theand the chat app exploded in popularity as sought new ways to work, study and socialize amid the coronavirus pandemic. With the possibility of and new features such as and one , it’s easy to see why Zoom’s popularity isn’t dwindling even as and offices become . But with all this popularity, there are privacy risks.
From built-in attention-tracking features (which have since been disabled) to exploitable software bugs and “Zoom-bombing” issues (where uninvited participants break into and disrupt meetings) – Zoom’s security practices have attracted the attention of users around the world. New York Attorney General Letitia James sent Zoom a letter outlining privacy vulnerability issues in March 2020. The Electronic Frontier Foundation also warned users working from home about built-in privacy features software.
Privacy experts previously raised concerns about Zoom in 2019, when the video conferencing software suffered from both a webcam hacking scandal and a bug that allowed nosy users to potentially join video meetings they weren’t. were not invited, if these meetings were not protected by a password.
Issues exacerbated by widespread adoption early in the pandemic were just the latest chapter in the software’s turbulent security history and prompted Zoom CEO Eric Yuan to address concerns in April 2020, freezing feature updates to address security issues for a 90-day period. deployment of the update. Although Zoom has since added security features like end-to-end encryption, there are still a few things you need to pay attention to to keep your chats as private as possible.
Here are some of the Zoom privacy vulnerabilities you need to watch out for.
Zoom’s cloud recording feature can share meeting video with people outside the call
For paid subscribers, Zoom’s cloud recording feature can be a lifesaver or a catastrophic misstep waiting to happen. If the feature is enabled on the account, a host can record the meeting with their text transcript and a text file of all active chats from that meeting, and save it to the cloud where it can later be viewed by other users authorized to your company, including people who may never have attended the meeting in question. Yeah.
As Jack Morse of Mashable said, “What this suggests, but doesn’t clarify, is that for non-webinar/standard meetings, your person-to-person chat messages would then be sent to your boss after a cloud recorded call.”
The zoom allows for a narrowing of the audience here, however. Administrators can limit the recording’s accessibility to certain pre-approved IP addresses, even if the recording has already been shared. Participants can also see when a meeting is recorded.
Zoom even shared information with Facebook
By now, you’re used to hearing it from privacy-conscious people: Don’t use Facebook to log into other sites and software unless you want to.on what you are doing. Fair enough. But what if Zoom is caught sending some of your analytics data to Facebook, whether or not you have a Facebook account?
An analysis by Vice’s Motherboard found that the iOS version of the Zoom app does just that. Using Facebook’s Graph API, Zoom told Facebook each time you opened the Zoom app what phone or device you were using, along with your phone carrier, location, and a unique advertising ID. Motherboard also reported that Zoom has updated its iOS app so that the app stops sending certain data to Facebook.
In a March 2020 blog post, Zoom addressed the issue, noting that “the privacy of our customers is extremely important to us, and so we decided to remove the Facebook SDK in our iOS client and reconfigured the feature so that users can still log in with Facebook through their browser.”
“Zoom uses some standard advertising tools that require personal data (think, for example, Google Ads and Google Analytics). We use these tools to help us improve your advertising experience (such as serving advertisements on our behalf across the internet, serving personalized ads on our website and providing analytics services),” the policy said at the time. “The sharing of personal data with the third-party provider when using these tools may fall under the extremely broad definition of ‘selling’ personal data under some national laws, as these companies may use personal data at their own business purposes, as well as those of Zoom’s purposes.”
You should probably review your zoom and device security settings to minimize permissions and ensure that any anti-tracking software on your device is up to date and running.
It may not help, but it can’t hurt.
It’s also important to keep your Zoom app up to date so that your privacy is always protected with the latest security patches. Fortunately, Zoom recently rolled out a new auto-update feature that makes this process much more convenient.
For more, check out how to use sneakyto get out of your meetings, and , and how . And, does ?