American lawmakers have called on Apple CEO Tim Cook to answer a series of questions about the way the company handles security vulnerabilities.
The move comes after it emerged last week that Apple’s Group FaceTime feature enabled users to eavesdrop on other users even if they had not accepted a call request. Apple has since shut down the feature and pledged to issue a software update to fix the glitch.
But questions have been raised about why it was only after the issue was reported by the media that Apple acknowledged the problem. The mother of a 14-year-old who discovered the bug claimed to have sent letters, emails, tweets and messages to Apple to no avail.
In an official letter from the US Committee on Energy and Commerce, two Democrats call on Cook to explain when Apple became aware of the flaw and what steps it took to address it.
“As a first step, we believe it is important for Apple to be transparent about its investigation into the Group FaceTime feature’s vulnerability and the steps it is taking to protect consumers’ privacy,” it states. “To date, we do not believe Apple has been as transparent as this serious issue requires.”
Sign up to Emerging Threats, our weekly cyber security newsletter
In a statement issued last week, Apple apologised for the incident and said: “We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix.
“We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.”