Video calling app Zoom has been found to be unknowingly sharing user information with social media giant Facebook, even in cases where the person does not have a Facebook account.
As most countries worldwide are in lockdown and people have been home-quarantined due to the coronavirus outbreak, the use of video conferencing apps has skyrocketed. In fact, Facebook has seen a 70% spike of video calls around the world since the pandemic started.
Meanwhile, Zoom has also engaged more users during the past few weeks.
However, online tech magazine Motherboard recently revealed that, according to their analysis, the iOS version of Zoom is leaking its user’s data and sharing it with Facebook.
New: Zoom pushes an update after we found the iOS app sending data to Facebook. They’ve now removed the code that was sending the data https://t.co/enXXVwpdQo
— Joseph Cox (@josephfcox) March 27, 2020
How Zoom is sending and collecting user data
Zoom operates using Facebook’s software development kit (SDK), as like many other applications, to enable more features on the application. The software makes it easy to link up with Facebook as well.
While Zoom does not have any direct link to a user’s social account on Facebook, as soon as users download and sign in on Zoom, the app is instantly connected to the Facebook Graph API.
As per Motherboard, the data is then directly shared with Facebook whenever a user launches the app, activates the phone carrier, or enables location tracker – basically, all analytical data that can help the company in launching targeted ads to users.
Pat Walshe: Zoom as a ‘Data Vampire’
Oh my goodness. They really do think users are just passive …
— Privacy Matters (@PrivacyMatters) March 13, 2020
Walshe was among the first whistleblowers to the privacy issue, calling Zoom to fix their mistake.
— Privacy Matters (@PrivacyMatters) March 29, 2020
Zoom CEO acknowledges mistake
On March 27, Eric Yuan, the founder of Zoom, issued a statement explaining their use of Facebook’s SDK in its iOS client and acknowledging their oversight.
“We sincerely apologize for the concern this has caused, and remain firmly committed to the protection of our users’ privacy. We are reviewing our process and protocols for implementing these features in the future to ensure this does not happen again.”
— Joseph Cox (@josephfcox) March 30, 2020
UK government warns about Zoom security and privacy flaws
The rising concerns regarding privacy on Zoom have alerted even government officials. The U.K.’s Ministry of Defence (MoD) has banned its staff from using the application due to rising security concerns.
A statement from MoD officials stated:
“We are pausing the use of Zoom, an internet-based video conferencing service, with immediate effect whilst we investigate security implications that come with it.”
However, despite MoD already banning the application for official use, pictures of U.K.’s prime minister Boris Johnson were questioned by authorities, as he was seen using Zoom for cabinet meetings with senior Members of the Parliament.
A government spokesperson said that, in light of the health crisis, the world needs effective channels of communication. However, they added that Zoom may still be considered “safe to use” for conferences that do not require a high level of security:
“NCSC (National Cyber Security Centre) guidance shows there is no security reason for Zoom not to be used for conversations below a certain classification.”
Last year, Zoom was in hot waters when a major vulnerability in the app allowed users to be spied on via their webcams. Zoom has since fixed the security flaw as well.