrested for other reasons.

On the bad side, I'd already bought another iPhone in the meantime. Win some lose some.

This should be criminal, not civil

If I call AT&T or its agent and tell them that my phone has been stolen, then they are engaging in a criminal act when they reactivate that phone. There are no legitimate excuses for this behavior.

If somebody steals a car that is equipped with a kill-switch in the engine and I, knowing that it is stolen, disables the kill switch so that the thief can drive the car, then I'm going to go to prison. The only difference between my behavior and AT&T's is that I am not a massive corporation, so I am subject to the laws of the United States.

Disabled IMSI search

[doston]

When I worked at AT&T as a systems engineer in SMS a few years back, we and anybody in customer care were able to perform a search by IMSI (sort of like a MAC address for cell phones). One day the IMSI search feature was suddenly yanked. Thought it was a bit strange, because one time I was able to use the IMSI search to find the new MSISDN (phone #) for a friend who'd lost his phone and it helped him recover it. Makes me wonder if AT&T just didn't want to be involved in stolen iPhonery, or if they yanked the search feature because the profits from the process (noted in the story headline) were just too tantalizing.

Re:Disabled IMSI search

[icebike]

I seriously doubt you worked as a system engineer if you don't know the difference between an IMSI and and IMEI.

IMSI = International Mobile Subscriber Identity, allows you to find out information about the account hold. Its on the sim. It allows you to violate people's privacy, which is why Joe Tech should not be able to look this up, not without a warrant.

IMEI = International Mobile Equipment Identity, a unique number built into the hardware. It can be used to block service to the device. That will bring the user in to complain. No warrant needed.

Re:Disabled IMSI search

[doston]

I seriously doubt you worked as a system engineer if you don't know the difference between an IMSI and and IMEI.

IMSI = International Mobile Subscriber Identity, allows you to find out information about the account hold. Its on the sim. It allows you to violate people's privacy, which is why Joe Tech should not be able to look this up, not without a warrant.

IMEI = International Mobile Equipment Identity, a unique number built into the hardware. It can be used to block service to the device. That will bring the user in to complain. No warrant needed.

It was IMEI, you're right. I'm not as much into cell phones..unix, linux, and the actual messaging systems in the background (SMTP email schleping). Was just a tool I had access to. My actual title was Engineer IV. I reported to Kevin Tromp, still the director of Messaging. Yes, I did work there. ;-)

Re:Hoist by own petard

[icebike]

Would the DMV be liable if they licensed a car that was reported stolen....I think so

The DMV is required to do this by law, because they are creating a title to real property of significant value.
AT&T isn't required to do that.

They are not granting you a title simply because they are selling you a service.