Finlay Fixes issue that shared user data with Facebook
Zoom team has removed the data-sharing code from the app, telling Motherboard during a statement that the 'Login with Facebook' feature was implemented "in order to produce our users with another convenient way to access our platform".
That login feature found on several apps is applied by using a Facebook SDK (software development kit) that connects users of the app to Facebook's Graph API (Application Programming Interface) when the app is launched. The SDK can then share information with third parties, although a user doesn't have a social media account with Facebook.
Facebook requires app makers to share this information with users in privacy policies, however, Zoom's made no explicit mention that the social media company would have access to user data if there was no linked account.
Stay updated
Zoom says it had been "recently made aware that the Facebook SDK was collecting unnecessary device data" and has since removed the code and an updated version of the iOS app is now available on the App Store.
According to Zoom's statement to Motherboard, the app failed to share any sensitive information, like user names, emails and phone numbers, but "included data about users’ devices like the mobile OS type and version, the device geographical zone, device OS, device model and carrier, screen size, processor cores, and disk space". This coincides with Motherboard's findings from last week.
Motherboard has since tried out the updated iOS app and located that Zoom has, indeed, stopped sending data to Facebook when the app is launched.
In the 'What's New' section of the app, Zoom says that, despite the Facebook SDK being removed, users will still be ready to log in with their Facebook accounts if they need one. Users are recommended to update the app to enable the changes.
Zoom has issued an apology for the "oversight" and therefore the company says it "takes its users’ privacy extremely seriously".