←back to thread

Zoom needs to clean up its privacy act

(blogs.harvard.edu)
1597 points seapunk | 3 comments | 27 Mar 20 14:18 UTC | HN request time: 0.627s | source
Show context
conradev ◴[27 Mar 20 19:21 UTC] No.22705922[source]
As other people have stated in this thread everything in Zoom's privacy policy seems to indicate they are sending data to advertisers only as necessary to advertise their own products. They likely:

- Use the Facebook iOS SDK to measure conversions from app install ads

- Send a list of hashed email addresses to Facebook or other advertisers to do ad re-targeting

- Have Google Analytics on their websites to track where people are visiting their website from, i.e. a click on a Google AdWords ad

While these are all not _ideal_ because _yes_, Google and Facebook use this data for their own purposes as well, it's far from _nefarious_. In fact, it's pretty standard fare. Could Zoom go above and beyond and reject these tools? Yes, they could. Does anyone in practice? No.

If Zoom was selling metadata about their calls, leaking contents of their calls, or themselves served ads – then yes, I'd be concerned. But all indications point to them purchasing ads to further the growth of their business.

I think it is perfectly reasonable to seek guarantees around the usage of the above, more sensitive data (contents of video calls, metadata of video calls, etc.) but on the flip side to imply from their privacy policy that they are sending it to Facebook or that they are "in the advertising business" is jumping the gun a little bit.

replies(6): >>22706506 #>>22707234 #>>22707659 #>>22707992 #>>22708747 #>>22726107 #
phyzome ◴[28 Mar 20 00:03 UTC] No.22707992[source]
If their Privacy Policy doesn't say they won't sell or distribute call metadata or contents, I have to assume they will. If they want to update their Privacy Policy to make that clearer, I would encourage that.

(And hashed email addresses? Might as well just send the email addresses. Hashing is kind of useless there.)

replies(1): >>22708102 #
1. conradev ◴[28 Mar 20 00:21 UTC] No.22708102[source]
Yeah, I hope that the outcome of all of this negative attention is that Zoom publishes those guarantees. What’d be even better, though, is if they enforce them with tech – WhatsApp and FaceTime both offer end to end encrypted group calling.

Hashed contact info is just how Facebook intakes contact information. Makes it harder for them to get the info of non-Facebook users who are patrons of the business. They claim to delete it: https://www.facebook.com/business/help/112061095610075?id=24...

replies(1): >>22711233 #
2. fctorial ◴[28 Mar 20 14:12 UTC] No.22711233[source]
> WhatsApp and FaceTime both offer end to end encrypted group calling.

These are closed source, right? How do you know this feature works?

replies(1): >>22726115 #
3. krageon ◴[30 Mar 20 08:06 UTC] No.22726115[source]
You don't, because you can't.