Motherboard investigation zoom ios app sending user data to facebook





[Updated] Zoom's iOS App Secretly Sends Data to Facebook: Report



Akshay Gangwar
March 30, 2020 10:29 am

*** //Update 1(30/03/2020 10:29 am) Zoom has updated its iOS app to remove
Facebook code
With the entire world reeling from the rapid spread of the Coronavirus
pandemic, a lot of people (students, teachers, groups of friends) have turned
to video conferencing options like Zoom to stay in touch, or to continue their
education while maintaining social distance. In fact, Zoom has exploded in


popularity since the Coronavirus pandemic started spreading through the world.
However, a new report from Motherboard claims that the iOS app for Zoom is
sending data to Facebook without the user's knowledge. What's worse, is that
this data is being sent even if the user in question doesn't even have a
Motherboard's analysis suggests that Zoom connects to Facebook's Graph API and
thereafter lets Facebook know when a user opens the app, the details about the


device they are using, and even information like the city they're based in,
their carrier, and a unique advertisement identifier for ad targeting.
More troubling than the actual data transfer however, is the fact that Zoom
isn't really mentioning this sort of transfer within its privacy policy at
all. "That's shocking. There is nothing in the privacy policy that addresses
that," said Pat Walsh, an activist who analysed Zoom's Privacy Policy.


Zoom also mentions that the service will collect Facebook data if a user logs-
in with Facebook or creates a Zoom account using Facebook. But again, it
doesn't mention that even if a user doesn't have a Facebook account, the app
still collects and sends data to Facebook anyway.
This isn't the only potential privacy issue with Zoom. According to the EFF,
Zoom call hosts can see whether participants have the Zoom window open or not,


they can also see participants' IP addresses, location data, and device
Update 1 (30/03/2020 10:29 am)
After the investigation and report from Motherboard, Zoom has rolled out a new
update to its iOS app which removes the code that was sending data to
In a statement given to Motherboard, Zoom said "Zoom takes its users’ privacy
extremely seriously. We originally implemented the ‘Login with Facebook’


feature using the Facebook SDK in order to provide our users with another
convenient way to access our platform. However, we were recently made aware
that the Facebook SDK was collecting unnecessary device data."
SOURCEVice
Zoom Opens Technology Center in Bengaluru; To Expand India Workforce Soon
Zoom Hit 94 Million App Store Downloads in Q2: Report
Zoom Unveils a New Touchscreen Display for Its Software


JioMeet Could Face Legal Action For Lifting Zoom's UI and Features


Zoom’s iOS app sent data to Facebook until recently



Vice reported that a recent analysis of the app has brought to light the fact
that the Zoom iOS app was sharing data with Facebook. The interesting part is
that the app sent information to the tech giant even for people that didn’t
have Facebook accounts.
Previously, when you opened the app, it connected to Facebook’s application


programming interface, which is usually the main method used by Facebook’s
developers to get data in and out of the platform. Additionally, on the
backend, Zoom was using Facebook’s software development kits (SDKs).
Facebook requires apps that use its SDKs to make sure to provide notice to
their users, informing them of Facebook’s Customer Data collection, which is


mainly related to personalized ads. Zoom’s privacy policy mentions that its
advertising partners (the policy gives as an example Google Ads and Google
Analytics) automatically collect some data, however, Facebook is not
specifically mentioned in regards to data collection.



Zoom’s iOS App Reportedly Sending User Data to Facebook



by Christopher Baugh - Fri, March 27, 2020
The iOS version of the Zoom video calling service is reportedly sending data
to Facebook, even if the user does not own a Facebook account to begin with.
As COVID-19 upends the world, Zoom's daily user base has shot up by 67
percent. With more workplaces and classrooms relying on this video-
conferencing tool, its privacy vulnerabilities have become increasingly
obvious and hard to ignore.
As it turns out, Zoom is actually a privacy nightmare. Motherboard is


reporting today that the Zoom iOS app silently sends user data to Facebook
even if the user does not have a Facebook account.
Zoom, like other apps, uses Facebook's software development kits (SDK) to
implement features quickly. In exchange, Facebook gains useful information
about users. As Vice's Motherboard explains, Zoom connects to Facebook's Graph
API, which is the way developers get data in or out of Facebook.
It explains:
> The Zoom app notifies Facebook when the user opens the app, details on the


> user's device such as the model, the time zone and city they are connecting
> from, which phone carrier they are using, and a unique advertiser identifier
> created by the user's device which companies can use to target a user with
Given the ubiquity of app developers relying on Facebook's software
development kits (SDKs), it's not uncommon for apps to share some degree of
data with the platform. It's basically a trade-off; developers rely on SDKs to
make their apps more usable while Facebook extracts some information in the


process. But in Zoom's case, iOS users have yet to be made aware of this
Facebook told Motherboard that if companies are using their SDKs then they
need to be transparent about the data collection and privacy. Facebook's terms
say: "If you use our pixels or SDKs, you further represent and warrant that
you have provided robust and sufficiently prominent notice to users regarding
the Customer Data collection, sharing and usage," and specifically for apps,
"that third parties, including Facebook, may collect or receive information


from your app and other apps and use that information to provide measurement
services and targeted ads."
If Zoom does not plan to reduce or entirely eliminate this exchange with
Facebook, it should make it abundantly clear to its iOS users that the app
shares their information with the network. People can then make an informed
decision based on their own individual threat models as to whether (or not)
they want to continue using the app. Without basic knowledge of such a


transfer, Zoom iOS users are essentially working in the dark.


Zoom's iOS app no longer sends data to Facebook



By Stan Schroeder2020-03-30 08:59:06 UTC
Zoom's iOS app is no longer sending your private data to Facebook.
The videoconferencing software recently saw its usage spike as more and more
people spend time at home due to the coronavirus outbreak. However, several
concerns have been raised about its privacy practices, including the fact that
its iOS app sends data such as the user's location and device details to
Facebook — even if the user doesn't have a Facebook account.
Now, Motherboard reports that Zoom's iOS app was updated to stop sending data


to Facebook, as the company found that some of the data sent was
"unnecessary."
"We originally implemented the “Login with Facebook” feature using the
Facebook SDK for iOS (Software Development Kit) in order to provide our users
with another convenient way to access our platform. However, we were made
aware (...) that the Facebook SDK was collecting device information
unnecessary for us to provide our services," Zoom wrote in a blog post Friday.
"Our customers’ privacy is incredibly important to us, and therefore we


decided to remove the Facebook SDK in our iOS client and have reconfigured the
feature so that users will still be able to log in with Facebook via their
browser," the post said.
Users need to update to the latest version of Zoom on iOS to see the change;
the new version has been available since Friday.
SEE ALSO: Coronavirus makes livestreamed dance and fitness classes a
bittersweet necessity
Among the myriad videoconferencing apps out there, Zoom has emerged as many
users' favorite because of superb video and audio quality, and despite the


fact that the free version of Zoom shuts meetings down after 40 minutes. It's
good that the company's fixing its privacy issues, though some potential
problems remain.
Topics: Health & Fitness, Tech, zoom


Popular Zoom iOS Meeting App Shares Your Private Data With Facebook Without



It should come as no surprise that video conferencing software is seeing a
sudden uptick in usage--more people are telecommuting in order to social
distance themselves amid the COVID-19 outbreak. Zoom is among the
beneficiaries of the current situation, though not without controversy. New
research indicates that Zoom's iOS app is sending analytical data to Facebook
on the sly.
Apps sending information to Facebook is not the least bit uncommon. Many apps


and services tie their offerings into Facebook, and it can be convenient for
users who do not want to juggle yet another account. But when it comes to
sharing analytical data, that sort of thing should be made clear to users, and
require their consent.
According to Motherboard, that is not the case with Zoom and its iOS
application. The site conducted an investigation and found that Zoom notifies


Facebook when the user opens the app and provides various details, such as the
device they are using, the user's city they are connecting from and the time
zone they are in, and a unique advertiser identifier created by the device for
targeted advertising.
The issue with all this is, according to the report, that Zoom is not upfront
about its data collection practices and the subsequent transfer to Facebook.


Zoom's privacy policy does not cover the extent of what of the iOS does in
this regard. It does say the app may collect a user's "Facebook profile
information (when you use Facebook to log-in to our Products or to create an
account for our Products)," but does not mention sending data to Facebook for
users who don't even have a Facebook account.
"I think users can ultimately decide how they feel about Zoom and other apps


sending beacons to Facebook, even if there is no direct evidence of sensitive
data being shared in current versions," Will Strafach, an iOS researcher and
founder of iOS app Guardian, told Motherboard.
Zoom has also captured the attention of the Electronic Frontier Foundation,
which points out that administrators can access the contents of recorded
calls. This includes video, audio, transcripts, and chat files, along with
access to sharing, analytics, and cloud management privileges.


Tags: Facebook, ios, zoom, (NASDAQ:FB), (NASDAQ:AAPL)
Via: Motherboard
4. Zoom's iOS app is sending data to Facebook even if you don't have an account



Motherboard investigation: Zoom iOS app sending user data to Facebook



An investigation by Motherboard revealed that Zoom's iOS app was sending user
analytics data to Facebook, even for Zoom users who did not have a Facebook
account, via the app's interaction with Facebook's Graph API.
CNET Apps Today Security Software Applications Mobile Apps Zoom Encryption
TOP