Last week, a rather interesting complaint was filed before the Federal Trade Commission. In a 16-page complaint, the American Civil Liberties Union described the lack of updates for many Android devices as “unfair and deceptive business practices”. The complaint went on to ask the respondents (the top four wireless carriers in the United States) to let customers with unpatched (and vulnerable) devices out of their contracts early.
We will note that recently the FTC settled with HTC just two months ago over the Carrier IQ controversy. Unpatched vulnerabilities were a key part of the settlement; HTC agreed to patch the vulnerabilities within 30 days. While the action of ordering the patches fixed was laudable, it wasn’t exactly timely: Carrier IQ came into the limelight in late 2011.
What the lawsuit does do is highlight the Android update problem beyond just tech industry circles and into the hands of regulators. Two years ago, at Google I/O, the Android Update Alliance was unveiled. Google promised to work with both carriers and device manufacturers to keep devices updated for 18 months after they were released. Unfortunately, almost nothing has not been heard from the alliance since then.
Let’s consider Google’s own statistics. The most common version of Android in use is… Android 2.3 (Gingerbread), which was last updated in September 2011. The percentage of users on the latest version, Android 4.2 (Jelly Bean), is… 2%. It is rumored that the next version of Android, codenamed Key Lime Pie, will be released as soon as this May. It’s quite possible that 4.2 will not even hit double digit percentages by the time its successor is released.