Update: Since the report last week, Zoom stopped sending data to Facebook and told Motherboard that it did not share any sensitive user data with Facebook but only "data about users’ devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space".
The video conferencing app, Zoom, while popular otherwise too, has gained a lot of traction lately during the Coronavirus outbreak, which has forced people to stay in to keep safe.
However, while more and more people are downloading Zoom, a recent report by Motherboard claims that its iOS app is sending data to Facebook without making any mention of the practice in its privacy policy.
The report states that when the Zoom app is downloaded and installed on an iOS device, the app connects to the Facebook Graph API. This is not an uncommon practice since there are a lot of apps out there that use Facebook software development kits (SDKs) to implement features into their software.
Reportedly, though, Zoom does not mention in its privacy policy that makes it clear this type of data sharing is happening. Per the report, Zoom says it may collect data related to a user's Facebook profile, however, it doesn't clearly mention sharing data on users who don't have a Facebook account.
Also, to be clear, Zoom does mention in its privacy policy that it shares data with third-party apps but it does not name Facebook.
Further, the report also claims that Zoom sends a notification to Facebook every time the following actions are taken:
- an iOS app is opened
- what device a user is using
- what carrier they're on
- what city and time zone they're connecting from
- unique advertiser tag
Even in 2019, a security researcher discovered a zero-day flaw in the Zoom app that left users vulnerable webcam hijacking.