Zoom’s iOS App Update No Longer Sends Personal Data To Facebook

Published on April 1, 2020

The software, Zoom, has recently seen an increase in usage as more and more companies urge their employees to work from home due to the current pandemic. One of the issues, as explained by Mashable, has always been the app’s privacy. This includes the video conference app sending the user’s data to Facebook. Nevertheless, Zoom’s iOS app was updated to stop sending personal to Facebook. This was best seen when Zoom stated in a blog post that:

“We originally implemented the “Login with Facebook” feature using the Facebook SDK for iOS (Software Development Kit) in order to provide our users with another convenient way to access our platform. However, we were made aware on Wednesday, March 25, 2020, that the Facebook SDK was collecting device information unnecessary for us to provide our services.”

Zoom In On Motherboard

The app was made aware of this thanks to Motherboard. The online Tech magazine owned by Vice was the one to discover the privacy issue. Motherboard writer, Joseph Cox, reveals in his article that the choice to update the iOS app came after one of the magazine’s analysts found that the app sent personal information to the veteran social media giant. By the time the app was analyzed, Motherboard came to the conclusion that Zoom’s privacy policy did not clarify the data transfer to Facebook. Their findings are best illustrated when a Zoom spokesperson stated that:

“The data collected by the Facebook SDK did not include any personal user information, but rather included data about users’ devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space.”

Zoom does deem this data transfer as unnecessary. However, one cannot help but wonder the other ocassions in which some data might be regarded as necessary. Nevertheless, changes were made. According to the site, Motherboard downloaded the update and confirmed that it no longer sends data to Facebook.

Facebook SDK

The Zoom’s iOS app update has proven to be good news. However, the problem doesn’t stop there. It’s a fact that the Facebook SDK feature is quite common in iOS products. The problem worsens as, according to Threatpost, SDK has been proven to be misused for nefarious reasons. Another Threatpost article from last November states that SDKs have been known to be misused for the sake of scraping account info from social media sites, such as Facebook and Twitter.

This is where the real dilemma comes. The November article states that Facebook and Twitter are warning against SDKs. Mainly because, as seen with some of Motherboard’s findings, some SDKs are known “to harvest personal information.” So the question is: How did Facebook allow this? Despite the data transfer happening via the “Login Through Facebook” option, it doesn’t explain how devices’ information went to the social network company, even for non-users of the platform.

Not Their First Rodeo

This is not the first time Zoom has been under scrutiny. According to Techspot, last year the company was forced to offer solutions to prevent the hacking of Mac webcams. Another security researcher also discovered that the Zoom version for macOS could be used to highjack a computer’s webcam. Cal Jeffrey, a Contributing Writer for Techspot explained that the security breach was facilitated by a web server that Zoom installs on the device to make it easier for users “to join meetings with one click.” Just like a malicious entity can abuse SDKs features, they can also infiltrate webcams.

Hours after they refused to fix the problem, accounts went live and Zoom had no other choice but to address the security issue. They said in a statement:

“We appreciate the hard work of the security researcher in identifying security concerns on our platform. Initially, we did not see the web server or video-on posture as significant risks to our customers and, in fact, felt that these were essential to our seamless join process. But in hearing the outcry from some of our users and the security community in the past 24 hours, we have decided to make the updates to our service.”

With all of these security issues that Zoom seems prone to have, is it safe to say that Zoom will not have any other problems? The answer remains uncertain. Despite the need for the app now that many companies are working from home, there is a high chance that hackers aren’t stopping anytime soon on Zoom’s features.

Argenis Ovalles is an Editorial Intern at Grit Daily. He currently writes at Vocal Media and Theater Pizzazz.

Read more

More GD News