Alex had a gnawing, uneasy feeling when he boarded the last BART train from San Francisco International Airport, on the way home from a business trip in 2012. The station was dead empty. The 33-year-old risk-management consultant was alone, shuttling to a quiet East Bay suburb after midnight, dressed like the straight man in a noir movie. Alex wore a suit with slippery pockets. He slipped his iPhone4 into one of them, took a seat on the Pittsburg-Bay Point train, and crossed one leg over the other.
When he got off in Orinda, the phone was gone.
“It definitely just slipped out of my pocket on the BART train,” Alex recalls. “I thought, 'Well, that was the last train, so it probably just went to the end of the line.'”
He went home, filled out a lost item form on BART's website, and sent a text message to his phone, offering a reward for whoever found it. He waited. Alex had one more option — “Find my iPhone,” a new geo-locator app he'd installed at a time when few people knew such safeguards existed. The app would signal Apple as soon as anyone plugged the pilfered phone into a wall socket to juice the battery.
And so, after a couple days of science, Alex received an email from Apple, indicating that his iPhone's location had been recorded.
Alex was emboldened. “I wanted my phone back,” he says. “You know how much those things cost, without a contract?” In 2012, an iPhone 4 would have cost $549 without a contract; the most current model, an iPhone 5S, would cost $849 today.
But Alex was fairly certain he could turn up the lost device. By logging into his Apple iCloud account, he was able to access the geo-tracking feature and determine that the phone was languishing somewhere in Clayton, a small bedroom community at the foot of Mount Diablo. “My immediate reaction was, 'Okay, this is either wrong, or some asshole stole my phone and took it home.”
He sent a few more texts. The phone stayed offline for a couple days, then showed up again on his iCloud account, beaming signals from the same spot, in Clayton. Alex was infuriated. He could tell someone had read the messages, ignored them, and charged the phone anyway.
He got on Google Maps and scoped out the area: upscale colonial houses, manicured lawns, BMWs parked in driveways. He traced the phone to an address, then tied that address to a couple kids who attended a nearby school. Then, through a little more sleuthing, he found the name of the homeowner. “By the time I was done,” Alex says, “I knew the names of his kids and how much his mortgage payment was. I just needed a home number.”
That, and a little assistance from the companies who'd sold him the phone and yoked it to an ironclad service contract. But none was forthcoming.
Alex called AT&T, said he'd figured out who'd stolen his phone, and asked if the company could help get it back — perhaps by flagging the phone if the thief tried to register it in a new name. No dice. AT&T gave him two options: Either deactivate the phone and buy a new one, or find a cop willing to subpoena AT&T for information, file a lengthy police report, and go through a long bureaucratic process.
It was, Alex says, “the most B.S. story I've ever heard.”
He called Apple and was invited to try the same “find my phone” app he'd already been using.
Alex realized that if he wanted the phone back, he'd have to get it himself. He got in his car and headed to Clayton.
It turns out the dismissive responses that Alex received in his quest to find the stolen iPhone were typical of telecom companies and service carriers. Apple and AT&T have little reason to help someone recover a device — even if it's within reach. Smartphone theft is a lucrative business, and not just for the small-time crooks who lift gadgets off of BART seats. The manufacturer profits by hawking a replacement phone; the carrier profits double, by locking the crime victim into a new contract, then opening an account with whomever ends up with the stolen phone. Telecom companies even profit from the specter of phone theft, by selling expensive insurance policies to protect their users.
“We've tried to blow the whistle on this for years,” Capt. Jason Cherniss of the San Francisco Police Department says. “And these companies have had the ability to prevent it for years.” In the meantime, he adds, people have been violently robbed — even killed — and millions of dollars have changed hands on the black market.
Alex would quickly find out that the entire smartphone industry functions as a protection racket. And culpability doesn't just lie with the unhelpful customer service representatives.
When Alex arrived in Clayton, he canvassed the neighborhood until he spotted the house where his iPhone was now living. He knocked on the door. A woman answered, regarding Alex with a look of polite concern. He told her that he'd lost his phone on BART, and Apple had traced it to his address.
“Oh, you should talk to my husband,” the woman said. “He works for BART.”
She summoned a man whose face resembled photographs Alex had uncovered doing property searches. He was Victor du Long: suburban homeowner, family man, BART cop. Du Long gingerly addressed Alex, clutching the purloined phone in one hand. Even then, the officer seemed like an improbable culprit.
Smartphone theft is the consummate crime of opportunity, particularly in a society saturated by modern gadgetry. Glance up the next time you're riding a BART train or sitting in the back of a Muni bus: Dozens of screens aglow as scores of thumbs peck at tiny keyboards. We obsessively check email and plink tech messages to friends; we walk down busy retail corridors with phones clasped to our ears or dangling from our palms. If you're a thief looking to make a quick payday, this city's downtown streets are your oyster.
And technology hasn't just altered human behavior; it's also changed the nature of crime. It's created a world in which we handle commerce electronically, obviating the need to keep wads of cash in our pockets. Because people use cellphones to tell time, they no longer wear watches. Wallets, which now only serve to hold credit cards and IDs, have become essentially worthless to anyone except the owner; the average person's most valuable effect is his smartphone.
So, the same items that tempt thieves also make us oblivious to them watching us. And it exposes us to other forms of crime, as well: In October, smartphone-absorbed Muni commuters failed to notice a gunman until after he'd shot 20-year-old Justin Valdez. The incident drew media scorn — and a whole litany of think-pieces bemoaning the shallowness of society. If there was a lesson to be learned, though, it was that anyone on that train could have been easy prey.
“You walk down Market Street, and so many people are just checked out, on the phone,” Capt. Cherniss says. For a thief looking to make a quick hit, it's the perfect storm of inattention and enticement.
Thus, smartphone theft has ballooned in tech-drenched San Francisco, where, according to District Attorney George Gascón, it now accounts for at least 50 percent of all robberies (and 75 percent of robberies in Oakland). It's become so prevalent as to garner its own nickname among cops — “Apple picking” — because handheld devices are low-hanging fruit.
And it's left police officers powerless to help.
“[Once] you take six reports on this, it becomes routine,” one cop says. Yet, he acknowledges, filing reports is usually an officer's only recourse. Phone thefts are hard to investigate because they happen so quickly, and because they kill the victim's line of communication — to police, or anyone else. And most departments lack the resources to solve these crimes. SFPD has all but eviscerated its plain-clothed forces and its narcotics division over the last four years, leaving a backlog of unresolved cases. It's only fitting that criminals would get the perception SFPD had let its guard down — much like the oblivious gadget-users on Market Street.
Add to that a 2011 state law that increased the threshold for grand theft from $400 to $950 — which meant that smartphone robberies could be reclassified as misdemeanors. That allowed SFPD to tout its massive reduction in felony arrests, which plummeted from 20,954 in 2002 to 8,911 nine years later when the law was passed — even while Apple-picking was on the rise.
Ironically, state Sen. Mark Leno, who is currently pushing a bill to force smartphone companies to install better theft-prevention technology, also voted for the 2011 threshold law. The impetus was to unclog California's prison system and adjust for inflation, Leno says, adding that “smartphone theft was not in our consciousness at the time.”
Thus, the scourge continued, the thieves went mostly unpunished, and lawmakers continued to shunt the burden. Until they couldn't.
In the fall of 2012, Gascón was rattled.
Felony arrests were down, petty crime was up. Smartphones were being snatched out of hands or plucked from pockets in downtown San Francisco, and city officials had yet to find a solution. Gascón had turned the issue into a cause célèbre, reciting crime statistics, hatching plans with other lawmakers, and entreating the telecom companies for help.
But no one in the industry was listening.
Gascón began his crusade after latching onto a simple but promising idea: kill-switches. The easiest way to stamp out street robberies was to take away the payoff, the DA thought. And companies could do that by installing preventative technology — the so-called “kill-switch” — to disable a stolen device, and keep it from being reactivated. That way, a thief would have no incentive to rip it off in the first place.
It seemed like a worthy cause, and only a niggling hardship for smartphone titans like Apple and Samsung. And they already had the capability, Gascón and his colleagues thought. Britain had been flagging stolen phones on a national database for years; U.S. companies, with their superior engineering and surfeit of resources, could certainly do much better.
Apple confirmed as much in 2010, when it unveiled a feature called “Alert & Respond,” which uses real-time geo-tracking to locate stolen devices. The iPhone used to showcase the product was allegedly stolen, in SOMA, by a hapless robber named Horatio Toure. He was apprehended within 10 minutes. The story of “the world's unluckiest thief” stealing “the world's most trackable iPhone” quickly became international news.
Clearly, industry leaders had solutions in hand. So Gascón was surprised when they put up resistance.
He began making overtures in late 2012 by calling a meeting with representatives of all the major service carriers — AT&T, Verizon, Sprint, and their industry trade group, the Cellular Telecommunications Industry Association (CTIA) — and asking them to advocate for kill-switches. They quickly shut him down, claiming the technology didn't exist. And if it did exist, they said, the onus would be on manufacturers, not carriers, to provide it.
Undaunted, Gascón turned to Apple, only to be brushed off by Michael Foulkes, the company's government liaison. When the two met in April of last year, Foulkes said that the next two generations of iPhone had already been developed, sans kill-switches, under Steve Jobs. Feeling jilted, Gascón chastened Apple for neglecting its social responsibility. He grumbled to a San Francisco Examiner reporter who documented the DA's complaints — and accidentally leaked the news about the next two iPhones models. Bloggers rejoiced. The resulting news story turned into a massive product announcement.
“Obviously, that was not a satisfying response,” Gascón says, recalling how he subsequently wrote a second letter to Apple CEO Tim Cook and got a slightly more encouraging response from another attorney, who said the company was willing to work with law enforcement — but offered no immediate commitment. Then, in September 2013, Apple rolled out an anti-theft feature that somewhat resembled the one Gascón had proposed, except that it was optional rather than baked-in. Not to be outdone, Samsung approached the DA's office and promised to install similar protections in its Galaxy S5 phone, which would come out later that year.
Evidently, the companies had been hoarding kill-switch technology after all. For a moment, Gascón was heartened. Then, in the fall of 2013, his staff obtained an email between a Samsung executive and the kill-switch software developer. Under pressure from the major telecom carriers and their interest group, Samsung was trying to abort the deal.
Gascón was flummoxed. “So we started to look into it a little more,” he says. “And as we became more educated, we started to see some pretty disturbing stuff.”
What really disturbed him, he says, was the amount of money on the line. Smartphones represent a $69-billion-a-year industry in the U.S., the DA notes. About half of that — some $30 billion a year — comes from replacing lost or stolen devices, according to a 2012 report by the mobile security firm Lookout. Carriers harvest an additional $7.8 billion annually by selling insurance to consumers, to protect them from crime that the carriers themselves could have prevented.
Reflecting on those statistics, Gascón is convinced that telecom companies don't just benefit from theft; they build it into their business model. And San Francisco — the city that harbors this ascendant tech economy — is bearing the brunt of it. In the early months of 2014, Gascón says, iPhone theft accounted for 67 percent of all robberies. It shows no sign of abating.
It takes three people to commit the perfect smartphone robbery. Two of them identify a distracted, vulnerable person — usually a woman, police say — with a phone in tow. The third one carries a gun. He's the “safety” or “trigger man,” whose role is to intervene only if the victim puts up a fight. In most robbery stakeouts, the trigger man stands by and watches while the other two ambush their victim and run. That lowers the risk, and raises the payoff: If the thieves are caught, they'll be charged with petty theft rather than armed robbery.
Local cops who handle these crimes say they usually take place over the course of a few seconds. The perpetrators are looking for a quick getaway; in some cases, a guy will just ask to borrow the victim's phone and then run off.
But sometimes, they get ugly. Many of the assaults and homicides that happen in San Francisco begin with a smartphone theft gone wrong, Gascón says. Oftentimes the perpetrators are young and clueless, seduced by the idea of a quick payoff. “It's very enticing,” the District Attorney continues: The allure of modern gadgetry induces young people to commit robberies they otherwise wouldn't consider. “Young people are building up criminal histories,” he says.
And those are the few who get caught. In most cases, the thieves run off, the victim is left with no means of communication, and the smartphone slips into a shadowy commerce system from which it may never be recovered.
San Francisco's black market for electronics is so prodigious — and efficient — that a thief can unload a stolen phone within minutes. Most of them go straight to Seventh and Market streets, where, according to the SFPD's Cherniss and other cops, many of the guys standing on the corner act as neighborhood fences. Some of these middlemen might buy a stolen phone and attempt to “unlock” it (meaning untether the phone from its carrier), or perform a factory reset (meaning wipe away the data), in the hope of selling it to an unwitting local. Peddlers on Mission Street offer to unlock phones for as little as $10, according to one merchant at the Alemany Flea Market (he also sells phones, but only used Blackberries and battered clamshells). A man who runs a used electronics kiosk in the back of a Mission Street piñata store will unlock a phone for $80 — cash only. Once it's scrubbed clean, a phone can be sold on Craigslist for roughly half the retail value: $430 for an iPhone 5; $340 for a Samsung Galaxy S4; $280 for an IPhone 4S.
Selling a stolen phone within the U.S. is a dicey proposition, because there's always a chance the robbery victim called her carrier and had the phone deactivated. That doesn't stop thieves from trying: Many circumvent the carriers' anti-theft features by hacking into the phone to change its serial number; others bamboozle their customers by selling phones that are inoperable. Still, it's become more common — and profitable — to ship stolen phones overseas, where they can easily be resold and assigned a new service contract.
The phones fenced at Seventh and Market will often wind up in the hands of an underground broker or wholesaler, who will export them in bulk. They're sewn into suitcases or jacket linings, secreted onto planes, and taken to other countries, where the cost of legally imported gadgetry is higher — partly because of tariffs, but mostly because U.S. tech companies don't subsidize foreign telecom carriers. IPhones, for example, are prohibitively expensive in parts of Asia and the Middle East, according to data collected by the international price index Mobile Unlocked. An iPhone 5S that costs $707 in the US will run $1,090 in Jordan and $1,196 in Brazil if it's sold through official channels. In China — which, ironically, harbors most of the factories where Apple products are manufactured — the same iPhone goes for $868, if it's sold legally.
Exorbitant retail prices have raised demand for black market merchandise, since stolen inventory is cheaper and easy to conceal. Once a pilfered phone is repackaged, no one can trace its provenance. It can be placed in a display window alongside any newly-manufactured Apple product. It's become the conventional wisdom that any phone sold at a brick-and-mortar store overseas might have been stolen from a U.S. citizen.
While the global black market for smartphones is vast and byzantine, law enforcement has reason to believe that part of it originates in San Francisco — a dense city with tons of pedestrians, battalions of tech workers, and a few sophisticated crime networks.
In November 2012, San Francisco police busted brothers Henry and Victor Gamboa for allegedly running a fence out of their apartment in the Tenderloin with more than $500,000 in stolen property, including 100 cellphones. Investigators suspect the Gamboas were part of a much larger ring, and that the goods — which were procured from auto burglaries throughout San Francisco and Oakland — were being shipped overseas. In December of that year, police busted another electronics fencing operation in the Excelsior, allegedly run by Hung Huynh and Heriberto Cardenas. Police say Cardenas was routing items to Mexico.
The market for stolen cellphones has swelled so much in Colombia — a country traditionally known for drug-trafficking — that many cartels are now smuggling Apple devices and Galaxy 5s instead of narcotics, because there's less risk in the gadget trade. A recent Huffington Post investigation showed Colombian police struggling to keep tabs on this new contraband network, even as they crack down on international drug sales. So far, the Colombian government has tackled the problem with grisly public service announcements, which show blood seeping out of stolen iPhones.
“Comprar un cellular robado es cargar con un muerto,” the ads warn: Buy a stolen cell phone; carry a corpse.
In February of this year, DA Gascón and state Sen. Mark Leno unveiled a legislative salvo for San Francisco's smartphone theft epidemic. Senate Bill 962 would require every smartphone and tablet sold in California to come equipped with a kill-switch, beginning in 2015. That, the authors believe, would be enough to deter most criminals.
No state has ever passed such a law, so Leno and Gascón have to cite different historical antecedents to substantiate their claims. The closest analogue might be car theft laws passed in the 1980s and '90s, which tightened penalties for carjacking and burglary, but also required manufacturers to install antitheft devices, or inscribe vehicle identification numbers on their auto parts. The laws were successful: Studies by the National Highway Traffic Safety Administration showed substantial theft reduction in car lines with preventative equipment or marked parts.
Leno and Gascón hope to see similar results in the smartphone industry, as do their legislative counterparts in New York, Minnesota, and Illinois, who all have similar proposals in the works. And so far, California's kill-switch bill seems to have a tide of support behind it. On April 1, it cleared the Senate Energy, Utilities, and Communications Committee by a 6-2 vote, prompting a spate of jubilant press releases from Leno's top brass.
“Our proposal eliminates the financial motive behind this crime, which will help curb thefts and protect the safety of smartphone users,” the senator trumpeted in a canned statement. “This is a crime of convenience. End the convenience. End the crime.”
For a state in which smartphone capers have surpassed all other forms of robbery, the idea didn't seem profoundly controversial — until industry representatives stepped in. It turns out Leno and Gascón face opposition from cellphone carriers and tech companies — even the ones that previously paid lip service to the idea of theft prevention.
Representatives of the CTIA declined to comment for this story. Instead, the association emailed a prepared statement from its senior vice president and general counsel Michael Altschul, who derides kill-switch features as a “trap door” for hackers and cyber-criminals. Some privacy stalwarts have floated the same theory, arguing that if a citizen can turn off his device remotely, the government can too. As one InformationWeek blogger noted, that could “hasten the arrival of the Surveillance of Everything.”
Apple's government affairs manager, Jason Lundgaard, was less apoplectic in his own “letter of concern” to Leno. Nonetheless, he argued that the Senate bill's language “limits consumer choice, and is inconsistent with global best privacy practices.” Users should give consent before any remote geo-tracking application — such as the “Find My iPhone” feature — is installed on their devices, Lundgaard maintained. Because the bill averts the consent process, it “undermines such a crucial consumer privacy tenet.”
“Unless these fundamental issues are addressed,” Lundgaard continued, “we [Apple] must regretfully oppose SB 962.”
As an alternative, the CTIA proposed a “Smartphone Anti-Theft Voluntary Commitment,” basically a pledge for manufacturers and carriers to sign, promising that by July 2015, they'll offer a downloadable anti-theft tool that functions similarly to a kill-switch — except that it's voluntary, rather than standardized. Thus far, Apple, Google, AT&T, Samsung, Sprint, Verizon, and several others have signed on.
Leno and Gascón are not pleased. Leno calls the solution “incremental yet inadequate,” and says it completely misses the goal of combating smartphone robbery. Consumers can't be expected to download the safeguard on their own, especially if it requires all the rigmarole of installing a new operating system, or creating an account, in order to activate the kill-switch. People who aren't tech-savvy won't bother to do that, Gascón's legislative affairs and policy manager Maxwell Szabo contends. Thieves will safely assume that the majority of smartphones still lack kill-switch technology, he says; there won't be “the nexus of individuals” to create an effective deterrent.
And if optional switches don't deter robbery, they also won't reduce a stolen phone's value on the black market, Leno notes. They won't stifle the fencing operations on Seventh and Market, or the bigger rings that ship suitcases and fruit containers full of phones overseas. In fact, Szabo argues, they're little better than the carriers' current solution, which is to wait for a call from the robbery victim, deactivate her account, and then log the stolen phone's ID number into a giant database. Stolen-phone databases haven't stamped out Craigslist sales of secondhand phones in the U.S., and the U.K.'s similarly designed “stolen phone” blacklist hasn't inhibited crime, despite its honorable intentions.
The only solution, Leno and Gascón argue, is to have kill-switches hardwired so that no network can reactivate a stolen device — no matter where it goes, it's useless. “Until then, my elected colleagues and I should put our trust in the police officers who fight this crime every day over the industry that continually resists a comprehensive solution to it,” Leno retorted, chastening the CTIA in his own public statement.
He finds the industry's resistance baffling.
Alex felt a surge of adrenaline as he and Victor du Long stared each other down, in a doorway in Clayton.
“I said to myself — 'Oh, you fucker, I've got you,'” Alex remembers, three years later. He thought he'd uncovered a rogue BART employee; he wouldn't know, until filing a complaint and recounting the incident to BART's customer service department, that Du Long was, in fact, a cop.
And, not surprisingly, du Long was reluctant to admit guilt. “Well, how do I know it's your phone?” he mumbled.
“Because I'm standing on your doorstep,” Alex snapped. “It's locked — I have the password. Give it to me.”
When du Long finally handed the phone over, Alex grabbed it and typed the password in. The phone lit up obligingly. “Okay, thank you!” Alex cried, running down the steps and back to his car.
Weeks later, he found himself in BART's Internal Affairs office in Oakland, trying to explain the Find My iPhone app to a group of investigators.
“They videotaped me turning my phone off, sending a text, and then receiving the location of the text,” Alex recalls, noting that the BART cops were fascinated; “Find My iPhone” hadn't received that much buzz outside Apple fan-club circles, and most non-techies still didn't know it existed. Alex gave the cops permission to subpoena his phone records from Apple. Then he went home and heard nothing for several months.
In April 2012, BART Police Internal Affairs sent Alex a letter announcing that the investigation had been completed, and that du Long had been charged with “conduct unbecoming an officer,” unauthorized property removal, and untruthfulness. The department couldn't disclose further details, owing to the Peace Officer Bill of Rights Act, but BART Lt. Lance Haight assured Alex that it had been “addressed appropriately.”
Alex is an outlier. The vast majority of smartphone theft victims never find their stolen property.
And the robberies continue. An April consumer report showed that smartphone theft skyrocketed nationally, from 1.6 million cases in 2012 to 3.1 million in 2013 — a 94 percent uptick, which left Gascón and Leno feeling vindicated. In San Francisco, the epidemic keeps growing: Ten smartphones were swiped from patrons at Balancoire, a Mission district nightclub, on a recent Saturday. The thieves were caught on surveillance camera but never apprehended. By Tuesday, at least one of the robbery victims had bought a new phone and moved on.