Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

U.S. House questions Apple over FaceTime flaw

Last updated

Two members of the U.S. House of Representatives called on Apple CEO Tim Cook to answer questions about the company's FaceTime fiasco on Tuesday, saying they were "deeply troubled" by press reports detailing how long it took the company to address what is characterized as a privacy violation.

In a letter addressed to Cook, House Energy and Commerce Chairman Frank Pallone (D-NJ) and Representative Jan Schakowsky (D-IL) inquire about the origins of Apple's Group FaceTime bug and its impact on customer privacy. Pallone and Schakowsky also ask if there are other flaws in the videotelephony product that have not been disclosed to the public.

Citing smartphone usage statistics, with a heavy emphasis on distribution among children, the letter suggests Apple has not been transparent on what Pallone and Schakowsky deem a serious privacy issue. Apple has not been open about its investigation into the FaceTime vulnerability, nor has the company detailed steps being taken to protect consumers, the letter reads.

Last week, reports of a massive FaceTime flaw surfaced on Twitter. Impacting current versions of iOS up to the latest iOS 12.1, the bug enables a FaceTime caller to eavesdrop on another user before they pick up the call. In some cases, brief access to a receiving party's camera is also granted.

Apple disabled Group FaceTime in a server-side shutdown mere hours after the flaw was made public. A fix was promised to arrive last week, but was later delayed for inclusion in a software update this week.

While mainstream media outlets caught wind of the vulnerability last week, Apple was reportedly notified of the issue more than two weeks ago.

Grant Thompson, a 14-year-old from Tucson, Ariz., independently discovered the flaw during a "Fortnite" gaming session in late January. Thompson's mother Michele attempted to inform Apple about the bug over the ensuing week, going so far as to file bug reports with the company. Whether Thompson's reports were lodged through official channels is unknown.

Pallone and Schakowsky in their letter ask Apple to detail the timeline of events leading up to the discovery of the FaceTime flaw, what actions were taken to address the issue, what procedures were in place to safeguard against such vulnerabilities and how they failed, what safeguards are now in place as a result of the discovery and why it took Apple so long to respond to Thompson's bug report. The letter also requests information regarding steps taken to determine whether customer privacy was violated and, if so, whether the company intends to compensate users.

Apple is currently facing a lawsuit from Texas lawyer who claims an interloper leveraged the Group FaceTime bug to eavesdrop on a deposition, while a Montreal law firm filed a class action suit against Apple last week.

The letter from House Democrats arrives days after the announcement of a New York state probe into the matter.

Apple is asked to respond to Pallone and Schakowsky's questions in writing by Feb. 19.



28 Comments

MplsP 8 Years · 4047 comments

Honestly, I get that it’s a serious bug, but that’s all it is. How is it different from any of the other security flaws in PC’s/Macs/Androids/iphones/etc that are discovered on a regular basis? Except for the fact that Apple closed the hole by shutting down the server almost as soon as it was discovered. 

AppleZulu 8 Years · 2205 comments

It took a week after the kid's mom notified Apple about the thing for Apple to respond to the issue publicly.

It took a week after Apple responded publicly to the thing for Congress to respond by writing Apple a letter asking why it took them a week to respond.

I'm just saying.

normang 17 Years · 118 comments

Just a pile of stupid politicians posturing again for something they are totally clueless about.   If the people who literally "tripped" over this bug, would have just been patient, everyone these days thinks that things happen instantly and they don't, Apple would have fixed it and it would not have been a big thing, and it really wasn't you had to intentionally add yourself to a multiple person FaceTime conversation, of which you were already in to do this, who does that?? ever....

metrix 15 Years · 256 comments

Uhhhh, many people died from faulty GM ignitions and it took them like a decade to fix it and let's not even talk about the deaths and injuries associated with faulty air bags that are still in millions of cars in the US. A corporation this large cannot! move like some 1000 employee company where everyone drops everything. There are systems in place to ensure that something even worse doesn't occur in haste. Think of it like a false alarm in Hawaii where someone is pressing the launch button because we want to act quickly. Noooooooooooooo!

HeliBum 8 Years · 129 comments

AppleZulu said:
It took a week after the kid's mom notified Apple about the thing for Apple to respond to the issue publicly.
It took a week after Apple responded publicly to the thing for Congress to respond by writing Apple a letter asking why it took them a week to respond.

I'm just saying.

I would expect Apple to confirm the bug and find the cause  before acting on it, which may take a little time.