Zoom users 'zoombombed' with porn and racism as FBI launches investigation
The video conferencing software, Zoom, saw a surge in the number of downloads in the United States and across the world as many schools and companies were forced into stay-at-home measures following the coronavirus outbreak. However, the increased use of the software has also brought its questionable privacy policy into the spotlight. After users took to social media to complain about suddenly seeing pornographic or racist images on the screens while using the app called 'zoombombing'.
Under quarantine, trolls are also finding new ways to disrupt life, they find public Zoom calls and use the platform's screen-sharing feature to broadcast graphic content to conference participants.
In March, Chipotle had to end a public Zoom chat which was co-hosted with the singer Lauv after someone broadcasted porn to its attendees. A Massachusetts high school reported that an unidentified individual dialed into the virtual classroom and yelled a profanity at the teacher before shouting the teacher's home address.
This problem arises out of a Zoom policy which states that “The host does not need to grant screen share access for another participant to share their screen.” However, conference hosts can disable the option in their settings or the Admin controls of the call, either before the meeting or during the call.
New York Attorney General Letitia James sent a letter to the company "with a number of questions to ensure the company is taking appropriate steps to ensure users' privacy and security." FBI's Boston office had earlier warned the company after it had received multiple reports of "conferences being disrupted by pornographic and/or hate images and threatening language."
The New York attorney general’s office is “concerned that Zoom’s existing security practices might not be sufficient to adapt to the recent and sudden surge in both the volume and sensitivity of data being passed through its network,” the letter said. “While Zoom has remediated specific reported security vulnerabilities, we would like to understand whether Zoom has undertaken a broader review of its security practices.”
This is not the first time Zoom has come under scrutiny for similar issues. In 2015, after a Pennsylvania man broadcasted rape of a 6-year-old on Zoom and was convicted, Federal Prosecutor Austin Berry called the app "the Netflix of child pornography" in his closing statements, according to the New York Times.
The growing concern about Zoom's privacy features comes as the demographic of users increasingly accommodate children, many of whom are attending classes through the app during the social isolation period.
Last week, Vice reported that Zoom was sending data from its iOS app to third parties, including Facebook, even if the user did not have a Facebook account. The Zoom app notifies Facebook when the user opens the app, details on the user's device such as the model, the time zone and city they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user's device which companies can use to target a user with advertisements. Zoom has since removed the code that sent data to Facebook.
The Intercept reported that Zoom does not provide end-to-end encryption for its services, despite what its marketing materials say. End-to-end encryption would mean the content is fully protected from third parties — that would include Zoom. Vice reported that the video conferencing company has leaked the personal emails and images of thousands of users to strangers.
As more people turn to the app for work and study purposes, the onus is on Zoom to address its users' privacy concerns. This offers Zoom's competitors the advantage to exploit users' growing mistrust in the app's regard for their safety.