Way back in 1996 I was fortunate enough to win the “Technology Journalist of the Year” award in the U.K. for an investigation into security threats facing the rapidly evolving internet. I have been encouraging people to take security seriously ever since. The perfect technological storm of an omnipresent internet, blisteringly fast mobile broadband speeds and the computer in your pocket that is your smartphone makes this message more relevant than ever. So it may come as some surprise that I am suggesting disabling one of the most important security features that the iPhone provides.
What’s the problem?
A new report by the Colorado Public Interest Research Group (CoPIRG), has revealed that over the course of the last three years some 66,000 iPhones have had to be destroyed by one Colorado based electronics recycling center rather than being reused. All thanks to an iOS security feature. The Wireless Alliance, which received in excess of six million donated phones for recycling between 2015 and 2018, has said that the iPhones in question were “perfectly reusable” but had to be broken up for parts rather than enter the used smartphone market. The reuse before recycle mantra resonates with those who want to empower the less wealthy consumer and reduce the environmental impact of new phone production alike. So what’s the iOS security feature that’s causing the problem? The answer is iPhone’s activation lock that is part of the Find My iPhone functionality.
When an iPhone user turns on Find My iPhone the activation lock is automatically enabled. It works by securely storing the Apple ID on Apple’s activation servers and linking this to the device. In order to turn off Find My iPhone or factory reset the iPhone in order to erase all data, the Apple ID password is required. This is a great security feature as you can easily put a misplaced or stolen iPhone into “Lost Mode” which locks the screen and displays a custom message to help recover it if found. Apple says “While Activation Lock works in the background to make it more difficult for someone to use or sell your missing device, Lost Mode clearly indicates to anyone who finds your device that it still belongs to you and can’t be reactivated without your password.”
What does CoPIRG say?
While acknowledging that an activation lock can deter thieves by making stolen iPhones a much less valuable proposition, it also urges that every phone that can be reused should be reused. One in four of the iPhones that were donated to The Wireless Alliance last year had the lock activated and the proportion is growing year on year. “There is no current system in place where companies like The Wireless Alliance can flag non-stolen activation locked phones to manufacturers” the CoPRIG report says, continuing “if a phone’s activation lock is not lifted by the original owner, the lock is permanent.” In order to tackle this problem of permanence, CoPIRG suggests that there needs to be a better balance between theft deterrence and allowing the activation locks to be disabled by reputable, certified, recyclers. It suggests that a system could be introduced whereby the recycling organization would submit International Mobile Equipment Identity (IMEI) numbers to the manufacturer which would then push a notification to the original owner’s current device requesting verification the device had been donated for recycling.
What should you do?
Let me start by stating what you shouldn’t do, and that is disable the Find My iPhone feature. This is, as I’ve already said, an important part of the security ecosystem embracing your iPhone and helping protect your data privacy. You should also continue to donate your old iPhone to a certified recycling center when you upgrade so it can be reused. Just remember to deactivate Find My iPhone, and so the activation lock, before donating it. I also advise that you securely wipe your iPhone to ensure none of your data remains. This is easily done by going to Settings|General|Reset and then selecting Erase All Content. You will need to enter your passcode after which a warning will ask if you are sure. Press the red Erase iPhone button, enter your Apple ID password to confirm and your iPhone will be returned to the factory default.