Increased Use of Zoom Raises Privacy and Security Concerns

A lot of the infosec community have been critical of Zoom because of security issues. Here’s a discussion about the privacy side…:

[…] Zoom has also received criticism for collecting personal information from videoconferences and disclosing the information to third parties such as Facebook.  Zoom has since stated that this sharing has been disabled. This change, however, only takes effect if the user updates the application.

These privacy concerns gave rise to a recent class action lawsuit, Robert Cullen v. Zoom Video Communications, filed in the U.S. District Court for the Northern District of California and asserting violations of the California Consumer Privacy Act (CCPA).  Plaintiff argues that Zoom failed to provide adequate notice before collecting and disclosing personal information and failed to implement and maintain reasonable security procedures.

In response to these privacy and data security concerns, Zoom recently made updates to its privacy policy to clarify its data collection practices. The revised privacy policy now states that Zoom only collects personal information to provide its video conferencing services and that Zoom does not sell personal information to third parties. On April 1st, Zoom stated in a blog post that the company intends to enact a “feature freeze,” refocusing R&D efforts on enhancing data protection.


Read the original article here