London's police force and Apple will swap device identifiers to track stolen phones the moment they reconnect to a network. The goal is to make a nicked handset worthless, but the arrangement also raises familiar questions about who holds your device data and what they do with it.
London's Metropolitan Police and Apple have agreed to share information about stolen devices, pooling what each side knows to track handsets that come back online after being snatched. The pact, announced on June 11, is the latest move in a years-long fight against a phone theft problem so severe that London has picked up the unofficial label of "phone theft capital of Europe."
The mechanics are straightforward. Victims report stolen devices to the Met, handing over serial numbers and other identifiers. Apple, for its part, can see when one of its devices is reactivated and roughly where it is being used. Stitch those two datasets together and police get a clearer map of where stolen kit resurfaces, and by extension where the criminal networks moving that kit are based.
What happened
Apple and the Met are now exchanging stolen device identifiers as ongoing intelligence rather than as one-off case files. The reasoning, as Metropolitan Police commissioner Sir Mark Rowley put it, is economic: "If stolen phones cannot be reactivated, their value collapses, and so does the incentive to steal them. We are driving up the risk for offenders while cutting off the reward."
This did not appear out of nowhere. In December, Dame Chi Onwurah, who chairs the Science, Innovation and Technology Committee, wrote to Home Secretary Shabana Mahmood asking why firms like Apple had not rolled out cloud-based blocking or IMEI-linked device locks. Rowley followed in March with a blunt ultimatum to the industry: cut the value of stolen devices, or face legislation. The Apple arrangement is the cooperative version of that threat being made good.
Apple already ships Stolen Device Protection, introduced in January 2024, and expanded its default-on protections with the iOS 26.4 update. Samsung and Google are making changes too. Google's Android theft features include mandatory authentication after a factory reset and an AI-driven Theft Detection Lock that senses a snatch-and-run motion and locks the screen on its own. Samsung has deployed comparable motion-based locking and now demands biometric authentication for security changes when a phone finds itself in an unfamiliar location.
The legal and privacy basis
For readers concerned about how their data moves, this is the part that deserves attention. The scheme runs on personal device identifiers and reactivation location data, both of which fall squarely within UK data protection law under the UK GDPR and the Data Protection Act 2018. Sharing that information between a private company and a police force is lawful processing only where there is a clear legal basis, typically the prevention and detection of crime, and where the data shared is limited to what the purpose actually requires.
The distinction worth holding onto is that this arrangement targets stolen devices, not their owners. The identifiers in play belong to handsets reported as nicked, and the location signal is about where a stolen device resurfaces, not about tracking law-abiding users going about their day. That framing matters, because the same plumbing that lets Apple tell police where a stolen iPhone phoned home is, in principle, the plumbing that could reveal where any iPhone is. The protection for ordinary users lies in scope, oversight, and data minimisation, the principle that an organisation should collect and share only what the stated purpose demands and nothing more.
There is no published detail yet on retention periods, on what happens to location data tied to a device that is later recovered or wrongly flagged, or on how a person disputes a mistaken entry. Those are exactly the questions a privacy-minded reader should expect the Information Commissioner's Office to be asking, and they are the questions that determine whether a crime-fighting tool stays a crime-fighting tool.
Impact on users and companies
For the public, the immediate effect is meant to be deterrence. If a stolen phone is worthless because it cannot be reactivated, the market that fences these devices dries up. The Met is leaning hard on that logic, citing a poll showing 83 percent of people back permanent blocking of stolen smartphones. Public appetite for the measure is not in doubt.
The numbers the Met released alongside the announcement are mixed but trending down. In Westminster, where the problem was most concentrated, phone thefts have fallen by 45.8 percent based on data from January to May, close to the halving the force has been touting. Across the wider city the change is gentler: thefts and robberies involving a stolen mobile dropped by 14,000 over the last 12 months, an 18 percent fall, and overall offences so far in 2026 are down 20.6 percent year on year.
Those gains came largely through enforcement rather than technology. Operation Reckoning, a series of intensive 10-day crackdowns, wrapped its fifth instalment on June 10. The latest sprint, which began June 1, produced arrests of what police called "prolific and violent phone thieves," search warrants at shops suspected of handling stolen goods, and pursuit drivers chasing thieves on e-bikes. One April raid on a single shop turned up more than 1,000 suspected stolen phones and led to four arrests of men aged 22 to 63 on suspicion of handling stolen goods and drug supply. A separate operation, Echosteep, dismantled a gang believed responsible for roughly half of London's phone thefts.
For the manufacturers, the pressure is the story. A Google spokesperson told The Register that its features "provide added security for billions of people, including Londoners," pointing to expanded default-on Remote Lock and Theft Detection for UK devices. Samsung said it had "completed several requests from both the Home Office and the Met Police to demonstrate how seriously we take phone theft crime" and framed the issue as "a collective responsibility." Apple had not commented at the time of writing.
What changes
The cooperative phase may not last. Even while announcing the Apple partnership, the Met confirmed it has asked the Home Office to begin drafting legislation that would impose minimum technical standards, the practical effect being that any phone stolen in the UK would be rendered unusable. "These standards are complex, but we must be ready to act if industry fails to deliver," the force said.
That is the real shift here. Anti-theft features have until now been a competitive choice each manufacturer made on its own terms. A statutory minimum standard would turn device hardening into a legal obligation, with the data-sharing arrangements that support it baked into law rather than negotiated case by case. For users, mandated standards could mean stronger default protection without having to dig through settings. For companies, it means designing to a regulatory floor rather than a marketing pitch.
The trade-off sitting underneath all of this is the one privacy advocates have flagged for years. Building systems that can reliably brick a stolen phone, and track where it reappears, means building systems with deep visibility into devices. Done with tight scope and real oversight, that visibility stays pointed at criminals. Done carelessly, it becomes infrastructure for something broader. The Met and Apple have made a credible case that the market for stolen phones can be starved. Whether the data machinery built to do it stays narrowly aimed is the part worth watching as the legislation takes shape.
Comments
Please log in or register to join the discussion