14 DAY TRIAL // The American Civil Liberties Union (ACLU) has filed a request for investigation with the Federal Trade Commission (FTC), asking the organization to look into the practices of some major US wireless carriers.
ACLU accuses companies such as AT&T, Sprint, T-Mobile and Verizon of not releasing enough software security updates for the Android smartphones they sell.
“A significant number of consumers are using smartphones running a version of the Android operating system with known, exploitable security vulnerabilities for which fixes have been published by Google, but have not been distributed to consumers’ smartphones by the wireless carriers and their handset manufacturer partners,” ACLU wrote in the complaint.
In addition, ACLU notes, “The wireless carriers have failed to warn consumers that the smartphones sold to them are defective, that they are running vulnerable software, and that other smartphones are available that receive regular, prompt updates to which consumers could switch.”
The civil rights group also points to the FTC’s recent settlement with HTC. At the time, FTC Chief Technologist Steve Bellovin explained that the lack of updates was “a non-starter for most security holes, since those can become critical, recurring problems any time some attacker wants them to.”
Furthermore, wireless carriers are accused of unfair business practices because they enforce service contract early termination fees for customers with vulnerable smartphones.
ACLU requests the FTC to compel companies to warn their subscribers about the threats posed by the security holes that plague their devices, allow users whose devices are vulnerable to end their contracts without any termination fees, and refund consumers the phone’s original purchase price or allow them to exchange it at no cost.
Verizon representatives have told Ars Technica that they’re doing the best they can to provide mandatory updates as quickly as possible. Sprint claims it’s following “industry-standard best practices designed to protect customers.”