California passes law mandating smartphone kill switch

The law is likely to affect smartphones sold around the world

Smartphones sold in California will soon be required to have a kill switch that lets users remotely lock them and wipe them of data in the event they are lost or stolen.

The demand is the result of a new law, signed into effect on Monday, that applies to phones manufactured after July 1, 2015, and sold in the state.

While its legal reach does not extend beyond the state's borders, the inefficiency of producing phones solely for California means the kill switch is expected to be adopted by phone makers on handsets sold across the U.S. and around the world.

The legislation requires a system that, if triggered by an authorized user, will lock a handset to essentially make it useless. The feature must be installed and activated in new smartphones, but users will be able to deactivate it if they desire, and it must be resistant to attempts to reinstall the operating system.

Police can also use the tool, but only under the conditions of the existing section 7908 of the California Public Utilities Code. That gives police the ability to cut off phone service in certain situations and typically requires a court order, except in an emergency that poses "immediate danger of death or great bodily injury."

The law doesn't specify how the system locks the phone, nor what happens to the data on the phone when it's locked. Each manufacturer can come up with their own system.

The law follows pressure on phone makers from the state's law enforcement community to do something about rising incidents of smartphone theft, which has become one of the most prevalent street crimes in the state.

Apple has already responded and added a feature called "Activation Lock" into its iOS 7 operating system, which meets all requirements of California's kill switch law bar one - it doesn't come enabled in new phones. That will have to change.

Both Google and Microsoft have said they are introducing similar features in upcoming revisions to their smartphone operating systems.

"California has just put smartphone thieves on notice," California State Senator Mark Leno, the sponsor of the legislation, said in a statement. "Our efforts will effectively wipe out the incentive to steal smartphones and curb this crime of convenience, which is fueling street crime and violence within our communities."

The law makes California the second state in the U.S. to pass legislation aimed at reducing smartphone theft. Minnesota passed a law in June, but it doesn't require the kill switch to be enabled as default. Law enforcement says that's key because it will increase the chance that a new smartphone has the kill switch enabled, hopefully reducing its attractiveness to thieves.

The kill switch function was actively opposed by the wireless industry until earlier in 2014, when carriers and their lobbying group reversed course and came out in favor of the plan. They received more persuasion in the form of two additional bills introduced to the U.S. House of Representatives and the Senate.

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

Tags Microsoftsecuritymobile securitysmartphonesiPhoneAndroidlegalCriminalAppleconsumer electronicsGoogle

More about AppleGoogleHouse of RepresentativesIDGMicrosoftNews

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Martyn Williams

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts