Zoom Apologizes for Security Failures

Zoom, the company that makes the software that so many people are using now that they have to work from home, posted A Message to Our Users. In it, Zoom Founder and CEO, Eric S. Yuan, apologizes for security failures and provides details about the things they are doing to fix the problems.

Zoom starts by pointing out that usage of Zoom “ballooned overnight”. This includes over 90,000 schools across 20 countries that have taken Zoom up on their offer to help children continue their education remotely. According to Zoom, at the end of December 2019, the maximum number of daily meeting participants, both free and paid, conducted on Zoom was approximately 10 million. In March of 2020, they reached more than 200 million daily meeting participants, both free and paid.

For the past several weeks, supporting this influx of users has been a tremendous undertaking and our sole focus. We have strived to provide you with uninterrupted service and the same user-friendly experience that has made Zoom the video-conferencing platform of choice for enterprises around the world, while also ensuring platform safety, privacy, and security. However, we recognize that we have fallen short of the community’s – and our own – privacy and security expectations. For that, I am deeply sorry, and I want to share what we are doing about it.

Here is a quick look at what Zoom has done to fix things:

  •  Offering training sessions and tutorials, as well as interactive daily webinars to users. The goal is to help familiarize users with Zoom.
  •  On March 20, Zoom posted a blog post to help users address incidents of harassment (or so-called “Zoombombing”) on the platform by clarifying the protective features that can help prevent this.
  •  On March 27, Zoom took action to remove the Facebook SDK in their iOS client and have reconfigured it to prevent it from collecting unnecessary device information from Zoom users.
  •  On March 29, Zoom updated their Privacy Policy to be more clear and transparent about what data they collect and how it is used.
  •  On April 1, Zoom permanently removed the attendee attention tracker feature. They also permanently removed the LinkedIn Sales Navigator app after identifying unnecessary data disclosure by the feature.

These changes are a very good thing for Zoom to be doing. After unexpectedly gaining so many new users, the last thing the company would want to have happen is for people to leave Zoom because of their concerns about its problematic handling of privacy. It seems to me that the apology offered by Zoom Founder and CEO, Eric S. Yuan is genuine, because the company did take actions to improve Zoom for users.