Zoom, a web-based video learning center that the University of Louisiana at Lafayette has used since moving online, more formally known as Zoom Video Communications, has been involved in two lawsuits, both claiming the platform violated privacy laws.
The first was filed in California on March 30 and claimed that Zoom shared information with Facebook and other third parties, against the wishes of users.
“Upon installing or upon each opening of the Zoom App, Zoom collects the personal information of its users and discloses, without adequate notice or authorization, this personal information to third parties, including Facebook, Inc. (‘Facebook’), invading the privacy of millions of users,” the lawsuit reads.
“We have agreements with our service providers that say they cannot use any of this data for their own purposes or for the purposes of another third party,” according to the website. “We prohibit our service providers from selling data they receive from us or receive on our behalf.”
Furthermore, Zoom wrote on their blog that they did not share information with Facebook, but rather that it was collecting information without the knowledge of Zoom itself.
“However, we were made aware on Wednesday, March 25, 2020, that the Facebook SDK was collecting device information unnecessary for us to provide our services,” reads the blog.
Zoom reassured its client base that the information that the website did receive was inconsequential and not related to anything stated in the conversations on Zoom.
“The information collected by the Facebook SDK … included information about devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space,” the blog states.
Zoom goes on to say they have since changed their policy on the matter.
“Our customers’ privacy is incredibly important to us, and therefore we decided to remove the Facebook SDK in our iOS client,” according to the blog.
The second lawsuit that Zoom has been involved in took place on April 7, and it was filed by shareholders in the Zoom Company that claims that the company has inadequate security measures in place.
“(ii) contrary to Zoom’s assertions, the Company’s video communications service was not end-to-end encrypted; (iii) as a result of all the foregoing, users of Zoom’s communications services were at an increased risk of having their personal information accessed by unauthorized parties, including Facebook;” the lawsuit reads.
The claim also states the plaintiffs have suffered damages and the request is a trial by jury, but since the lawsuit was filed so recently, no new information is available.
Outside of lawsuits, Zoom conferences have been interrupted by hackers, further questioning the idea that Zoom is a secure platform.
“The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI website reads. “As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts.”
However, the website provides clear guidelines to prevent this from happening.
“Do not make meetings or classrooms public,” according to the website. “Manage screensharing options. In Zoom, change screensharing to ‘Host Only.’ Ensure users are using the updated version of remote access/meeting applications.”