The company has dropped clanger after clanger after clanger over recent days, ones that are serious enough to make you reconsider whether you should be using Zoom at all. Summarised below are some of the key issues that have emerged so far.
In a blog post published on April 1, Zoom apologised to users and said that over the next 90 days, all of its engineering resources will shift their focus to the service8217;s “biggest trust, safety, and privacy issues”.
The Intercept discovered that though Zoom meetings are encrypted, the company has the ability to access the unencrypted video and audio content from calls made through its service. In other words, calls are not end-to-end encrypted, despite the fact that Zoom has been telling users otherwise.
The company says it has “layered safeguards in place” that prevent “anyone, including Zoom employees, from directly accessing any data that users share during meetings, including — but not limited to — the video, audio and chat content of those meetings.”
However, this doesn’t change the fact that Zoom has been misleading its users and, if it was to be compelled to, would have the ability to hand over the content of users’ video calls to governmental authorities or law enforcement.
On the same day, it emerged that the Prime Minister has continued to use Zoom for cabinet meetings − despite warnings of “security implications” from the Ministry of Defence, which has banned its staff from using the software.
Furthermore, to date Zoom has not published any transparency reports that show how many government requests for user data it receives and complies with. On March 18, Access Now wrote an open letter urging Zoom to publish one, and on April 1, Zoom committed to putting a transparency report together.
On March 26, Vice8217;s Motherboard revealed that the iOS version of the Zoom app had been sending analytical data, such as login times, device details, local area and a unique advertising-related identifier, to Facebook without Zoom users’ consent.
“We originally implemented the ‘Login with Facebook’ feature using the Facebook SDK in order to provide our users with another convenient way to access our platform. However, we were recently made aware that the Facebook SDK was collecting unnecessary device data,8221; Zoom told Vice after its article went live.
8220;To address this, in the next few days, we will be removing the Facebook SDK and reconfiguring the feature so that users will still be able to login with Facebook via their browser. Users will need to update to the latest version of our application once it becomes available in order for these changes to take hold, and we encourage them to do so.”
- Zoom does not sell our users’ data.
- Zoom has never sold user data in the past and has no intention of selling users’ data going forward.
- Zoom does not monitor your meetings or its contents.
- Zoom complies with all applicable privacy laws, rules, and regulations in the jurisdictions within which it operates, including the GDPR and the CCPA.
Every Zoom call has an ID number assigned to it in order to make it easy for people to join it, but there have been numerous reports of trolls successfully gatecrashing chats − and abusing participants − simply by feeding random ID numbers into the system.