Zoom’s Privacy Risks: The Video Chat App Might Share More Information Than You Realize
theand the chat app exploded in popularity as sought new ways to work, study and socialize amid the coronavirus pandemic. With the possibility of and new features such as and one , it’s easy to see why Zoom’s popularity isn’t dwindling even as and offices become . But with all this popularity, there are privacy risks.
Built-in attention tracking features (which have since been disabled) at exploitable software bugs and “Zoom-bombing” issues (where uninvited participants break into and disrupt meetings) – Zoom’s security practices have meticulous examination users around the world. New York Attorney General Letitia James sent a letter to Zoom outlining privacy vulnerability issues in March 2020. Electronic Frontier Foundation also warned users working from home about the software’s built-in privacy features.
Privacy experts previously raised concerns about Zoom in 2019, when the video conferencing software experienced both a webcam hacking scandal, and a bug that allowed nosy users to potentially join videoconferences to which they had not been invited, if these meetings were not password protected.
Issues exacerbated by widespread adoption early in the pandemic were just the latest chapter in the software’s turbulent security history and prompted Zoom CEO Eric Yuan to address concerns in April 2020, freezing feature updates to address security issues for a 90-day period. deployment of the update. Although Zoom has since added security features like end-to-end encryption, there are still a few things you need to pay attention to to keep your chats as private as possible.
Here are some of the Zoom privacy vulnerabilities you need to watch out for.
Zoom’s cloud recording feature can share meeting video with people outside the call
For paying subscribers, Zoom cloud recording functionality can be a lifeline or a catastrophic misstep waiting to happen. If the feature is enabled on the account, a host can record the meeting with their text transcript and a text file of all active chats from that meeting, and save it to the cloud where it can later be viewed by other users authorized to your company, including people who may never have attended the meeting in question. Yeah.
As Jack Morse from Mashable said, “What this suggests, but does not clarify, is that for non-webinar/standard meetings, your person-to-person chat messages would then be sent to your boss after a cloud-recorded call.”
The zoom allows for a narrowing of the audience here, however. Administrators can limit the recording’s accessibility to certain pre-approved IP addresses, even if the recording has already been shared. Participants can also see when a meeting is recorded.
Zoom even shared information with Facebook
By now, you’re used to hearing it from privacy-conscious people: Don’t use Facebook to log into other sites and software unless you want to.on what you are doing. Fair enough. But what if Zoom is caught sending some of your analytics data to Facebook, whether or not you have a Facebook account?
A scan by vice motherboard found the iOS version of the Zoom app doing just that. Using Facebook’s Graph API, Zoom told Facebook each time you opened the Zoom app what phone or device you were using, along with your phone carrier, location, and a unique advertising ID. The motherboard also reported that Zoom had updated its iOS application the application would stop sending certain data to Facebook.
In one March 2020 blog post, Zoom addressed the issue, noting that “the privacy of our customers is extremely important to us, and so we have decided to remove the Facebook SDK in our iOS client and reconfigured the functionality so that users can still log in with Facebook. through their browser.”
“Zoom uses some standard advertising tools that require personal data (think, for example, google ads and Google Analytics). We use these tools to help us improve your advertising experience (for example, by serving advertisements on our behalf across the Internet, serving personalized advertisements on our website, and providing analytics services),” the policy stated at the time. third-party provider when using these tools may fall under the extremely broad definition of “selling” personal data under some national laws, as these companies may use personal data for their own business purposes, as well as for Zoom purposes. »
You should probably review your zoom and device security settings to minimize permissions and ensure that any anti-tracking software on your device is up to date and running.
It may not help, but it can’t hurt.
It’s also important to keep your Zoom app up to date so that your privacy is always protected with the latest security patches. Fortunately, Zoom recently rolled out a new automatic update function this makes this process much more convenient.
For more, check out how to use sneakyto get out of your meetings, and , and how . And, does ?