**UK Lawmakers Press Apple and Google Over Stolen Smartphone Protections**
UK legislators grilled Apple and Google in a House of Commons hearing over their failure to implement measures that would allow stolen smartphones to be remotely locked, reset, or blocked from accessing cloud services—a request repeatedly made by the Metropolitan Police.
During the session, MPs expressed frustration over what they perceived as resistance from the tech giants, suggesting commercial incentives may be influencing their stance. Apple and Google, however, argued that such measures could introduce new fraud risks, including account takeovers and blackmail attempts.
The Scale of the Problem
The Met Police reported a sharp rise in smartphone thefts, with 80,000 devices stolen in London in 2024—up from 64,000 in 2023. Apple devices account for roughly 80% of stolen phones, with an estimated annual replacement value of £50 million ($67 million). Most stolen devices are funneled through criminal networks and resold abroad, primarily in Algeria, China, and Hong Kong.
Current Limitations
While the GSMA industry association allows stolen phones to be blocked at a network level using their IMEI (International Mobile Equipment Identity) numbers, this only covers about 10% of global networks. The Met Police has proposed an international cloud-level block, where reported stolen devices would be barred from accessing Apple or Google services. Security experts argue this could drastically reduce resale value and theft incentives.
Industry Responses
Apple’s Gary Davis acknowledged the risks of IMEI-based blocking, citing concerns over fraud vectors, including impersonation attacks that could lead to account deletions or blackmail. Google’s Simon Wingrove noted that Android devices can already be locked or wiped via the Find My Device app, but it remains unclear whether this prevents stolen phones from being reused with new accounts.
Potential Solutions
Dion Price, CEO of Trustonic—a company that provides remote locking for supply chain distributors—suggested a government-regulated system using IMEI data already collected for trade and tax purposes. Such a system could enable near-instant global locking of stolen devices, but only if phones are registered at first activation.
The debate highlights the tension between security, user protection, and commercial interests as lawmakers push for stronger anti-theft measures.
Source: https://www.theregister.com/2025/06/04/apple_google_stolen_phones/
Google cybersecurity rating report: https://www.rankiteo.com/company/google
GSMA - Security and Fraud cybersecurity rating report: https://www.rankiteo.com/company/gsma-security-and-fraud
DC Metropolitan Police Department cybersecurity rating report: https://www.rankiteo.com/company/dc-metropolitan-police-department
Apple Inc 2153439011 cybersecurity rating report: https://www.rankiteo.com/company/appleinc
"id": "GOOGSMDC-APP1766375619",
"linkid": "google, gsma-security-and-fraud, dc-metropolitan-police-department, appleinc",
"type": "Cyber Attack",
"date": "6/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Approximately 64,000-80,000 '
'stolen Apple phones in London '
'(2023-2024)',
'industry': 'Consumer Electronics and Software',
'location': 'Global (UK affected)',
'name': 'Apple',
'size': 'Large',
'type': 'Technology Company'},
{'customers_affected': 'Unknown number of stolen '
'Android phones in London',
'industry': 'Consumer Electronics and Software',
'location': 'Global (UK affected)',
'name': 'Google',
'size': 'Large',
'type': 'Technology Company'}],
'data_breach': {'personally_identifiable_information': 'Potential risk if '
'cloud data is '
'accessed',
'sensitivity_of_data': 'Potential access to cloud services '
'(e.g., Google Photos, Drive, Gmail, '
'Apple iCloud)'},
'description': 'UK Members of Parliament expressed concerns that Apple and '
'Google have not implemented measures to remotely lock, reset, '
'and block stolen smartphones from accessing cloud services, '
'as requested by the Metropolitan Police. The tech companies '
'cited potential fraud vectors and commercial incentives as '
'reasons for their reluctance.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to Apple '
'and Google due to perceived inaction',
'financial_loss': '£50 million ($67 million) annual replacement '
'value of stolen phones in London',
'identity_theft_risk': 'Potential risk if data is accessed by '
'criminals',
'operational_impact': 'Traumatic disconnection for users, '
'potential data access by criminals',
'systems_affected': 'Smartphones (primarily Apple iPhones)'},
'investigation_status': 'Ongoing (policy discussion and technical evaluation)',
'lessons_learned': 'Need for collaboration between tech companies, law '
'enforcement, and regulators to address smartphone theft '
'and resale. Potential for IMEI-based blocking systems to '
'reduce theft incentives.',
'motivation': 'Financial gain through resale of stolen devices',
'post_incident_analysis': {'corrective_actions': ['Evaluate feasibility of '
'IMEI-based cloud blocking '
'with fraud prevention '
'measures',
'Explore regulatory or '
'government-led solutions '
'for smartphone '
'registration and locking',
'Improve collaboration '
'between tech companies, '
'law enforcement, and '
'telecom providers'],
'root_causes': ['Lack of standardized IMEI-based '
'blocking system for cloud '
'services',
'Potential commercial incentives '
'for tech companies (e.g., revenue '
'from cloud services and '
'replacement devices)',
'Fraud risks associated with IMEI '
'spoofing or misuse']},
'recommendations': ['Implement an international cloud-level blocking system '
'for stolen smartphones using IMEI numbers.',
'Establish a regulatory or government body to oversee '
'smartphone registration and locking mechanisms.',
'Enhance fraud detection to prevent misuse of IMEI-based '
'blocking systems.',
'Improve coordination between tech companies, law '
'enforcement, and telecom providers to track and block '
'stolen devices.'],
'references': [{'source': 'The Register'},
{'source': 'UK House of Commons Science, Innovation and '
'Technology Committee'}],
'response': {'communication_strategy': 'Public statements by Apple and Google '
'to UK Parliament',
'law_enforcement_notified': 'Metropolitan Police engaged with '
'Apple and Google',
'third_party_assistance': 'Trustonic (provides locking '
'technology for smartphones)'},
'stakeholder_advisories': 'UK Parliament committee urging Apple and Google to '
'implement IMEI-based blocking for stolen devices.',
'threat_actor': 'Criminal gangs',
'title': 'UK Legislators Question Apple and Google Over Lack of Smartphone '
'Theft Protections',
'type': 'Policy and Compliance Issue'}