Zoom video conferencing service under scrutiny over privacy concerns
Wednesday, April 01, 2020
The Video Conferencing Service is Under Scrutiny Over Privacy Concerns/ Img: Hacker News

As the corporate industry continues to rely heavily on Zoom video conferencing service after many countries, including Rwanda announced a lockdown over the coronavirus pandemic, safety concerns have been raised over this facility.

Being one of the most used teleconferencing platforms in Rwanda and around the globe, fears have grown to whether Zoom shares information with third parties like Facebook without the user's consent, the quality (strength) of its encryption, and 'Zoom Bombing'.

Data Sharing With Facebook

According to a report, the iOS version of the Zoom app used to share analytics data with Facebook despite the lack of mention in the app's privacy policy. This was because Zoom used the 'Login with Facebook' feature allowing users to login to the service with their social media network profile.

The data included information on the user's device such as the model, the timezone, the carrier and the city and a unique carrier identifier, which, according to Vice, can be used to target a device user with advertisements. Facebook told Motherboard, the original reporter, that it requires developers to be transparent with users about the data their apps send to Facebook.

'Zoom Bombing' Video Conference Hijacks

If you thought video conferences couldn't be hijacked, welcome the internet. Incidents (some of which the FBI has highlighted) have occurred where complete strangers joined a meeting or chat uninvited and caused havoc.

Various personalities have experienced this first-hand leading many to believe that no one is immune.

Breaches may include sharing hate language, pornographic images and all kinds of unpleasant experiences.

To overcome this, a Zoom spokesperson suggested keeping default password protection for joining meetings. Other suggestions include limiting screen sharing permission to 'Host Only'.

Zoom's End-to-end Encryption

End-to-end Encryption widely believed to be the most private form of Internet communication might not be used Zoom despite the service's claims.

According to the Intercept, Zoom uses its own definition of the term which allows Zoom itself to access unencrypted video and audio from meetings.

This is usually called Transport Encryption and is similar to the encryption between a web browser and a website whereby the website itself can access the unencrypted data. This means data is safe from other people on the network but not from the company (Zoom). Given the growing use of the service in both public and private office players all around the world, this is a major concern.

Privacy and security has always been a hit topic when it comes to the internet. With millions (if not billions) becoming increasingly reliant on the internet in these times, it is only reasonable to expect more challenges and to brace ourselves with useful information.