Bargains for Under $25 HP Envy 34 All-in-One PC Review Best Fitbits T-Mobile Data Breach Settlement ExpressVPN Review Best Buy Anniversary Sale Healthy Meal Delivery Orville 'Out Star Treks' Star Trek
Want CNET to notify you of price drops and the latest stories?
No, thank you

Lawmakers have questions for Apple about FaceTime eavesdropping bug

Congress members say they're "deeply troubled" by reports about the vulnerability.

Congressional lawmakers want answers about FaceTime's eavesdropping bug.
César Salza / CNET

Congressional lawmakers sent a letter Tuesday to Apple CEO Tim Cook asking for more information about a FaceTime bug that allowed users to eavesdrop on each other.

The letter -- penned by Rep. Frank Pallone Jr. (D-N.J.), chairman of the House Energy and Commerce Committee, and Rep. Jan Schakowsky (D-Ill.), chairwoman of the Consumer Protection and Commerce Subcommittee -- said they're "deeply troubled" by reports that the vulnerability could inadvertently or intentionally turn any Apple device into a listening device.

"We are writing to better understand when Apple first learned of this security flaw, the extent to which the flaw has compromised consumers' privacy, and whether there are other undisclosed bugs that currently exist and have not been addressed," the letter said (PDF).

The bug, revealed in late January, is a black eye for a company that prides itself on its efforts to protect its users' information. Cook has advocated for more privacy regulation and taken subtle shots at companies that use people's data to create personalized ads.

The vulnerability allowed FaceTime users to call another device and hear audio on the other end before the recipient answered the call and without the other user's knowledge. Apple said Friday it'd fixed the vulnerability on its servers and that it would issue a software update to re-enable Group FaceTime sometime this week.

"As a first step, we believe it is important for Apple to be transparent about its investigation into the Group FaceTime vulnerability and the steps it is taking to protect consumers' privacy," Pallone and Schakowsky wrote. "To date, we do not believe Apple has been as transparent as this serious issue requires."  

The letter requests specific information about when the company first learned of the vulnerability and a timeline for Apple's response, including why it took so long to address the bug once it was identified. They also have questions about testing procedures and what the company is doing for those consumers who may have been affected by the bug.

 Apple didn't immediately respond to a request for comment.

Privacy fight: Apple restores Facebook's permission to run internal apps

The return of the iPhone SE: The phone's available in the box, not as a refurb.