Monday was #DataPrivacyDay. It did not go well for Apple.
Instead of continuing its long-running push (and perhaps brilliant marketing campaign) as a champion of user protections, Apple found itself the subject of media buzz about a serious glitch in its FaceTime application. The bug allowed users calling with the Group FaceTime feature to tap into audio, and in some instances video, before the recipient accepted or declined the call — literally allowing eavesdropping through the iPhone.
By Monday night, Apple had disabled the Group FaceTime feature and released as statement acknowledging the problem: “We’re aware of this issue and we have identified a fix that will be released in a software update later this week.”
That’s a serious blow to Apple, which had held itself to a higher standard of data privacy and user protections. Indeed, on Jan. 24 Apple CEO Tim Cook penned an op-ed for Time titled, “You Deserve Privacy Online. Here’s How You Could Actually Get It.” He argued, while throwing shade at other tech companies plagued with privacy breaches:
That statement echoes earlier calls to hold companies accountable and, ironically, to be more like Apple. Speaking in Brussels in October, Cook explained:
And just to drive the point home, for Monday’s #DataPrivacyDay, Tim Cook took to Twitter to warn about the dangers of failing to protect digital privacy:
We must keep fighting for the kind of world we want to live in. On this #DataPrivacyDay let us all insist on action and reform for vital privacy protections. The dangers are real and the consequences are too important.
— Tim Cook (@tim_cook) January 28, 2019
To be clear, FaceTime eavesdropping is exactly the sort of glitch that Cook has been warning about violating privacy and user security.
It’s great that Apple wants to be a champion for users and privacy. In a digital landscape where consumers and governments are rightly questioning just how much data companies have, it’s an important fight. But Apple can’t just talk the talk of higher standards and use those words to try to set itself apart from other tech companies facing scrutiny; it actually has to live up to that reputation. You can only dunk on other companies for failing to protect privacy if you don’t compromise privacy yourself.
