FTC To Study Mobile Device Industry’s Security Update Practices

In order to gain a better understanding of security in the mobile ecosystem, the Federal Trade Commission has issued orders to eight mobile device manufacturers requiring them to provide the agency with information about how they issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices.

The eight companies receiving orders from the FTC are: Apple, Inc.; Blackberry Corp.; Google, Inc.; HTC America, Inc.; LG Electronics USA, Inc.; Microsoft Corp.; Motorola Mobility, LLC; and Samsung Electronics America, Inc.

Among the information recipients must provide under the orders are:

  • the factors that they consider in deciding whether to patch a vulnerability on a particular mobile device;
  • detailed data on the specific mobile devices they have offered for sale to consumers since August 2013;
  • the vulnerabilities that have affected those devices; and
  • whether and when the company patched such vulnerabilities.

The orders issued today are part of the FTC’s ongoing efforts to understand the security of consumers mobile devices, including a workshop in 2013 and a follow-on public comment period in 2014.

The Federal Communications Commission is conducting a separate, parallel inquiry into common carriers’ policies regarding mobile device security updates.

The Commission is authorized to issue Orders to File a Special Report by Section 6(b) of the FTC Act.

The Commission vote to issue the orders was 3-0.

SOURCE: FTC

About the author: Dissent

Comments are closed.