Zoom and its impact on American Privacy

Last Supper, Work From Home edition (Source: knowyourmeme.com)

Last month, Nashville Mayor John Cooper released his “Safer at Home” order regarding COVID-19 urging citizens to stay in their homes and connect digitally rather than in person to protect against the global COVID-19 pandemic. In accordance with this new recommendation, you can find me curled up at home with my favorite blanket, a cup of tea, and my current Netflix binge. Although this is a stressful time for all, many Americans are finding ease knowing that as long as they are home, they are safe…right? You’d hope.

Surely, the American population is at a lower risk of contracting COVID-19 while cooped up at home, but engaging with others during this socially isolating and increasingly digital time poses entirely new personal privacy risks. While the online platform, Zoom, has become the backbone of American connectedness in the past two months, its increased popularity has also exposed some significant flaws in the company’s data privacy regulations.

When originally designed in 2011, Zoom was primarily created as a business platform. As chief executive of Zoom’s Video Communications told the New York Times, “We were focusing on business enterprise customers,” Mr. Yuan said. “However, we should have thought about ‘What if some end user started using Zoom’” for nonbusiness events, “maybe for family gatherings, for online weddings.” He added: “The risks, the misuse, we never thought about that.”

Zoombombing Interview with Zoom CEO, Eric Yuan

Although unconsidered during the platforms conception, the risk factors of misusing sensitive and personal information passing through Zoom’s network is now playing out in real time as the number of users has jumped from 10 million patrons a day, to 200 million daily during the outbreak. This influx in users has exposed the cracks in Zoom’s data privacy policies, and has also lead to a new wave of online harassment known as “zoombombing.”

Zoombombing occurrence during Chipotle’s live event (New York Times)

Zoombombing is the term coined for the unwelcome entrance of internet trolls into Zoom meetings. These interruptions have occurred in large meetings, such as Chipotle’s co-hosted event with musician, Lauv, and small intimate events including book clubs and class discussions. These internet trolls are known to post pornographic content and racial slurs for all meeting participants to see. The threat posed by these hackers may seem trivial to some, but these digital sneak attacks are unsettling and dangerous and have prompted much media attention as well as a statement from the FBI.

A snapshot from the FBI Zoombombing warning (Twitter)

To make matters worse, not only has Zoom proven to be susceptible to disruptive hackers, the company has been leaking participant data without user consent. According to the Times, flaws in Zoom’s privacy system were brought to attention “last year, after Jonathan Leitschuh, a cybersecurity researcher, discovered a flaw that attackers could use to activate a Zoom user’s webcam without their permission.” but the company failed to address it. Researchers at the same time found that when users attempted to remover the app from computers, it would secretly reinstall itself, making users susceptible to data leakage. The company continues to experience backlash as a feature titled LinkedIn Sales Navigator, has been providing users with access to other meeting members LinkedIn profiles without their knowledge or consent. As one article in the Times revealed, “Once a Zoom user enabled the feature, that person could quickly and covertly view LinkedIn profile data — like locations, employer names and job titles — for people in the Zoom meeting by clicking on a LinkedIn icon next to their names.”

Zoom’s LinkedIn Sales Navigator tool that allows users to seek out other user’s information covertly (New York Times)

Although this information may be unsettling, it is surely not surprising after the many conversations we have had as a class discussing the limits and breeches on private data in American Society. Perhaps the exposure of Zoom’s faulty systems and the backlash it has received will drive the movement for stricter data privacy laws into public attention, but even so it would be optimistic to believe a grand change in our society will come from another such exposé.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s