Jessica Goodfellow
Mar 30, 2020

Zoom privacy concerns in the spotlight

As Zoom is entering more homes and being used to facilitate high-profile government meetings, flaws are emerging in its security set-up.

Zoom privacy concerns in the spotlight

While many businesses are suffering during the global COVID-19 pandemic, one has benefitted immensely: Zoom. As countries across the world have implemented measures to confine people to their homes, the videoconferencing app has become a popular way for families, friends and colleagues to communicate. But as it is invited into more people's homes and used to facilitate high-profile government meetings, several privacy experts have raised concerns over the safety of the app.

Zoom has been a popular app for several years, offering more competitive pricing and faster and higher quality streams than several of its rivals, alongside ease of use and fun products like virtual backgrounds. It was launched in 2013 by Eric Yuan, a former lead engineer for the videoconferencing software WebEx, which was later sold to Cisco.

The coronavirus outbreak has graduated Zoom from a business platform to a consumer one. It is being used by schools to teach virtual lessons, by DJs to livestream sets, by doctors to conduct 'telehealth' consultations, and as a socialising tool for friends. Mobile app tracking firm Apptopia reports that the Zoom app was downloaded 2.4 million times on Wednesday (March 25)—up from 56,000 global downloads in January. Zoom’s shares are up more than 100% since the beginning of the year.

But its recent use within governments has brought safety concerns to the surface. The UK's Ministry of Defence told the BBC on Friday (March 27) that it found no reason not to use Zoom for conversations "below a certain classification", such as cross-government chats, but that it had never been used for high-security meetings. It clarified its stance after UK Prime Minister Boris Johnson shared a photo of Thursday's (March 26) G20 'summit' that was held over video conference. However, the video summit was not held over Zoom, but a rival video conferencing tool.

In parallel to this, a Motherboard investigation found that the iOS version of the Zoom app was sending to Facebook information such as when a user opened the app, their timezone, city, and device details, without explicity asking users for consent to do so. One day after Motherboard published the results of its analysis, Zoom issued an update saying it had removed the Facebook code after it was "made aware that the Facebook SDK was collecting unnecessary device data".

Zoom made some clarifying updates to its privacy policy on Sunday (March 29) to make it "more clear, explicit, and transparent", in response to concerns raised by the community regarding its privacy policy.

“Zoom takes its users’ privacy extremely seriously," a spokesperson said in a statement. "Zoom collects only the data from individuals using the Zoom platform required to provide the service and ensure it is delivered effectively under a wide variety of settings in which our users may be operating. This data includes basic technical information, such as the user’s IP address, OS details, and device details. Zoom has implemented safeguards to protect our users’ privacy, which includes robust and validated controls to prevent unauthorized access to any content that users share during meetings, including – but not limited to – the video, audio, and chat content of those meetings. Importantly, Zoom does not mine user data or sell user data of any kind to anyone.”

The video conferencing app has grappled with several security issues over the years. Last year, security researcher Jonathan Leitschuh uncovered a critical vulnerability that allowed attackers to gain access to users’ webcams on Macs with the Zoom client installed. Zoom fixed the vulnerability, but was criticised for taking several months to do so.

In January, Check Point published research which found that hackers could guess Zoom Meeting IDs, enabling them to listen in on meetings that were not password protected. Zoom has since put in place measures to address this.

Source:
Campaign Asia
Tags

Related Articles

Just Published

1 day ago

Creative Minds: How Yuhang Lin went from dreaming ...

The Shanghai-based designer talks turning London Tube etiquette into a football game, finding inspiration in the marketing marvels of The Dark Knight, and why he wants to dine with Elon Musk.

1 day ago

Happy holidays from team Campaign!

As the Campaign Asia-Pacific editorial team takes a holiday bulletin break until January 6th, we bid farewell to 2024 with a poetic roundup of the year's defining marketing moments—from rebrands that rocked to cultural waves that soared.

1 day ago

Year in review: Biggest brand fails of 2024

From Apple’s cultural misstep to Bumble’s billboard backlash and Jaguar’s controversial rebrand, here’s Campaign’s take on the brands that tripped up in 2024, offering lessons in creativity, cultural awareness, and the ever-tricky art of reading the room.

1 day ago

Former GroupM China executives to face Shanghai ...

EXCLUSIVE: The trio will appear before Shanghai's Intermediate Court next week, marking the latest chapter in the bribery scandal that rocked WPP's GroupM China in October last year.