(a) For purposes of this section, the following terms have the following meanings:
(1) (A) “Smartphone” means a cellular radio telephone or other mobile voice communications handset device that includes all of the following features:
(i) Utilizes a mobile operating system.
(ii) Possesses the capability to utilize mobile software applications, access and browse the Internet, utilize text messaging, utilize digital voice service, and send and receive email.
(iii) Has wireless network connectivity.
(iv) Is capable of operating on a long-term evolution network or successor wireless data network communication standards.
(B) A “smartphone” does not include a radio cellular telephone commonly referred to as a “feature” or “messaging” telephone, a laptop, a tablet device, or a device that only has electronic reading capability.
(2) “Essential features” of a smartphone are the ability to use the smartphone for voice communications, text messaging, and the ability to browse the Internet, including the ability to access and use mobile software applications. “Essential features” do not include any functionality needed for the operation of the technological solution, nor does it include the ability of the smartphone to access emergency services by a voice call or text to the numerals “911,” the ability of a smartphone to receive wireless emergency alerts and warnings, or the ability to call an emergency number predesignated by the owner.
(3) “Hard reset” means the restoration of a smartphone to the state it was in when it left the factory through processes commonly termed a factory reset or master reset.
(4) “Sold in California,” or any variation thereof, means that the smartphone is sold at retail from a location within the state, or the smartphone is sold and shipped to an end-use consumer at an address within the state. “Sold in California” does not include a smartphone that is resold in the state on the secondhand market or that is consigned and held as collateral on a loan.
(b) (1) Except as provided in paragraph (3), any smartphone that is manufactured on or after July 1, 2015, and sold in California after that date, shall include a technological solution at the time of sale, to be provided by the manufacturer or operating system provider, that, once initiated and successfully communicated to the smartphone, can render the essential features of the smartphone inoperable to an unauthorized user when the smartphone is not in the possession of an authorized user. The smartphone shall, during the initial device setup process, prompt an authorized user to enable the technological solution. The technological solution shall be reversible, so that if an authorized user obtains possession of the smartphone after the essential features of the smartphone have been rendered inoperable, the operation of those essential features can be restored by an authorized user. A technological solution may consist of software, hardware, or a combination of both software and hardware, and when enabled, shall be able to withstand a hard reset or operating system downgrade and shall prevent reactivation of the smartphone on a wireless network except by an authorized user.
(2) An authorized user of a smartphone may affirmatively elect to disable or opt-out of enabling the technological solution at any time. However, the physical acts necessary to disable or opt-out of enabling the technological solution may only be performed by the authorized user or a person specifically selected by the authorized user to disable or opt-out of enabling the technological solution.
(3) Any smartphone model that was first introduced prior to January 1, 2015, that cannot reasonably be reengineered to support the manufacturer’s or operating system provider’s technological solution, including if the hardware or software cannot support a retroactive update, is not subject to the requirements of this section.
(c) The knowing retail sale of a smartphone in California in violation of subdivision (b) may be subject to a civil penalty of not less than five hundred dollars ($500), nor more than two thousand five hundred dollars ($2,500), per smartphone sold in California in violation of this section. A suit to enforce this subdivision may only be brought by the Attorney General, a district attorney, or a city attorney. A failure of the technological solution due to hacking or other third-party circumvention may be considered a violation for purposes of this subdivision, only if, at the time of sale, the seller had received notification from the manufacturer or operating system provider that the vulnerability cannot be remedied by a software patch or other solution. There is no private right of action to enforce this subdivision.
(d) The retail sale in California of a smartphone shall not result in any civil liability to the seller and its employees and agents from that retail sale alone if the liability results from or is caused by failure of a technological solution required pursuant to this section, including any hacking or other third-party circumvention of the technological solution, unless at the time of sale the seller had received notification from the manufacturer or operating system provider that the vulnerability cannot be remedied by a software patch or other solution. Nothing in this subdivision precludes a suit for civil damages on any other basis outside of the retail sale transaction, including, but not limited to, a claim of false advertising.
(e) Any request by a government agency to interrupt communications service utilizing a technological solution required by this section is subject to Section 7908 of the Public Utilities Code.
(f) Nothing in this section prohibits a network operator, device manufacturer, or operating system provider from offering a technological solution or other service in addition to the technological solution required to be provided by the device manufacturer or operating system provider pursuant subdivision (b).
(g) Nothing in this section requires a technological solution that is incompatible with, or renders it impossible to comply with, obligations under state and federal law and regulation related to any of the following:
(1) The provision of emergency services through the 911 system, including text to 911, bounce-back messages, and location accuracy requirements.
(2) Participation in the wireless emergency alert system.
(3) Participation in state and local emergency alert and public safety warning systems.
(h) The Legislature finds and declares that the enactment of a uniform policy to deter thefts of smartphones and to protect the privacy of smartphone users if their smartphones are involuntarily acquired by others is a matter of statewide concern and no city, county, or city and county shall impose requirements on manufacturers, operating system providers, wireless carriers, or retailers relating to technological solutions for smartphones.
(Added by Stats. 2014, Ch. 275, Sec. 2. (SB 962) Effective January 1, 2015.)
Last modified: October 25, 2018