Zoom apologizes for Facebook privacy fiasco and updates app to stop data sharing
After an investigation by Motherboard's Vice, video-conferencing app Zoom was found to be sharing user data with Facebook. Data was being sent from iPhones to Facebook, regardless of whether users had Facebook accounts or not, and the fact that data was being shared was not made apparent in privacy policies.
Zoom's popularity has skyrocketed recently, with more and more people looking for remote working solutions during coronavirus lockdowns. Now the company has apologized for the secretive data sharing, saying that it takes privacy extremely seriously. There's also a new version of the app available that doesn't use the Facebook SDK.
- Why is Zoom secretly sharing data with Facebook?
- Microsoft is pausing all but essential security updates for Windows 10
- Pornhub Premium is now free globally so you can enjoy self-isolating from coronavirus
Zoom confirms "example information" that the SDK was sending when the app was opened and closed: Application Bundle Identifier, Application Instance ID, Application Version, Device Carrier, iOS Advertiser ID, iOS Device CPU Cores, iOS Device Disk Space Available, iOS Device Disk Space Remaining, iOS Device Display Dimensions, iOS Device Model, iOS Language, iOS Timezone, iOS Version and IP Address.
In a statement posted on its blog, Zoom says: "Zoom takes its users' privacy extremely seriously. We would like to share a change that we have made regarding the use of Facebook's SDK".
Company CEO, Eric Yuan, goes on to explain:
We originally implemented the "Login with Facebook" feature using the Facebook SDK for iOS (Software Development Kit) in order to provide our users with another convenient way to access our platform. However, we were made aware on Wednesday, March 25, 2020, that the Facebook SDK was collecting device information unnecessary for us to provide our services. The information collected by the Facebook SDK did not include information and activities related to meetings such as attendees, names, notes, etc., but rather included information about devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space.
Our customers' privacy is incredibly important to us, and therefore we decided to remove the Facebook SDK in our iOS client and have reconfigured the feature so that users will still be able to log in with Facebook via their browser. Users will need to update to the latest version of our application that’s already available at 2:30 p.m. Pacific time on Friday, March 27, 2020, in order for these changes to take hold, and we strongly encourage them to do so.
Zoom acted fairly quickly to the report by Vice's Joseph Cox, taking just days to remove the SDK. The company thanks him, saying:
We would like to thank Joseph Cox from Motherboard for bringing this to our attention here.
We sincerely apologize for the concern this has caused, and remain firmly committed to the protection of our users’ privacy. We are reviewing our process and protocols for implementing these features in the future to ensure this does not happen again.