Data privacy has taken a backseat in terms of national priorities in the wake of the coronavirus pandemic, as Congress has shifted its whole focus to the virus and US tech companies have begun working with state and federal authorities to reach potential patients.
When Citizen Lab looked at where their U.S.- and Canada-based Zoom conversations were being routed, the researchers discovered encryption keys were sometimes sent to Beijing, though would be handled by servers in other countries, too.
(Reuters) - Elon Musk’s rocket company SpaceX has banned its employees from using video conferencing app Zoom, citing “significant privacy and security concerns,” according to a memo seen by Reuters, days after U.S. law enforcement warned users about the security of the popular app.
This is known as transport encryption, which is different from end-to-end encryption because the Zoom service itself can access the unencrypted video and audio content of Zoom meetings.
We reached out to Zoom in an effort to determine whether meeting participants are notified if and when hosts enable attendee attention tracking, but received no immediate response.However, there's more: That said, Zoom does use certain standard advertising tools which require Personal Data (think, for example, Google Ads and Google Analytics).
The issue lies in Zoom's "Company Directory" setting, which automatically adds other people to a user's lists of contacts if they signed up with an email address that shares the same domain.
Last week, after an article on the news site Motherboard reported that software inside the Zoom iPhone app was sending user data to Facebook, the company said it was removing the tracking software.
Working and socialising from home has brought new risks to everyday life, as webcam meetings and chatroom cocktail hours contend with privacy invasions, phishing attacks and “zoombombings” – uninvited guests abusing the popular video service to broadcast shocking imagery to all.
"Zoom should update their terms to ensure that data collected during meetings from any participant or host is explicitly excluded from any advertising or marketing use, and that they don't view and tag video footage to train AI for facial or object recognition," says Justin Brookman, director of privacy and technology policy at Consumer Reports.