With remote work becoming the norm for many businesses lately, it’s not surprising to see teleconferencing tools like Zoom experiencing record growth in such a short amount of time. While other web services are busy optimizing and increasing server capacity to address performance issues, Zoom had one related to user privacy, as discovered recently by Vice’s Motherboard.
The problem, specific to Zoom’s iOS app, involved sending device data to Facebook, even for users who didn’t have a Facebook account. Though it’s pretty common for apps to integrate Facebook services to provide features and share data with third-parties, Zoom’s data collection practices weren’t clear for users who didn’t use their Facebook account to log in (or have one in the first place).
A detailed analysis found that Zoom was connecting with Facebook’s Graph API for data-sharing and was sending the device’s model, OS, time zone, city, carrier, hardware details and its unique advertiser identifier to the analytics tool.
The company soon issued a response, stating that it originally implemented the ‘Login with Facebook’ feature using Facebook’s SDK for added user convenience; however, it was “recently made aware” of the “unnecessary” device data being collected by the SDK.
Zoom users on iOS should now update their app to the latest version (4.6.9), which gets rid of the data-collecting Facebook SDK, but still allows login with a social media account through the device browser if one chooses to do so.
It’s not the first time for Zoom to come under media scrutiny, as last year the company was forced to issue an emergency patch to prevent Mac webcams from being hijacked.