Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Is Zoom’s new privacy policy worth a damn? Proceed with caution, experts say

It’s a Zoom world, and we’re just living in it — but we may still be handing over our private data in the meantime. Use of the popular videoconferencing app Zoom has spiked as work has moved into people’s homes. According to the New York Times, the app saw 600,000 downloads in one day, and that was two weeks ago when COVID-induced lockdowns were just beginning to take effect. It’s no wonder the app has surged in popularity — it just works. Simply click on a link and have your meeting.

Recommended Videos

However, a recent investigation by Motherboard revealed Zoom’s iOS app was sending some data about users to Facebook, which was not made clear in the app’s privacy policy. Other investigations by The Intercept showed that the calls were not, in fact, end-to-end encrypted as the company claimed. People were inadvertently sharing their location, which device they were using, and advertising identification data. Even New York State Attorney General Letitia James is looking into the company’s privacy practices.

Zoom has since updated its iOS app to stop sending data to Facebook, as well as amended its privacy policy to add “clarifying updates” under the increased glare of media and public scrutiny. Among the changes: The company says “Customer Content” can no longer be used in ads, that video can only be saved at the request of a user, and the company also added details about the data it does collect.

Some experts said Zoom’s new policy does clarify and tighten up previously vague language regarding user data. This change is something the U.K.-based digital rights group ProPrivacy applauded, but still urged caution.

“Zoom is complying with the laws, but it will share your data with Google where it is lawful to do so,” wrote Jo O’Reilly, digital privacy advocate for ProPrivacy. “It does go so far as to point out, though, that this is not a ‘sale’ of your data in the sense that most of us use the word ‘sale’, a clear attempt to shake off the controversy.”

James Carder, the chief security officer of LogRhythm, a security intelligence company, wasn’t sold. “This is fairly boilerplate stuff,” Carder told Digital Trends. “When you read their privacy policy now, it sounds like they’re trying to avoid responsibility and put the onus on the customer. It’s more of a response of ‘hey, we’re doing the right thing! The problem isn’t with us!’”

What’s in Zoom’s new privacy policy

Zoom Meeting
Image used with permission by copyright holder

In a statement to Digital Trends, Zoom said “It’s important to note that the ‘new’ privacy policy does not reflect any changes in our practices, it simply makes clarifying updates to the language” (emphasis theirs). The spokesperson also said that the practice of Zoombombing is “unrelated to the new privacy policy.” Zoombombing is a trolling tactic wherein an unauthorized user will access a Zoom chat that isn’t secured with a password and act in a disruptive manner, for instance by playing an inappropriate, loud video or shouting white supremacist slogans. Zoom said they “strongly encourage hosts to review their settings.”

“The root issue is that people are accessing some form of data that they shouldn’t be accessing,” Carder said. “If I look at them releasing new privacy policy, I don’t think it’s addressing the root issue. I don’t see anything addressing security best practices, or what you could do with meetings that get Zoombombed. And this stuff is happening on every online collaboration platform.”

“When they came under scrutiny, they went back and reworked and clarified the policy dramatically to ease user minds,” said Eve Maler, interim chief technology officer of the a digital identity company ForgeRock. “And they did a good job. But they should have known better.”

Maler said she thought Zoom did a good job addressing some core concerns; compliance with child protection laws and medical privacy laws for instance. But she said she’s seen this “walk of shame” from CEOs before: A company’s lax privacy policy is discovered, the CEO feigns contrition under scrutiny and offers a non-apology statement, and then the policy is changed.

“Customers have gotten more savvy and cynical and privacy sensitive, and regulators have too. Enterprises have to understand that modern data privacy has changed,” Maler said. “We’ve seen enough of these executive ‘walks of shame,’ that they [Zoom] should have known that this would happen in this regulatory environment,”

Maler pointed to another dramatic instance of this exact pattern: Spotify in 2015. The music streaming app’s policy at the time allowed it to pretty much read a user’s entire phone. Users had inadvertently agreed to allow the app to view their Facebook posts, know their location, and see their contacts and photos. Spotify insisted there was a reasonable explanation, but CNN described the policy as “the opposite of private” and “creepy” and under the harsh glare of the media spotlight, the policy was amended.

“We don’t know the true intentions, but we’ve seen this happen before and people rightfully look askance at this exercise of power. Let’s just call it what it is,” Maler said. “They should have known that changing privacy policy in this environment will look like it was motivated by circumstances and newfound popularity. It’s not a good look.”

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
Amazon the latest firm asking staff to work from home — if possible
gates foundation amazon care to fund coronavirus home kits for seattle residents headquarters washington

Amazon is the latest company in the tech world asking its employees to work from home.

The recommendation, made by the Seattle-based company on Thursday, March 12, is designed to help slow the spread of the coronavirus, formally known as COVID-19.

Read more
iPhone 17 series could finally end Apple’s stingy era of slow screens
iPhone on charging stand showing photo screen in iOS 17 StandBy mode.

Apple has played a relatively slow innovation game when it comes to display upgrades on its phones. The company took its own sweet time embracing OLED screens, then did the same with getting rid of the ugly notch, and still has a lot of ground to cover at adopting high refresh rate panels.

The status could finally change next year. According to Korea-based ET News, which cites an industry source, Apple will fit an LTPO (low-temperature polycrystalline oxide) screen across the entire iPhone 17 series, including the rumored slim version and the entry-point model.

Read more
Aptera’s 3-wheel solar EV hits milestone on way toward 2025 commercialization
Aptera 2e

EV drivers may relish that charging networks are climbing over each other to provide needed juice alongside roads and highways.

But they may relish even more not having to make many recharging stops along the way as their EV soaks up the bountiful energy coming straight from the sun.

Read more