Jessica Goodfellow
Mar 30, 2020

Zoom privacy concerns in the spotlight

As Zoom is entering more homes and being used to facilitate high-profile government meetings, flaws are emerging in its security set-up.

Zoom privacy concerns in the spotlight

While many businesses are suffering during the global COVID-19 pandemic, one has benefitted immensely: Zoom. As countries across the world have implemented measures to confine people to their homes, the videoconferencing app has become a popular way for families, friends and colleagues to communicate. But as it is invited into more people's homes and used to facilitate high-profile government meetings, several privacy experts have raised concerns over the safety of the app.

Zoom has been a popular app for several years, offering more competitive pricing and faster and higher quality streams than several of its rivals, alongside ease of use and fun products like virtual backgrounds. It was launched in 2013 by Eric Yuan, a former lead engineer for the videoconferencing software WebEx, which was later sold to Cisco.

The coronavirus outbreak has graduated Zoom from a business platform to a consumer one. It is being used by schools to teach virtual lessons, by DJs to livestream sets, by doctors to conduct 'telehealth' consultations, and as a socialising tool for friends. Mobile app tracking firm Apptopia reports that the Zoom app was downloaded 2.4 million times on Wednesday (March 25)—up from 56,000 global downloads in January. Zoom’s shares are up more than 100% since the beginning of the year.

But its recent use within governments has brought safety concerns to the surface. The UK's Ministry of Defence told the BBC on Friday (March 27) that it found no reason not to use Zoom for conversations "below a certain classification", such as cross-government chats, but that it had never been used for high-security meetings. It clarified its stance after UK Prime Minister Boris Johnson shared a photo of Thursday's (March 26) G20 'summit' that was held over video conference. However, the video summit was not held over Zoom, but a rival video conferencing tool.

In parallel to this, a Motherboard investigation found that the iOS version of the Zoom app was sending to Facebook information such as when a user opened the app, their timezone, city, and device details, without explicity asking users for consent to do so. One day after Motherboard published the results of its analysis, Zoom issued an update saying it had removed the Facebook code after it was "made aware that the Facebook SDK was collecting unnecessary device data".

Zoom made some clarifying updates to its privacy policy on Sunday (March 29) to make it "more clear, explicit, and transparent", in response to concerns raised by the community regarding its privacy policy.

“Zoom takes its users’ privacy extremely seriously," a spokesperson said in a statement. "Zoom collects only the data from individuals using the Zoom platform required to provide the service and ensure it is delivered effectively under a wide variety of settings in which our users may be operating. This data includes basic technical information, such as the user’s IP address, OS details, and device details. Zoom has implemented safeguards to protect our users’ privacy, which includes robust and validated controls to prevent unauthorized access to any content that users share during meetings, including – but not limited to – the video, audio, and chat content of those meetings. Importantly, Zoom does not mine user data or sell user data of any kind to anyone.”

The video conferencing app has grappled with several security issues over the years. Last year, security researcher Jonathan Leitschuh uncovered a critical vulnerability that allowed attackers to gain access to users’ webcams on Macs with the Zoom client installed. Zoom fixed the vulnerability, but was criticised for taking several months to do so.

In January, Check Point published research which found that hackers could guess Zoom Meeting IDs, enabling them to listen in on meetings that were not password protected. Zoom has since put in place measures to address this.

Campaign Asia

Related Articles

Just Published

10 hours ago

OpenAI marks arrival in Asia Pacific with opening ...

To mark the opening of its Japan office, OpenAI has released a GPT-4 custom model optimised for the Japanese language.

11 hours ago

40 Under 40 2023: Shu Wu, McCann Worldgroup

Shu Wu's transformative leadership led McCann Worldgroup China through unprecedented success, securing major clients and empowering diverse talents for the company

12 hours ago

Canva makes an unbelievably good presentation...and ...

The work from UltraSuperNew taps iconic Japanese actors Takeshi Kitano and Gekidan Hitori in an suspenseful, funny and memorable hit that reinforces how Canva allows one to take care of business on their own.

16 hours ago

Mars Wrigley India CMO on evolving snack tastes and ...

Nikhil Rao explains how Mars Wrigley brands are adapting to health and social trends, how premiumsation factors-in for older demographics and how personalised content is key for Gen Z.