Sen. Michael BennetMichael Farrand BennetHillicon Valley: Coronavirus tracking sparks surveillance concerns | Target delivery workers plan Tuesday walkout | Federal agency expedites mail-in voting funds to states | YouTube cracks down on 5G conspiracy videos Why being connected really matters for students Democratic senator criticizes Zoom’s security and privacy policies MORE (D-Colo.) on Monday criticized video conferencing group Zoom for recent problems involving user privacy and security as people have increasingly flocked to the platform in the midst of the ongoing coronavirus pandemic.
In a letter to Zoom CEO Eric Yuan, Bennet pointed to a report from The Washington Post last week that thousands of recorded Zoom meetings were left exposed online for anyone to watch, along with consistent privacy issues involved in Zoom sharing user data with third parties.
“These revelations have forced technical and policy responses from the company, from strengthening password protection to expanding the ‘waiting room’ feature to block unauthorized participants,” Bennet wrote. “In case after case, these issues consistently stem from Zoom’s deliberate decision to emphasize ease of use over user privacy and safety.”
Yuan announced last week that Zoom had seen a major spike in daily users, with the company reporting an average of 200 million daily users in March versus 10 million in December due to the coronavirus pandemic forcing both work and social meetings to move online.
While the company’s stock has skyrocketed, Zoom hit multiple roadblocks last week as new cyber and other security vulnerabilities came to light, including those that allowed a “Zoom bombing” phenomenon to take place. These incidents involve individuals accessing and disrupting ongoing meetings through screaming or writing offensive language.
The Zoom bombings escalated to the point that the FBI recently issued a warning specifically around interruptions to classes and work meetings held through Zoom.
A class-action lawsuit was also filed by a Zoom user last week, citing concerns around the company allegedly sharing data with Facebook and other third-party groups without user consent.
Bennet cited these incidents in closely questioning Yuan around the company’s data-sharing practices, steps the company is taking to shore up user privacy and which third parties the company sent data to.
Bennet asked that Yuan respond to his questions by April 15.
A spokesperson for Zoom told The Hill that “Zoom is working around-the-clock to ensure that universities, schools, and other businesses around the world can stay connected and operational during this pandemic, and we take user privacy, security, and trust extremely seriously. We appreciate Senator Bennet’s engagement on these issues and look forward to discussing with his office.”
Zoom has taken steps to address its privacy and security vulnerabilities over the past week, including updating the company’s privacy policies and enabling passwords on all meetings.
Bennet is not the first member of Congress to question Zoom around the recent incidents.
Sen. Richard Blumenthal (D-Conn.) sent a letter to the company last week stressing that Americans who are using Zoom to connect with others “should not have to add privacy and cybersecurity fears to their ever-growing list of worries.”
Rep. Jerry McNerneyGerlad (Jerry) Mark McNerneyDemocratic senator criticizes Zoom’s security and privacy policies Thousands of Zoom meeting recordings exposed online: report Top US providers pledge to help maintain Internet access during coronavirus outbreak MORE (D-Calif.) and a group of almost two dozen other House Democrats sent a separate letter to Zoom late last week expressing concerns around data protection, while multiple secretaries of state across the U.S. are also looking into the company.
-Updated at 2:55 p.m. to include a statement from Zoom.
Is your business effected by a COVID-19 / Coronavirus related Cyber Crime?
If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.
Digitpol is available 24/7.
UK +44 20 8089 9944