CTIA's Cellphone Theft RFP Anticipates Fully Operational Portal by Summer 2017
CTIA wants responses by March 7 to its request for proposals for the creation and operation of a Mobile Device Information Portal (MDIP), which it hopes will be fully operational in just under 16 months. CTIA released the RFP Monday following recommendations to the FCC Technological Advisory Council from the mobile device theft prevention working group. FCC Chairman Tom Wheeler had said in December he was pleased with the efforts (see 1512090067).
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
“The Mobile Device Information Portal is the latest development in the wireless industry’s commitment to deterring mobile device theft,” CTIA said in a news release. “Using multiple source databases, the Mobile Device Information Portal will provide timely, succinct responses so that consumers and commercial resellers know if a mobile device is reported lost or stolen before they purchase it. In addition, law enforcement will be able to check, and hopefully return, found mobile devices to their authorized users.”
The 38-page RFP said the portal's purpose is “to bring the blacklist status and anti-theft enrollment status of devices to individual consumers and provide enhanced information to law enforcement agencies and commercial companies involved in transacting mobile devices.” CTIA Vice President-Technology and Cybersecurity John Marinho is the point person for the RFP. CTIA will guide the portal described in the RFP.
Interested vendors must let CTIA know by Monday of their intentions to submit proposals and by Feb. 22 any questions or comments, according to a website the association set up about the process. CTIA expects responses to any questions to be offered by Feb. 29. After the March 7 due date for RFP responses, CTIA expects to select one or more potential vendors to present its proposal and scope of work March 18. A vendor will be selected April 1, if one is selected.
“The MDIP will work as follows: a user will access the portal through a website,” CTIA said in its RFP. “The user will input the device identifier into the portal, which will query the source databases. The source databases vary in the data that they store and in the exact structure and syntax in which that data appears on the interface each presents to the MDIP. The MDIP integrates all responses from the source databases and presents them into a result that is easy to understand to the user of the MDIP. One part of the result is device blacklist information from the Device Blacklist Source Database(s). The other part of the device status is the enrollment of anti-theft features on the device.” It says there will be two implementation phases, the first encompassing the prime information source for the portal that comes from the device blacklist source database. “Anti-theft enrollment information will be provided to users only by means of links from each of the three MDIP websites to external websites hosting this information from the providers of the various anti-theft solutions,” the RFP said. Other “anti-theft data” may come in the second phase from “anti-theft solution providers” and be integrated accordingly. “Phase 2 will also include a bulk query feature for Commercial and Law Enforcement users and smartphone apps for Law Enforcement users.”
The document anticipates a “fairly static” website as part of the portal. “For the Consumer-facing website, the website will not require a login or authentication,” the RFP said. “However, the website must perform authentication and enforce account privileges for the Law Enforcement and Commercial user roles.” It said the portal must follow industry best practices in terms of cybersecurity and be ready to handle “a peak query rate of 50 queries/second to support an average of 1 million queries per day once the MDIP is serving its expected long run volume of requests.” CTIA also expects a pricing model for the first five years of operation and hopes vendors supply “sustainable” business models for the portal. “CTIA plans to charge Commercial Subscribers for use of the MDIP to support cost-recovery for the MDIP,” the association told potential vendors. “CTIA is interested in proposals that share the revenue from Commercial Subscribers or optional value-added services in exchange for reduced pricing. If the Vendor plans to offer additional information services in response to this RFP the Vendor must disclose that in the Vendor Business Plan.” Advertising may be accepted, but CTIA would control “the nature and source” of it, the group said.
The RFP also contains what CTIA refers to as a “realization” schedule that explains when potential vendors should expect to complete the work. The first phase in setting up the portal should be operational five months after the April 1 vendor selection, it said, and the second phase 14 months after the selection.