The Zoom controversy: Privacy flaws and data shared with third parties
Popular app has issues
Isabell Rivera OW Contributor | 5/14/2020, midnight
Since the “new normal” translates into practicing sheltering-at-home and social distancing, many people are now working from home, or applying for jobs online, and experiencing new techniques and technologies.
With apps such as Skype, FaceTime, and Zoom, the “face-to-face” interview process, or conference call is easy. But is the user’s information private?
Since March, Zoom has seen a 535 percent increase in traffic on its website. It’s so trusted and popular that even politicians—such as former U.S. Federal Reserve Chair Alan Greenspan and British Prime Minister Boris Johnson—use it to make conference calls.
However, according to experts, the user’s information is not private. Individuals need emails in order to sign in and join a conference call. Zoom has stirred up some privacy concerns and is being sued for “selling” email addresses to third parties.
Yes, Facebook also received similar scrutiny for a data breach incident in 2018 regarding privacy. Although Facebook doesn’t necessarily “sell” user’s data, it lets third parties have access to it, by signing into Spotify or Uber via Facebook instead of using a private email address.
Technically, any app or website on the internet will “sell” data or store users’ information when it asks for permission. Users grant permission when a little window pops up explaining that the site uses “cookies.” If the user likes the content and wants to proceed, the individual accepts those “cookies,” which grants that website permission to sell users data to third parties.
According to “Vox Media,” “cookies are pieces of information saved about you when you’re online, and they track you as you browse.”
Furthermore, “Vox Media” states: “There are first-party cookies that are placed by the site you visit, and then there are third-party cookies, such as those placed by advertisers to see what you’re interested in and in turn serve you ads — even when you leave the original site you visited. (This is how ads follow you around the internet.)”
Ironically, Zoom sold analytic data to Facebook recently. Afte a class-action lawsuit filed by a user on the data breach of information to facebook, Zoom then updated the app version of its iOS (operating system for mobile devices).
The lawsuit states: “Zoom appears to have taken no action to block any of the prior versions of the Zoom App from operating. Thus, unless users affirmatively update their Zoom App, they likely will continue to unknowingly send unauthorized personal information to Facebook, and perhaps other third parties. Zoom could have forced all iOS users to update to the new Zoom App to continue using Zoom but appears to have chosen not to.”
A Zoom spokesperson told “Motherboard” that it takes the privacy of its users seriously and that Zoom originally executed the “Login with Facebook” feature provided by the Facebook SDK (Software Development Kit) to give its users another option to access their platform without a hassle. But as of recently, they weren’t aware of the fact that Facebook’s SDK collects more data than necessary.
In a statement, Zoom confirmed the “Motherboard” research by stating: “We will be removing the Facebook SDK and reconfiguring the feature so that users will still be able to login with Facebook via their browser. Users will need to update to the latest version of our application once it becomes available in order for these changes to take hold, and we encourage them to do so. We sincerely apologize for this oversight, and remain firmly committed to the protection of our users’ data.”