FACUA reports Apple to Data Protection Agency for FaceTime security bug

The glitch was allowing users to hear or even see the person they were calling before they picked up.

FACUA reports Apple to Data Protection Agency for FaceTime security bug

FACUA-Consumers in Action has reported Apple to the Spanish Data Protection Agency (AEPD, according to its initials in Spanish), for a security bug in their video calling app, FaceTime, which was allowing users to hear or even see the person they were calling before they answered the call.

This glitch in the app's latest software update made it possible to hear the sound, or see images captured by the other person's iPhone or iPad when initiating a call through the app's group call option, without them even having picked up the phone.

The same as complaints made against Google and Facebook

FACUA hopes that the AEPD will begin disciplinary proceedings, resulting in a fine fitting for the tremendous gravity of this security flaw introduced by the multinational corporation. A number of scandals related to privacy have emerged of late surrounding US tech giants. Last year, FACUA presented five cases against Facebook and another against Google before the Spanish Data Protection Agency for different security issues jeopardising users' privacy.

This glitch could be enacted by starting a FaceTime call with a contact, then selecting add person and entering your own phone number. FaceTime's system was then tricked into replicating a three-way conference call, and accessed the other person's microphone prior to them accepting the call. This took place with no on-screen change or indication that the call had been answered.

What's more, if the other person rejected the call using the device's on/off button, the user making the call was then also able to see everything the camera was capturing.

Option introduced at the end of 2018

After this serious security error having taken place, Apple has now deactivated FaceTime's group call function, and has promised to resolve the issue by the end of the week. The company launched the app in 2010, and added the group calling function in 2018.

Those who hadn't yet installed the latest software update onto their device were unaffected by the bug. It was also not possible to access the microphone if the other person had the Do Not Disturb feature activated.