Video conferencing application Zoom has become a frequently used application due to the coronavirus outbreak. Many companies have started using the app for video conferences and meetings with remote teams. Zoom uses Facebook software development kits (SDK) in its software, like many developers, and connects to the Facebook Graph API when the application is opened. Zoom sends data to Facebook, although it does not specify it in its privacy policy according to the network traffic analysis performed in the iOS application. Moreover, this data is shared even if the users do not have a Facebook account. Although the developers of Zoom have announced that they share the data with third party companies, they do not mention Facebook’s name in the comments. The data that Zoom’s iOS application shares with Facebook includes information such as which device the user is using, which operator is using, which city and time zone they are connected to. The data is also used to show user-specific ads. Facebook’s terms of use require application manufacturers to provide users with comprehensive and sufficient notification for data sharing. So developers need to make clear that they share data with Facebook. Zoom, however, does not specifically mention Facebook in its privacy policy. And that’s not the first security breach of Zoom. In 2019, a security researcher discovered a vulnerability in the Zoom app that caused the hijacking of users’ webcams.
