Apple Wins Lawsuit Over Group FaceTime Eavesdropping Bug
Back in January, there was a major FaceTime bug that allowed a person to force a FaceTime connection with another person, providing access to the user's audio and sometimes video even when the FaceTime call was not accepted.
The bug led to a lawsuit from Houston lawyer Larry Williams II, who claimed that the vulnerability allowed an unknown person to listen in on sworn testimony during a client deposition.
Williams filed his lawsuit in January, just a day after the bug was publicized, and yesterday, a court ruled in Apple's favor and dismissed the case. The court did not find Williams' argument that the FaceTime vulnerability was "unreasonably dangerous" to be valid, nor did the court believe that he provided sufficient evidence to prove that Apple knew of the defect.
Williams's petition does not allege facts about any available alternative design. He fails to allege facts about the iOS 12.1 software as to whether the defect that allegedly allowed a third party to "eavesdrop" on his group FaceTime call was "unreasonable" for the product's ordinary use. Williams's generalized allegation that the iOS 12.1 software was "unreasonably dangerous" and caused him injury falls short of the Rule 8 threshold.
Williams's petition recites the pleading elements, but it does not allege facts that could show Apple's knowledge of the defect or that Apple could reasonably have foreseen that an unknown third party would listen to Williams's group FaceTime call without his permission.
Williams's claim also fails because he did not state facts that could show that Apple's alleged negligent design or manufacture of the iOS 12.1 software proximately caused his injury.
In the lawsuit, Williams had requested unspecified punitive damages for negligence, product liability, misrepresentation, and warranty breach.
The FaceTime eavesdropping bug was perhaps one of the most serious issues that have affected Apple products in recent history.
There was no way to avoid the malicious FaceTime calls, which exploited a Group FaceTime vulnerability. Apple disabled Group FaceTime server side and kept it unavailable until an update could be released to fix the issue.