Zoom Go to Meeting App can Send Users Data to Facebook without Any Prior Notice (Fixed in Update)
Today at the time of quarantine, socializing has been boosted. Moreover, working from home is being encouraged. People are widely using video calls to stay in connected for their business. But, everone can understand the reaction when the user's personal and sensitive data is shared with a third party by the video calling apps. This is a bad experience that users may have.
The same kind of privacy issue has been found in The Zoom iOS app which is widely being used for video calls and business video meetings. The Motherboard report says that Zoom is sharing users’ data with Facebook without any prior notice.
Motherboard report further says that this is not an uncommon thing for Facebook to get personal information of the users as many apps use the Facebook SDK to implement smooth features. So, these apps share the users’ personal information with Facebook. Most of the apps declare these kinds of sharing of data in their privacy policy.
But, in the case of Zoom, this might be a shocking thing as the users have been told nothing in the privacy policy and they might be unaware of sharing personal data with a third party i.e the Facebook while using the Zoom app.
Will Strafach, an iOS researcher and founder of a privacy-focused app Guardian, corroborated these findings of sharing users’ personal information with Facebook. He further mentioned in his tweet:
I think users can ultimately decide how they feel about Zoom and other apps sending beacons to Facebook, even if there is no direct evidence of sensitive data being shared in current versions,
Upon downloading Zoom it instantly connects with Facebook Graph API which may share your data like email, phone number, etc. with Facebook even when you have no Facebook Account. This data must further be used to show you personalized ads and intriguing interests.
At that point, Facebook told Motherboard that the companies must be very clear about the usage of their data and sharing their data with any third-party including Facebook. Apps using Facebook SDK and API must be more clear as Facebook terms clearly say
If you use our pixels or SDKs, you further represent and warrant that you have provided robust and sufficiently prominent notice to users regarding the Customer Data collection, sharing and usage," and specifically for apps,
For third-party apps, it clearly says that
that third parties, including Facebook, may collect or receive information from your app and other apps and use that information to provide measurement services and targeted ads.
On the other hand, no notice has been issued to users in the privacy policy of Zoom and the privacy policy of Zoom, it has been mentioned that third party service providers and advertisement partners such as Google Analytics and Google AdSense might collect your information when using the product. But no specific statement has been made regarding the data collection by Facebook.
This is not the first time when the Zoom app has found privacy problems. In, July 2019, another problem with the Zoom app was found where Zoom could open the Webcam of Mac in some way without the consent of the user. This made the webcam of the Mac More vulnerable to hackers as they could access users’ camera without the knowledge of the user.
After some days Zoom has also confirmed this issue and told that Zoom has recently used Facebook SDK to allow the users to log in through Facebook and in this way. They oversight the problem of the collection of data by Facebook when using Facebook SDK. Zoom further told that Zoom is going to remove Facebook SDK in the upcoming update till further improvements. Zoom also told that Zoom will encourage updating the Zoom app to the latest version.
