As people are facing lockdown and social distancing, they are also facing the problem of working from home and studying in online classrooms. Zoom App, in this scenario, has gained popularity. In one of our previous articles, we mentioned how certain companies are benefitting from the Covid-19 Pandemic and the Zoom App is one of them. But recently, Motherboard circulated a report claiming a fault in the iOS App. Here is full coverage of the news:
What is Zoom App?
Zoom App is a leading cloud-based video-conferencing app that allows video and audio conferencing, collaboration, chat, and webinars across mobile devices, desktops, telephones, and room systems.
The App was developed in 2011 and it saw a rise in usage after the Covid-19 pandemic hit the world. The app is free to use where it allows connectivity with 50 users for at most 40 minutes. Of course, it has a paid plan, with some added features like no limit on time, etc.
Even with the free plan, the 40 minutes limit for K-12 schools in some countries has been lifted. The app offers a wireless screen-sharing performance across Windows, Mac, Linux, iOS, Android, Blackberry, Zoom Rooms, and H.323/SIP room systems. One can join an existing meeting, host one, share screen and even just be on the audio version.
In the case of scheduled meetings, the app provides a personal key. It allows keyboard and pointer manoeuvre control to the screen sharer. It even allows to record meeting, mute personal backgrounds and pulls up a whiteboard to make notes.
Until the Motherboard Analysis, Zoom was one of the safest apps to schedule formal meetings and online classrooms with a single click.
What did the Motherboard Report State?
The Motherboard Report put forward an analysis of Zoom's iOS app. The app could be logged in with a Facebook account, not uncommon for SNS apps. In their report, Motherboard stated that the app's privacy policy does not mention anything about sending data to Facebook. Yet, there was a code in the iOS app. This code sent user data like the mobile or device OS type and version, the device time zone, device model and carrier, screen size, processor cores, and disk space.
The report stated that the Zoom app notifies Facebook when the user opens the app, details on the user's device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user's device which companies can use to target a user with advertisements.
The app wasn't aware that the Facebook Software Development kit was taking the information. A software development kit is a bundle of code that developers often use to help implement certain features into their app. This SDK sometimes sends certain data off to third-parties, however.
After Motherboard's analysis, Will Strafach, an iOS researcher, also confirmed the Motherboard's findings that the Zoom app sent data to Facebook at the time.
Zoom Updates its iOS App and issues clarification
Zoom App did not shy away from the responsibility. Instead, it checked the report and found out the truth. It later updated the iOS app and modified the codes in the Facebook SDK. Users can still log in via their Facebook accounts, but the data won't be shared anymore.
Zoom said the data collected did not include personal user information, but rather information about users’ devices. Users should update the iOS app to the latest version for the change to take effect, the company said.
It issued a blog reporting the issue and change in its privacy policy. The users will have to manually update the app which will not have the existing SDK. The company also issued an apology individually to every person complaining and wrote on Twitter:
We take our users’ privacy extremely seriously, and we’ve taken action to address this issue — for more information, please see our blog post here: https://t.co/uNq2bFmQ8h
— Zoom (@zoom_us) March 28, 2020
Motherboard, upon further information, downloaded the update and verified that it does not send data to Facebook upon opening.