New York is poised to leverage its offices against Apple, which allegedly dragged its feet in letting the public know about a worrying vulnerability in its popular FaceTime app.
New York Gov. Andrew Cuomo and recently-appointed Attorney General Letitia James are investigating Apple Inc’s lackluster response to an intrusive FaceTime bug.
The bug, reports Reuters, allows iPhone users to discreetly spy on other FaceTime-enabled devices. By placing a call through the Apple service, callers can hear audio from the recipient’s side even if the call wasn’t accepted.
“We need a full accounting of the facts to confirm businesses are abiding by New York consumer protection laws and to help make sure this type of privacy breach does not happen again,” Cuomo said in a statement.
The statement says that Cuomo and James will probe Apple’s slow response. It cites media reports which indicated that company was aware of the bug for at least a week prior to its disabling of FaceTime functions.
The attorney general’s office is accepting public complaints on a hotline at 1-800-697-1220.
“New Yorkers shouldn’t have to choose between their private communications and their privacy rights,” James said. “The FaceTime breach is a serious threat to the security and privacy of millions of New Yorkers who have put their trust in Apple and its products over the years.”
Apple hasn’t responded to media requests for comments on the investigation or its potential consequences.
According to Cnet.com, the bug became public knowledge on Monday. First reported by 9To5Mac, an Arizona mother claims she’d been trying to warn Apple for days before the vulnerability was acknowledged: Michele Thompson, an Arizona attorney, claims her 14-year old son accidentally uncovered the glitch while trying to play Fortnite with his friends.
Trying to connect to Apple, Thompson allegedly sent the company’s security team e-mails, follow-up phone calls, social media messages and even a fax.
The glitch is reportedly related to Group FaceTime, a feature that’s been available since late October. Attached to iOS 12.1, the function lets up to 32 people join a single video call.
Cuomo, who called the bug’s scope “egregious,” said the state will take measures to ensure similar breaches don’t happen again.
“We need a full accounting of the facts to confirm businesses are abiding by New York consumer protection laws and to help make sure this type of privacy breach does not happen again,” Cuomo said.
The governor, writes Cnet.com, warned consumers about the vulnerability when it was first reported on Monday.
Not surprisingly, Apple’s already facing lawsuits over its apparent inaction after learning of the security shortcoming. Attorney Larry Williams II lodged a complaint in Harris County, Texas on Monday, blasting the company for failing to “exercise reasonable care.”
Williams claims Apple “knew, or should have known, that its Product would cause unsolicited privacy breaches and eavesdropping.” According to his lawsuit, the FaceTime bug suggests a lack of quality control and extensive testing before release.
Williams’ suit isn’t the only action against Apple and is likely among the first of many; along with New York’s investigation, the company’s being sued by consumers in Canada, too.