Apple’s rush to fix FaceTime Eavesdropping flaw highlights the preference to get the product out over getting right
January 31, 2019 |
The biggest difference between consumer goods and apps is that consumer goods generally go through quality control checks, compliance with standards and review by regulators before being sold to the public while apps are focused getting some new or improved feature for whatever system out as quickly as possible without any external review or control. The rationale seems to be that consumer goods that are defective can harm while apps are cool and even when they don’t work what harm do they do.
Apps are often released with design flaws and commonly require patching and all manner of fixes, The recent rush by Apple to fix its Group FaceTime highlights this approach to product development. The defect permitted a person who hadn’t accepted a call through FaceTime nevertheless being heard. The flaw also permitted third party access to iPhone and iPad microcophones and video camera feed.
The problem was not only that there was a serious bug in FaceTime but that Apple has taken its own sweet time in responding to and then fixing the bug, more than a week by some accounts.
While there is no doubt reputational damage to Apple in providing a deficient product its lackadaisical approach to fixing the problem highlights the lack of legal consequences in fixing what is clearly a significant privacy intrusion. Consumer law responds effectively to a major consumer breach. There are mandatory recall notices and the regulators require the retailer or manufacturer or both to take assertive steps quickly to fix the problem. The Privacy Act does permit the regulator and individuals to take injunctive action but that has not happened. The Australian Information Commissioner’s Office is perpetually timid. In the United States pro active steps requiring prompt action is not taken by the Federal Trade Commission, and otherwise quite active regulator.
The problem is going to be fixed through a patch. While that is for the better the obvious question is how such a significant error could have been made in the first place. No straight answer will be given but the likely reason is that the focus was on getting the feature to the market with stress testing and checking for flaws a secondary concern.
