The videoconferencing app Zoom has seen a sudden, massive rise in its popularity since one-third of the world went under some form of lockdown in the past several weeks. But what should be a bonanza for the company has turned into such a security nightmare for users, as AVN.com has reported, so much so that at least one senator felt compelled to pen a letter to CEO Eric Yuan demanding answers.
Whether Yuan has yet responded to Connecticut Democrat Richard Blumenthal’s letter last week is unclear, but the 50-year-old billionaire did issue a mea culpa of sorts to The Wall Street Journal.
Since Zoom jumped from 10 million daily users to 200 million thanks to the coronavirus lockdown, in which video chats offer a quick, safe, albeit virtual method of face-to-face communication, reports of “Zoombombing” incidents have become widespread and frequent.
That’s when an uninivited guest infiltrates a Zoom teleconference and starts streaming unsolicited porn, or in some cases racist images and other forms of hate material. To pull off a “Zoombomb” does not even take much technical skill. All it requires is access to the video chat’s host URL, and a host who has not bothered to password-protect the session.
In addition to the Zoombombing issue, what the company did with user data remains rather murky. Blumenthal in his letter to Yuan also demanded answers regarding how the company utilized that data, and to whom it sold the information. According to one report by the tech site Tom’s Guide, Zoom’s policies “until recently seemed to give Zoom the right to do whatever it saw fit with any user's personal data.”
Last week, an individual in California sued Zoom, alleging that the company shipped private data on users to Facebook, even if those users did not have Facebook accounts. New York Attorney General Letitia James has also asked Zoom to reveal how it handles private user data.
But Yuan is now promising that Zoom will take steps to become “a privacy-and security-first company.”
“I really messed up as CEO,” Yuan told The Journal, saying that he now feels “an obligation to win the users’ trust back.”
Yuan said he and his software engineers will spend the next 90 days in an attempt to fix the security issues. Exactly what steps they will be taking also remained unclear, but Yuan also promised a “transparency report” containing “ information related to requests for data, records, or content.”
Photo By Raysonho @ Open Grid Scheduler / Scalable Grid Engine / Wikimedia Commons