Jessica Goodfellow
Mar 30, 2020

Zoom privacy concerns in the spotlight

As Zoom is entering more homes and being used to facilitate high-profile government meetings, flaws are emerging in its security set-up.

Zoom privacy concerns in the spotlight

While many businesses are suffering during the global COVID-19 pandemic, one has benefitted immensely: Zoom. As countries across the world have implemented measures to confine people to their homes, the videoconferencing app has become a popular way for families, friends and colleagues to communicate. But as it is invited into more people's homes and used to facilitate high-profile government meetings, several privacy experts have raised concerns over the safety of the app.

Zoom has been a popular app for several years, offering more competitive pricing and faster and higher quality streams than several of its rivals, alongside ease of use and fun products like virtual backgrounds. It was launched in 2013 by Eric Yuan, a former lead engineer for the videoconferencing software WebEx, which was later sold to Cisco.

The coronavirus outbreak has graduated Zoom from a business platform to a consumer one. It is being used by schools to teach virtual lessons, by DJs to livestream sets, by doctors to conduct 'telehealth' consultations, and as a socialising tool for friends. Mobile app tracking firm Apptopia reports that the Zoom app was downloaded 2.4 million times on Wednesday (March 25)—up from 56,000 global downloads in January. Zoom’s shares are up more than 100% since the beginning of the year.

But its recent use within governments has brought safety concerns to the surface. The UK's Ministry of Defence told the BBC on Friday (March 27) that it found no reason not to use Zoom for conversations "below a certain classification", such as cross-government chats, but that it had never been used for high-security meetings. It clarified its stance after UK Prime Minister Boris Johnson shared a photo of Thursday's (March 26) G20 'summit' that was held over video conference. However, the video summit was not held over Zoom, but a rival video conferencing tool.

In parallel to this, a Motherboard investigation found that the iOS version of the Zoom app was sending to Facebook information such as when a user opened the app, their timezone, city, and device details, without explicity asking users for consent to do so. One day after Motherboard published the results of its analysis, Zoom issued an update saying it had removed the Facebook code after it was "made aware that the Facebook SDK was collecting unnecessary device data".

Zoom made some clarifying updates to its privacy policy on Sunday (March 29) to make it "more clear, explicit, and transparent", in response to concerns raised by the community regarding its privacy policy.

“Zoom takes its users’ privacy extremely seriously," a spokesperson said in a statement. "Zoom collects only the data from individuals using the Zoom platform required to provide the service and ensure it is delivered effectively under a wide variety of settings in which our users may be operating. This data includes basic technical information, such as the user’s IP address, OS details, and device details. Zoom has implemented safeguards to protect our users’ privacy, which includes robust and validated controls to prevent unauthorized access to any content that users share during meetings, including – but not limited to – the video, audio, and chat content of those meetings. Importantly, Zoom does not mine user data or sell user data of any kind to anyone.”

The video conferencing app has grappled with several security issues over the years. Last year, security researcher Jonathan Leitschuh uncovered a critical vulnerability that allowed attackers to gain access to users’ webcams on Macs with the Zoom client installed. Zoom fixed the vulnerability, but was criticised for taking several months to do so.

In January, Check Point published research which found that hackers could guess Zoom Meeting IDs, enabling them to listen in on meetings that were not password protected. Zoom has since put in place measures to address this.

Source:
Campaign Asia
Tags

Related Articles

Just Published

17 hours ago

Tech on Me: Political tension meets platform drama

As big tech's entanglement with politics draws fresh scrutiny post-US election, Western platforms face a deepening trust crisis—from X's advertiser exodus to Meta's legal battles—while Asian tech firms vie to emerge as credible alternatives.

17 hours ago

Creative Minds: Heidi Kasselman on how pretending ...

From winging an internship in Johannesburg to leading creative at Clemenger Melbourne, Heidi Kasselman's unconventional path proves sometimes chaos is the best career plan.

19 hours ago

Spikes Asia 2025: In conversation with Torsak ...

Spikes Asia catches up with Chuenprapar to explore the power of humour in marketing communications and his advice for Thai agencies aiming to make a mark at this year’s awards.

20 hours ago

Yuu dominates Kantar's BrandZ Hong Kong ranking

DFI Retail's Yuu has conquered Hong Kong's brand landscape, outpacing even Cathay Pacific. Challengers are rising in both airlines and banking.