At a time when work from home has becomes essential, video conferencing app Zoom’s popularity has soared. Zoom app has touted that is offers end-to-end encrypted video conferencing solutions. This means that only the end users will be able to access the streams. But there seems to be a larger problem that the app developers were hiding in the fine print of its privacy policy, or rather omits. According to an analysis done by Motherboard of the Zoom iOS app, it is sending some analytics data to Facebook even if the user does not have a Facebook account.

Facebook receiving data is typical for apps that are made with it’s own SDK. That is used by developers to ensure Facebook’s features can be easily implemented. But that is not the case for Zoom iOS app, and users of the app aren’t even aware of this. Zoom users may not even understand that when they use this app they are providing Facebook with data.

Motherboard’s research substantiated

Pat Walshe, an activist from Privacy Matters, analyzed the Zoom app and confirmed Motherboard’s claim. “That’s shocking. There is nothing in the privacy policy that addresses that,” he said. The Zoom app notifies Facebook when a user open the app. It also sends user’s device details like the model, time zone and location, telecom operator. It also shares a unique advertiser identifier that is created by a user’s device. This is used by companies to target users with advertisements. This data is similar to the one surveillance camera vendor Ring sent to Facebook. That was found by activist group the Electronic Frontier Foundation (EFF).

Zoom’s privacy policy has mentions that the user’s data may be shared with “our third-party service providers, and advertising partners (e.g., Google Ads and Google Analytics) automatically collect some information about you when you use our Products.” But there are no mentions of Facebook in this mix of things.

Statement from Zoom

Zoom replied back to Motherboard with a statement after it published its findings. “Zoom takes its users’ privacy extremely seriously. We originally implemented the ‘Login with Facebook’ feature using the Facebook SDK in order to provide our users with another convenient way to access our platform. However, we were recently made aware that the Facebook SDK was collecting unnecessary device data,” the statement read, and described the data being collected as the same sorts of information that Motherboard identified.

“To address this, in the next few days, we will be removing the Facebook SDK and reconfiguring the feature so that users will still be able to login with Facebook via their browser. Users will need to update to the latest version of our application once it becomes available in order for these changes to take hold, and we encourage them to do so. We sincerely apologize for this oversight, and remain firmly committed to the protection of our users’ data,” the statement added. Zoom apparently has other potential privacy issues in the app as well. These include According to the EFF, hosts on Zoom calls can see if participants have their Zoom window open or not. Administrators can also apparently see IP address, location data, and device information of each participant.

Go to Source

Leave a Reply

Your email address will not be published.