Zoom Says It Has Stopped Sending User Data to Facebook
Zoom, Microsoft Teams, and other video conferencing apps are reporting record growth as millions of people are pushed to work and hang out from home. However, it turns out not every app is made similar. Last week, a report revealed that the iOS version of the Zoom app was sending analytics data to Facebook. This happened even if Zoom users didn't have a Facebook account...
This isn't surprising as many apps use Facebook's software development kits (SDK), however, the makers of the app weren't proactive with letting their users know that the social networking giant is getting access to their data without their informed consent. Motherboard revealed that the data shared with Facebook included information, such as:
- When the app is opened
- Device information
- User's time zone and city
- Phone carrier
- iOS device disk space remaining
- IP Address
- Unique Advertiser Identifier (used by companies to target a user with advertisements)
While Zoom makers didn't take things seriously when contacted by the reporters, they did start making amends once the initial investigation was published to the public.
"Zoom takes its users’ privacy extremely seriously," the company said. "We originally implemented the 'Login with Facebook' feature using the Facebook SDK for iOS (Software Development Kit) in order to provide our users with another convenient way to access our platform." The statement adds that the company was made aware "that the Facebook SDK was collecting device information unnecessary for us to provide our services."
The information collected by the Facebook SDK did not include information and activities related to meetings such as attendees, names, notes, etc., but rather included information about devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space.
Zoom has announced removing the Facebook SDK in its iOS client. The company said it has "reconfigured the feature so that users will still be able to log in with Facebook via their browser."
Users will need to update to the latest version of our application that’s already available at 2:30 p.m. Pacific time on Friday, March 27, 2020, in order for these changes to take hold, and we strongly encourage them to do so.
The company said that it apologizes for this privacy breach (although it doesn't explicitly calls it a privacy breach). "We are reviewing our process and protocols for implementing these features in the future to ensure this does not happen again," Zoom added.
As video conferencing apps explode in popularity, it becomes extremely important to check how secure they actually are especially since they are being used for private conversations and sensitive work chats.