Privacy issues are swarming around Zoom just as it's becoming everyone's favorite videoconferencing app

From: Business Insider

Videoconferencing app Zoom is having a moment right now.

As the coronavirus pandemic has forced people across the country to work from home and stay indoors, video-chat services like Zoom are exploding in popularity.

It currently sits at the top of the charts in both Apple's and Google's app stores, and the service had already added more users in 2020 by late February than it did in all of 2019, according to a Bernstein note reported by MarketWatch.

But with Zoom's newfound popularity have come fresh concerns about privacy and how the company handles consumer data.

Zoom was recently hit with a class-action lawsuit over accusations that it shares data with third parties like Facebook without adequately notifying users. Zoom calls have also been the target of a new practice that's come to be known as "Zoom bombing," when people intrude on meetings and digital classes and bombard chat participants with offensive content. And most recently, a report from The Intercept raised questions about the quality of the encryption the company uses to secure calls.

Such concerns haven't gone unnoticed. The office of Letitia James, the New York attorney general, recently sent a letter to the company asking how it's tightening security as usage ramps up now that people are teleconferencing more than ever, The New York Times reported.

A Zoom spokesperson said the company takes user "privacy, security, and trust extremely seriously" and is willing provide the attorney general with the "requested information."

Here's a look at the privacy concerns that have cropped up around Zoom in recent weeks. 

The iOS version of the Zoom app was sharing some analytics data with Facebook, despite the fact that it was not mentioned in the app's privacy policy, Motherboard's Joseph Cox reported last week.

This stemmed from Zoom's use of Facebook's software development kit, which powers the "Login with Facebook" feature that allows you to sign into the video service using your profile on the social-media network.

Zoom has since removed the code that was sending data to Facebook by reconfiguring the feature, as Motherboard also reported. The data that was shared with Facebook didn't include personal information, but rather it included details about users' devices, the company told the outlet.

Still, a Zoom user filed a class-action lawsuit in California against the firm over concerns regarding its practices of sharing data with Facebook without alerting users.

The FBI has recently received several reports of "Zoom-bombing," which is when an intruder hijacks a Zoom videoconference and infiltrates it with pornographic images or hateful content. 

The Boston division of the bureau said it has been made aware of two instances in which an anonymous individual had gained access to a Zoom classroom. In one instance, the individual shouted profanity and then yelled the teacher's home address, while in the other, the person displayed swastika tattoos.

Trolls have even taken to Alcoholics Anonymous meetings, which have turned to video meetings as social distancing is more widely recommended to slow the spread of the coronavirus. 

"We take the security of Zoom meetings seriously and we are deeply upset to hear about the incidents involving this type of attack," a Zoom spokesperson said in a statement to Business Insider.

There are some measures users can take to prevent Zoom bombing from occurring. A tool called waiting room allows the meeting host to screen those who enter the call. The FBI also suggests ensuring that the host is the only participant with the ability to share his or her screen, and advises to avoid sharing links to Zoom conferences publicly.

Zoom also addressed the issue and shared tips on its website so users could avoid being Zoom bombed. The company also said users should report such incidents so that proper action can be taken.

Zoom's attention-tracking feature alerts the host of a meeting when a user does not have the meeting "open and active" for more than 30 seconds while another participant is sharing their screen.

The feature has come under fire in the days since Motherboard brought it to attention on March 16. Some have argued that feature is flawed because chat participants may actually be doing work-related tasks, like taking notes, while the Zoom window isn't in use. Others were concerned over the privacy implications.

Zoom said in a statement to Business Insider that the feature is built for training purposes, is off by default, and can only be enabled by the administrator. Zoom doesn't track any audio or video content from calls and does not monitor other apps or activity on your device, the company said.