Video calling app Zoom has been found to be unknowingly sharing user information with social media giant Facebook, even in cases where the person does not have a Facebook account.

As most countries worldwide are in lockdown and people have been home-quarantined due to the coronavirus outbreak, the use of video conferencing apps has skyrocketed. In fact, Facebook has seen a 70% spike of video calls around the world since the pandemic started.

Meanwhile, Zoom has also engaged more users during the past few weeks.

However, online tech magazine Motherboard recently revealed that, according to their analysis, the iOS version of Zoom is leaking its user’s data and sharing it with Facebook.

New: Zoom pushes an update after we found the iOS app sending data to Facebook. They’ve now removed the code that was sending the data

— Joseph Cox (@josephfcox) March 27, 2020

How Zoom is sending and collecting user data

Zoom operates using Facebook’s software development kit (SDK), as like many other applications, in order to add more specifications and features to the application. The software makes it easy to link up with Facebook as well.

While Zoom does not have any direct link to a user’s social account on Facebook, as soon as users download and sign in on Zoom, the app is instantly connected to the Facebook Graph API.

As per Motherboard, the data is then directly shared with Facebook when a user launches the app, activates the phone carrier, and enables location tracker – basically, all analytical data that can help the company in launching targeted ads to the users.

Pat Walshe: Zoom as a ‘Data Vampire’

Pat Walshe, an activist for Privacy Matters, shared his opinion on Twitter regarding Zoom’s privacy policy on March 13. He claims that Zoom is a “Data Vampire” and that users should peruse their privacy policy.

Oh my goodness. They really do think users are just passive …

Y’all really should ZOOM in on Zoom’s privacy policy and practices.#AdTechSurveillance #DataVampires

— Privacy Matters (@PrivacyMatters) March 13, 2020

Walshe was among the first whistleblowers to the privacy issue, calling Zoom to fix their mistake.

“What Zoom’s current privacy policy says is worse than “You don’t have any privacy here.” It says, “We expose your virtual necks to #DataVampires who can do what they will with it.”

Please fix it, Zoom.” <a double yep from me. Please fix it @zoom_us

— Privacy Matters (@PrivacyMatters) March 29, 2020

It is previously mentioned in Zoom’s privacy policy that the data “may be shared with third-party apps.” However, it did not explicitly mention Facebook as one of their third-party apps or how the data will be shared until recently.

Zoom CEO acknowledges mistake

On March 27, Eric Yuan, the founder of Zoom, issued a statement explaining their use of Facebook’s SDK in its iOS client and acknowledging their oversight.

“We sincerely apologize for the concern this has caused, and remain firmly committed to the protection of our users’ privacy. We are reviewing our process and protocols for implementing these features in the future to ensure this does not happen again.”

In a recent tweet by Motherboard journalist Joseph Cox, Zoom has since updated its privacy policy and removed the code that was unknowingly sending and collecting user data.

Zoom has also updated its privacy policy to make it more explicit:

— Joseph Cox (@josephfcox) March 30, 2020

UK government warns about Zoom security and privacy flaws

The rising concerns regarding privacy on Zoom have alerted even government officials. The U.K.’s Ministry of Defence (MoD) has banned its staff from using the application due to rising security concerns.

A statement from MoD officials stated:

“We are pausing the use of Zoom, an internet-based video conferencing service, with immediate effect whilst we investigate security implications that come with it.”

Despite MoD already banning the application for official use, pictures of U.K.’s prime minister Boris Johnson was questioned by authorities, as he was seen using Zoom for cabinet meetings with senior Members of the Parliament.

A government spokesperson said that, in light of the health crisis, the world needs effective channels of communication. However, they added that Zoom may still be considered “safe to use” for conferences that do not require a high level of security:

“NCSC (National Cyber Security Centre) guidance shows there is no security reason for Zoom not to be used for conversations below a certain classification.”

Last year, Zoom was in hot waters when a major vulnerability in the app allowed users to be spied on via their webcams. Zoom has since fixed the security flaw as well.

The post Zoom is sending user information to Facebook, fixes privacy flaw appeared first on Micky.