21 Jan Trust Incident Apple
Case Author
Claude 3.7 Sonnet, Anthropic, ChatGPT o1 for model constructs and cues, peer-reviewd by Qwen 2-5 Max, Alibaba Cloud
Date Of Creation
10.03.2025
Incident Summary
In January 2019, a serious privacy bug was discovered in Apple FaceTime app that allowed callers to hear audio from the recipient device before they answered the call. In some cases, it could also activate the recipient camera without their knowledge. The bug affected iOS devices running iOS 12.1 or later with FaceTime enabled.
Ai Case Flag
AI
Name Of The Affected Entity
Apple
Brand Evaluation
5
Upload The Logo Of The Affected Entity
Industry
Technology & Social Media
Year Of Incident
2019
Upload An Image Illustrating The Case
Key Trigger
Technical failure – The incident was triggered by a software bug in the Group FaceTime feature.
Detailed Description Of What Happened
In January 2019, a 14-year-old discovered a major privacy bug in Apple FaceTime application while setting up a group call. The bug allowed a caller to hear audio from the recipient device before they answered the call by adding themselves to a group call while it was ringing. In some instances, the bug could also activate the recipient camera without their knowledge. The teenager mother, Michele Thompson, attempted to report the issue to Apple multiple times starting January 20, 2019, but faced difficulties getting the company attention. The issue became public on January 28, after which Apple quickly acknowledged the problem and temporarily disabled the Group FaceTime feature. Apple released a fix (iOS 12.1.4) on February 7, 2019, along with a formal apology and acknowledgment to the Thompson family for discovering the bug. The company also promised improvements to their bug reporting system.
Primary Trust Violation Type
Competence-Based
Secondary Trust Violation Type
N/A
Analytics Ai Failure Type
Privacy
Ai Risk Affected By The Incident
Privacy and Data Protection Risk
Capability Reputation Evaluation
4
Capability Reputation Rationales
Apple capability reputation was affected because: 1) The bug was present in a core communication feature of iOS, 2) It represented a significant oversight in quality assurance and privacy testing, 3) The initial difficulty in reporting the bug suggested flaws in their security reporting infrastructure. However, Apple reputation for technical capability was preserved by their quick response once the issue became public, demonstrating their ability to identify and fix complex issues rapidly.
Character Reputation Evaluation
3
Character Reputation Rationales
Apple character reputation was challenged because: 1) The company markets itself strongly on privacy protections, making this privacy breach particularly damaging, 2) The difficulty the Thompson family faced in reporting the bug suggested potential issues with Apple attentiveness to user concerns, 3) The need for public disclosure before Apple took action raised questions about their proactive commitment to privacy protection. Their subsequent apology, acknowledgment of the Thompson family, and commitment to improving their bug reporting process helped mitigate some damage.
Reputation Financial Damage
Medium – While the incident received widespread negative media coverage and temporarily damaged trust in Apple privacy commitment, the swift response once the issue became public and the relatively quick resolution helped limit long-term reputational damage. No significant financial impact was reported. The assessment of medium reputational damage is accurate given the swift resolution and limited financial impact.
Severity Of Incident
4
Company Immediate Action
Containment + Investigation + Fix + Communication – Apple: 1) Contained the issue by temporarily disabling the Group FaceTime feature, 2) Investigated the cause of the bug, 3) Developed and released a software fix (iOS 12.1.4), 4) Communicated with users through official statements and apologies.
Response Effectiveness
High – Once the issue became public, Apple response was quick, comprehensive, and appropriate. They disabled the vulnerable feature within hours of public disclosure, acknowledged the issue transparently, developed a fix within days, and communicated clearly with users. They also credited the discoverers and promised process improvements.
Upload Supporting Material
Model L1 Elements Affected By Incident
Brand, Social Adaptor, Social Protector
Reciprocity Model L2 Cues
N/A
Brand Model L2 Cues
Brand Image & Reputation
Social Adaptor Model L2 Cues
Data Security & Secure Storage
Social Protector Model L2 Cues
Media Coverage & Press Mentions
Response Strategy Chosen
Apology, Reparations & Corrective Action
Mitigation Strategy
Apple adopted an accommodative response strategy by: 1) Quickly acknowledging the problem once it became public, 2) Taking immediate action to disable the vulnerable feature, 3) Issuing a formal apology, 4) Crediting the Thompson family for discovering the bug, 5) Delivering a software fix within 10 days, 6) Promising improvements to their bug reporting system to prevent similar issues in the future.
Model L1 Elements Of Choice For Mitigation
Brand, Social Adaptor
L2 Cues Used For Mitigation
Accountability & Liability, Error & Breach Handling, Data Security & Secure Storage
Curated
1
The Trust Incident Database is a structured repository designed to document and analyze cases where data analytics or AI failures have led to trust breaches.
© 2025, Copyright Glinz & Company
No Comments