Congress members say they’re “deeply troubled” by reports about the vulnerability.
Congressional lawmakers sent a letter Tuesday to Apple CEO Tim Cook asking for more information about a FaceTime bug that allowed users to eavesdrop on each other.
The letter — penned by Rep. Frank Pallone Jr. (D-N.J.), chairman of the House Energy and Commerce Committee, and Rep. Jan Schakowsky (D-Ill.), chairwoman of the Consumer Protection and Commerce Subcommittee — said they’re “deeply troubled” by reports that the vulnerability could inadvertently or intentionally.
“We are writing to better understand when Apple first learned of this security flaw, the extent to which the flaw has compromised consumers’ privacy, and whether there are other undisclosed bugs that currently exist and have not been addressed,” the letter said (PDF).
The bug, revealed in late January, is a black eye for a company that prides itself on its efforts to protect its users’ information. Cook has advocated for more privacy regulation and taken subtle shots at companies that use people’s data to create personalized ads.
The vulnerability allowed FaceTime users to call another device and hear audio on the other end before the recipient answered the call and without the other user’s knowledge. Apple said Friday it’don its servers and that it would issue a software update to re-enable Group FaceTime sometime this week.
“As a first step, we believe it is important for Apple to be transparent about its investigation into the Group FaceTime vulnerability and the steps it is taking to protect consumers’ privacy,” Pallone and Schakowsky wrote. “To date, we do not believe Apple has been as transparent as this serious issue requires.”
The letter requests specific information about when the company first learned of the vulnerability and a timeline for Apple’s response, including why it took so long to address the bug once it was identified. They also have questions about testing procedures and what the company is doing for those consumers who may have been affected by the bug.
Apple didn’t immediately respond to a request for comment.