Networks must update Android phones, says US group

Mobile operators under fire over lack of security updates

Stewart Mitchell
17 Apr 2013

A US consumer group has called on officials to launch an investigation into the way operators deal with Android phone updates, claiming a lax attitude leaves users at risk.

The call for the Federal Trade Commission to investigate four carriers comes at a time when Android phone is increasingly under the spotlight.

According to the American Civil Liberties Union, although Google releases regular updates for its Android platform, US networks such as T-Mobile, Sprint, Verizon and AT&T leave users vulnerable to data attacks because they fail to update handsets sold to end users. It's a similar situation here in the UK, with operators often failing to deliver OS updates for old handsets.

Google's own figures show 45% of handsets in use still run Android 2.3, which was released back in 2011.

"A significant number of consumers are using smartphones running a version of the Android operating system with known, exploitable security vulnerabilities for which fixes have been published by Google, but have not been distributed to consumers’ smartphones by the wireless carriers and their handset manufacturer partners," the American Civil Liberties Union stated in its complaint.

"Android smartphones that do not receive regular, prompt security updates are defective and unreasonably dangerous."

Calling sales of devices with old versions of Android "deceptive", the group claimed carriers and manufacturers that modify Android should bear responsibility for updating the code and addressing security flaws, in the same way Microsoft does with its regular updates.

Read more about: