Zoom removes a feature that sent data to Facebook

Zoom went ahead and removed what they called a feature, perhaps from pressure from sites like this one who reported on Motherboard’s findings and called them out on it.

The issue was that Zoom shared the data and did not disclose it in their privacy policy. The App used Facebook’s SDK “Login with Facebook”, a feature that a lot of apps seem to utilize. By what Zoom did was automatically connect it with Facebook and share your info with Facebook’s Graph API even if the user did not use the feature.

Last year, Zoom had a flaw that allowed hackers to turn on someone’s webcam without their consent, and without them noticing. On top of that, when someone had the Zoom app closed and even uninstalled, the software left a web server up and running, allowing for an automated install of the app if someone invited the user to a Zoom call. Finally, Zoom makes it really hard for you to join calls without installing the app, even though that’s possible.

Zoom is now “reconfiguring” the Facebook login feature to sign into facebook through the webview. If you use Zoom, just update the update to get the fixed version.

Zoom’s public apology:

“We sincerely apologize for this oversight, and remain firmly committed to the protection of our users’ data.”

By Platform De.Central | Source: Motherboard