With the growing number of people worldwide now trying to adapt to the ‘work-from-home’ situation amid the Covid-19 outbreak, Zoom which is a popular video conferencing app and facilitates smoother remote work witnessed a huge spike in their user base. However, you might just want to hold off trying it out for yourself till you read this.
Motherboard which is the technology branch of the news outlet Vice recently conducted a research which reportedly revealed that the iOS app of Zoom has been sharing analytical data with the social media giant Facebook. They also found out that the data that was being shared was irrespective of the fact the particular user has a Facebook account or not.
Apart from the analytical data that can be used to create targeted promotional ads, the list of other important data types that are being shared are time of the app launch, device information, location or GPS information and phone carrier information.
It’s been found out that the video conferencing app Zoom is using Facebook’s software development kits (SDKs) which in turn enables it to share user data with the social media platform even if their use has not linked social media account. Therefore, as soon as a user decides to launch the Zoom app, it connects to the Facebook Graph API immediately.
Now it is important to note here that using Facebook SDKs isn’t a new practice and developers have been long doing so to quickly add new features to their apps. However, it is important that the developers or makers of the app inform their users about the data-sharing practices according to the terms of use by Facebook.
In the case of Zoom, while it has been mentioned that data related to a user’s Facebook profile may be shared with third parties by the app in their privacy policy, there isn’t any explicit mention of Facebook being a third party. This means no indication is given to users about the collection of data for users who either do not have a Facebook account or chose not to link their Facebook account with Zoom.
Motherboard’s research was further corroborated by Will Strafach who is an iOS researcher and founder of privacy-focused iOS app Guardian.
Similar to Facebook, this is not the first time that Zoom has been involved in privacy issues. Back in 2019, a technical bug that allowed Zoom users’ webcams to be compromised without their knowledge was discovered by a security researcher to which the company responded by saying that the issue was quickly resolved after they were notified.
Another instance of the possible loophole in the privacy and security of Zoom app was discovered and reported last year by TechCrunch wherein they mentioned that a particular video meeting on the Zoom platform could be hijacked by “cycling through different permutations of meeting IDs in bulk” as back then the app didn’t protect meeting via any access code or passcode.
Also, it was recently explained how on a Zoom call, while a participant is screen-sharing, a host can monitor all the activities by The Electronic Frontier Foundation (EFF). It was mentioned that Zoom administrators or hosts are capable of “accessing the contents of that recorded call, including video, audio, transcript, and chat files, as well as access to sharing, analytics, and cloud management privileges” if users record the particular video call.
The Need For Transparency In Privacy Policies
As more and more of these privacy infringement instances pop up day in and day out, it is becoming increasingly difficult to be able to invest our faith into technology-enabled products such as Zoom which are meant to make our lives easier. While the popular video conferencing app has gotten rid of its old security issues, this new discovery clearly spotlights how simple technological solutions can sometimes come at the humongous cost of privacy for the users.
Also, this new discovery comes in along the lines of a similar discovery that was previously made by Vice revealing how several companies who make these apps scrape their user’s confidential inbox messages and sell products to clients.
It is high time that tech firms realise that privacy is now becoming a growingly important concern for consumers across the world all thanks to the infamous Cambridge Analytica data scandal. Therefore, having a rigid privacy policy which is transparent enough for a layman to understand is increasingly becoming a must-have.
