Zoom Updates iOS App to Stop Sending Data to Facebook

[MacRumors]

Zoom, a video conferencing app that many people are using at the current time to keep in touch with coworkers while working from home, was sending data to Facebook without disclosing the data sharing to customers.

As of today, Zoom has updated its iOS app to remove the SDK that was providing data to Facebook through the Login with Facebook feature, according to Motherboard, the site that first discovered Zoom's data sharing practices.

Zoom was providing Facebook with data that included when a user opened the app, plus their timezone, city, and device details. Zoom's privacy policy did not make it clear that the data was shared with Facebook.

In a statement, a spokesperson for Zoom said that Zoom was unaware that the Facebook SDK was collecting unnecessary device data.

"Zoom takes its users' privacy extremely seriously. We originally implemented the 'Login with Facebook' feature using the Facebook SDK in order to provide our users with another convenient way to access our platform. However, we were recently made aware that the Facebook SDK was collecting unnecessary device data."

"The data collected by the Facebook SDK did not include any personal user information, but rather included data about users' devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space."

"We will be removing the Facebook SDK and reconfiguring the feature so that users will still be able to login with Facebook via their browser. Users will need to update to the latest version of our application once it becomes available in order for these changes to take hold, and we encourage them to do so. We sincerely apologize for this oversight, and remain firmly committed to the protection of our users' data."

Motherboard has since verified that the iOS app is no longer sending data to Facebook when it is opened.

Article Link: Zoom Updates iOS App to Stop Sending Data to Facebook

 

[farewelwilliams]

So many developers are unaware with what exactly happens when you implement Facebook SDK. Also many users are unaware with what happens when you use login with Facebook.

 

[Boatboy24]

I'd never consider using Facebook credentials for anything.

 

[Paradoxally]

As an iOS developer, I will never use anything Facebook-related ever again in my apps. No SDKs, no libraries made by them, and certainly no integrations with any of their products unless it's a simple "share this content with Instagram/Whatsapp" prompt.

Privacy is key, customers are paying more and more attention to their rights, and they will reject apps that don't offer alternative services to log in.

 

[Techwatcher]

As an iOS developer, I will never use anything Facebook-related ever again in my apps. No SDKs, no libraries made by them, and certainly no integrations with any of their products unless it's a simple "share this content with Instagram/Whatsapp" prompt.

Privacy is key, customers are paying more and more attention to their rights, and they will reject apps that don't offer alternative services to log in.

People like you deserve immense success.

 

[69Mustang]

As an iOS developer, I will never use anything Facebook-related ever again in my apps. No SDKs, no libraries made by them, and certainly no integrations with any of their products unless it's a simple "share this content with Instagram/Whatsapp" prompt.

Privacy is key, customers are paying more and more attention to their rights, and they will reject apps that don't offer alternative services to log in.

Good on you. Unfortunately, the masses by and large have shown they don't care. Facebook has been caught snooping data 6 ways from Sunday yet they grow. They give lip service to privacy, violate it, and then offer half-assed apologies. Wash, rinse, repeat... yet they grow. The masses generally don't care. Regardless of the platform, be it Windows, Mac, iOS, or Android, Facebook and it's properties are among the most popular apps, if not the outright most popular.

Again, good on you from a moral standpoint, but excluding Facebook from your app environments really won't benefit you imo. It actually could hurt you. Damn near everyone is hooked into Facebook. Heck even Apple.

 

[Scottsoapbox]

So many developers are unaware with what exactly happens when you implement Facebook SDK. Also many users are unaware with what happens when you use login with Facebook.

User ignorance I get, but how does a developer not understand that Facebook is going to be Facebook (offer something "free" and take data)?

 

[Jimmy Bubbles]

As an iOS developer, I will never use anything Facebook-related ever again in my apps. No SDKs, no libraries made by them, and certainly no integrations with any of their products unless it's a simple "share this content with Instagram/Whatsapp" prompt.

Privacy is key, customers are paying more and more attention to their rights, and they will reject apps that don't offer alternative services to log in.

divorcing react.js?
I agree, this should’ve never EVER been done. Facebook is sneaky, and a snake IMO. I deleted mine years ago. Yes, I realize they have data on me.

 

[MisterSavage]

Glad to see that they removed this. I prefer other video chatting methods but I installed it for a family call because the others wanted to use it.

 

[farewelwilliams]

User ignorance I get, but how does a developer not understand that Facebook is going to be Facebook (offer something "free" and take data)?

Developer may have assumed Facebook won't take data if user doesn't tap on the login button.

 

[len5]

Anyone that still uses FaKebook should really have their head examined. Zuckerberg and his company win the creeper award every year.

 

[satchmo]

How can you be unaware if they’re paying you?

 

[LeadingHeat]

In a statement, a spokesperson for Zoom said that Zoom was unaware that the Facebook SDK was collecting unnecessary device data.

what? It’s not like Zoom is a small up and coming app. There’s no way that their team of developers did an oopsie and didn’t realize how intrusive Facebook is

 

[DJM1740]

“Zoom takes its users' privacy extremely seriously.”

Every time a developer gets caught sharing data they shouldn’t, they always lead off their apology with this. To which I say, well, no you don’t or else we wouldn’t be having this conversation.

 

[Romeo_Nightfall]

A software offering Facebook login is crap! No serious business developer would use that.
Is if a bank uses a darknet api!

 

[DinkThifferent]

I'd never consider using Facebook credentials for anything.

Only to login to facebook and to finally delete ones account

 

[stylinexpat]

This means that Zoom was dishonest and had a backdoor open for spying to Facebook which they let slide until they got caught. Not an app I will download and use. Not trustworthy any more

 

[Marx55]

Zoom is the best videoconferencing tool available, hands down. It allows even to save PowerPoint (or whatever) presentations with audio and laser pointer as movies with a surprising small size. And now is free during the coronavirus pandemic for academic institutions like schools and universities.

 

[stylinexpat]

People like you deserve immense success.

Need more app developers like you around.

 

[fairuz]

How can you be unaware if they’re paying you?

They're not. You add the Facebook SDK to get login, Facebook starts collecting metrics. Facebook hides that in fine print, so I'd not be surprised if they really didn't know.

Visiting most websites will give Google Analytics way more info, MacRumors included (pic related). This and Facebook passively collecting info about me are very low on my list of things to worry about. I think more about how I can limit what I expose in the first place, like not putting a real face on FB or not installing Google Nest (aka mics) anything anywhere.

 

[Westside guy]

Wow, glad I was sitting down when I read this story.

Facebook must pay their people really, really well - otherwise no one could stomach working for them.

 

[fairuz]

A software offering Facebook login is crap! No serious business developer would use that.
Is if a bank uses a darknet api!

Then maybe everyone else should get their act together. Zoom is the first video chat app I've ever used that works reliably. College students are the best indicators when it comes to this stuff, and they consider anything that's not Zoom second-class now, just like they did with all non-Venmo payment methods. Hangouts? Forget it.

 

[vmistery]

User ignorance I get, but how does a developer not understand that Facebook is going to be Facebook (offer something "free" and take data)?

Unfortunately a lot of developers are looking for development speed over absolutely everything else, privacy included. I work closely with a lot of developers and you’d be amazed at some of their practices (no use of minimum privilege, poor key management hygiene, poor password complexity and leaving them in repos, using code from the internet then not even reviewing to ensure it’s sane etc etc). Just to say this is some and not all, mostly juniors or ones without a computer science background who often are not even aware what they’re doing isn’t ideal.

On the subject of Zoom, they have never exactly had a great relationship with privacy or security. My rule of thumb is if it’s free then you’re the product.

 

[NightFox]

I'm wishing "Sign in with Apple" was more prevalent, I've only seen it on a couple of websites so far compared to the Google/FB options which are everywhere (and neither of which I want to use).

 

[Westside guy]

BTW I like the release notes for this update - “Improvements to Facebook login”.
[automerge]1585385724[/automerge]

On the subject of Zoom, they have never exactly had a great relationship with privacy or security. My rule of thumb is if it’s free then you’re the product.

Zoom isn‘t free - they’re collecting great gobs of money from customers for their service right now. Like many companies they do offer a limited free tier, but that’s not remotely the same thing as, say, Gmail or Facebook.

Zoom’s academic offerings are both HIPAA and FERPA compliant, so they’re certainly not selling that information.