The popularity of Zoom has increased even more due to the Coronavirus pandemic. In 2019, there were around 10 million users on Zoom. By April 2020, the number had risen to 300 million. In such a short period of time, the stock price of this online platform has increased by more than 500 percent. It is now considered one of the essential apps for businesses, whole families, and socially distant friends.
But is it safe to use Zoom? Lately, privacy concerns have caused much outcry among many users. There have been many stories pointing at the privacy and security issues associated with Zoom.
Here are the eight privacy and security concerns that you need to know about:
- Security
The security issues enable hackers to conveniently break into any user’s system while enabling participants to easily reuse their passwords. It also doesn’t provide proper control to protect the data that’s transferred or shared during Zoom meetings. Due to its flawed software, the viewers can study hand motions for determining which laptop/computer keys a user is typing. This also includes typing your password.
- Zoombombing
Another common issue with this online app is called Zoombombing. This error often occurs when some unauthorized intruder breaks into a Zoom meeting. Such an intruder may lead to various damages, like embarrassment, theft of sensitive data, and criminal mischief. The intruder may even make slanderous or offensive statements about a person or company while tricking other participants having trust issues. This glitch can also result in extortion crimes or identity theft.
- Collection Of Data And Personal info
Zoom is facing various lawsuits related to the sale and collection of personal information through meetings with advertisers. Most participants who are affected by this problem are the ones who access Zoom meetings via iPhones.
- Zoom Doesn’t Implement End-to-End Encryption
End-to-end encryption is a very secure way of communicating online. While Zoom has claimed their meetings to be end-to-end encrypted, it still seems that this is not totally accurate.
Reports are stating the Zoom encryption shown by the company is less than the recommended “end-to-end” fortitude. The way that their audio and video content during Zoom meetings always remains private from hackers. However, the company has technical access to unencrypted content through meetings. So, these meetings are not totally encrypted.
But Zoom asserts that never sells or collects any user data. They do have access to collect technical information, such as device details and IP addresses, to help them enhance their services.
Nonetheless, critics asset that their claim to end-to-end encrypted meetings was completely dishonest.
- Zoom’s Privacy Policy Don’t State Clearly About Its iOS App Analytics Being Sent to Facebook
It was noticed that Zoom used to send device data and location to Facebook, such as device operating systems, carries, models, and time zones.
While this practice is not uncommon to most apps, the concern it raised was that users are not provided proper notice about the transfer of data. In response to such findings, Zoom was also sued for its illegal disclosure of users’ data.
Later, Zoom updated its iOS to not send any data to Facebook.
- Employment Law Issues
Zoom meeting participants often avoid considering background pictures, art, apparel, memorabilia, or other assorted items behind the user during Zoom meetings. This is because a background can also reveal information about a user’s religion, race, age, orientation, or membership in some protected category.
However, Zoom meetings from home are known to lead participants to follow a more relaxed, casual approach. And, this gesture during meetings is not something you see at work. It may let the users put down their guard and also prompt someone for making offensive remarks that may come in the category of harassment.
In worst cases, employee are found in compromised position during Zoom calls. Recently a senior analyst of NYT was fired because he was found in a compromising position in the middle of a Zoom meeting. Consult an employment lawyer before dismissing an employee if such an incident happens at your workplace.
- Recordings
Zoom shows no indication to the participants whether their conversations are being recorded. If recorded, there are no restrictions on this platform on where such meetings can be posted on the internet. But recording conversation or meeting without the participant’s will or knowledge is called wiretapping. And if something is posted on the internet, it can stay there forever.
- Hackers Added Zoom Accounts on the Dark Web
A cybersecurity company, Sixgill, had observed that around 352 Zoom accounts were posted on the dark web. Links to all those accounts revealed that the posted information on the dark web included:
- Zoom meeting IDs
- Passwords
- Email addresses
- Type of Zoom account
- Host names
According to Sixgill, most of these accounts were personal and others were of US healthcare providers, small businesses, and various educational institutions. It seems that the hacker who posted all those accounts was trying to make mischief or wanted to troll the users rather than benefiting from the data. But this did put a question on Zoom’s security and privacy.
Quick Tips for Zoom Users
To avoid legal liability, Zoom participants must:
- Always use the platform in ‘private meeting’ settings
- Password-protect the meeting and never reuse old passwords
- Use a ‘per meeting ID’ instead of ‘personal meeting ID’
- Don’t let participants join the meetings before the host
- Don’t share the credentials of the host
- Disable screen sharing for every participant, except the host
- Disable side chats and also mute non-speakers
- Form unchangeable and consistent user names
- Inform all participants when recording a meeting
- Make use of the waiting room to enable the meeting host to check and screen all participants
- Work from home users must select one room from which they participate in Zoom meetings. And, only display things in the background that are often found in a business office.