Jump to content
Login new information ×
Login new information

Video calling app Zoom's iOS version is sharing user data with Facebook

Karlston

By Karlston
in Security & Privacy News

Recommended Posts

Karlston

Karlston

Posted
Posted

Video calling app Zoom's iOS version is sharing user data with Facebook

Even if you don't have a Facebook account

Zoom

(Image credit: Shutterstock)

 

Zoom's video calling service has been available for a while now but the unprecedented number of people working from home during the coronavirus pandemic has skyrocketed the app's popularity.

 

However, research conducted by Vice's tech branch, Motherboard, has revealed that Zoom's iOS app has been secretly sharing analytical data with Facebook, even if the user doesn't have an account on the social media platform.

 

The data being shared includes time the app is launched, device and location information, phone carrier, and analytical data that can be used to create targeted ads.

Too much information

The reason Zoom is able to share user data with Facebook, even if there's no linked social media account, is because the video calling app uses Facebook's software development kits (SDKs). So, when Zoom is downloaded and launched, it immediately connects to the Facebook Graph API.

 

This is not a new practice: developers have long used Facebook SDKs to add features to their apps, although Facebook's terms of use require app makers to inform users of these data sharing practices.

 

While Zoom's privacy policy mentions that the app may collect data related to a user's Facebook profile which may then be shared with third parties – although Facebook is not explicitly mentioned as a third party – there's no clear indication it will be doing the same for users who do not have a Facebook account. 

Not the first time

Zoom does have a history of privacy issues. In 2019, a security researcher unearthed a bug that allowed webcams of Zoom users to be hacked without their knowledge, although the company has said that the issue has been resolved.

 

Other recent news related to video chat security involves a man exposing himself in front of children on a video call after he was able to "guess" the link to the call. While this was not on a Zoom call (instead on an app called Whereby), TechCrunch reported last year that it was possible to hijack a Zoom meeting by "cycling through different permutations of meeting IDs in bulk". This was possible as the meetings weren't protected by a passcode.

 

The Electronic Frontier Foundation (EFF) recently explained how a host on a Zoom call can monitor the activities of participants while screen-sharing. If users record the video call, then Zoom administrators are able to "access the contents of that recorded call, including video, audio, transcript, and chat files, as well as access to sharing, analytics, and cloud management privileges".

 

While the old security issues have since been resolved by Zoom, this new discovery highlights how simple technological solutions can sometimes come at the cost of privacy.

 

 

Source: Video calling app Zoom's iOS version is sharing user data with Facebook (TechRadar)

Link to comment
Share on other sites
  • Replies 1
  • Views 622
  • Created
  • Last Reply
Karlston

Karlston

Posted
  • Author
Posted

Zoom removes SDK in its iOS client that sent user data to Facebook

1585368879_img_20200328_120557_story.jpg

Zoom acknowledged today a privacy issue with its video conferencing app for iOS, which came under fire on Thursday after it was found sending analytics data to Facebook, courtesy of Motherboard. The company said it has now removed the Facebook SDK responsible for the unnecessary collection of data.

 

On Apple's App Store, Zoom's app has received a new update that introduces improvements to Facebook login. Zoom explained today that it has "reconfigured the feature so that users will still be able to log in with Facebook via their browser."

 

The recent Motherboard report revealed that the Zoom app for iOS was sending "some analytics data to Facebook, even if Zoom users don't have a Facebook account". The company said the "Login with Facebook" feature used the Facebook SDK for iOS to help users access the platform more conveniently. Zoom added that the data collected by the SDK didn't include information related to meetings like attendees, names, and notes. However, information about devices such as the mobile OS type and version, time zone, device model and carrier, screen size, processor cores, and disk space were transmitted to Facebook. The firm is advising users to update to the app's latest version to address privacy concerns.

 

 

Source: Zoom removes SDK in its iOS client that sent user data to Facebook  (Neowin)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...