At least two US states have opened an investigation into the video app called Zoom due to the various security problems it has presented in recent weeks. Furthermore, several other states already consider a similar option, even though they did not formally open anything at this first moment.
Zoom has become immensely popular due to the advancement of the new coronavirus (SARS-CoV-2) around the world, classified since March 11, as a “global pandemic” by the World Health Organization (WHO). Because of the growing volume of infected people, several companies in the world have joined remote work (home office), depending on virtual communication tools to hold meetings at a distance. Zoom acquired prominence within this context, but with the popularity also came the exposure of several security and privacy problems.
“We are concerned about the [volume] of incidents involving ‘Zoom-bombing’ and we are seeking more information with the company about its security and privacy measures, in coordination with prosecutors in other states“, the attorney general told POLITICO from Connecticut, William Tong. The lawyer did not specify “which” states are these.
However, during his research, POLITICO contacted several states and their respective public prosecutor’s departments, obtaining confirmation that the state of Florida is also part of this collective effort, according to a spokesman for Attorney General Ashley Moody. The state became involved in the case after a virtual meeting held via Zoom by students at the University of Florida was hacked by hackers, who shared racist, swastika and pornography messages on March 31, 2020.
Commenting on the situation, a spokesman for Zoom brought the case to a more positive view: “We appreciate all the feedback we received from these problems, coming from several elected officials [of justice] and look forward to working with them.”
Zoom’s security concerns took on legal proportions after a report by The New York Times forced the state attorney general’s office to question the company about its measures to ensure the protection of its users against the new and increased volume of its base. . Last week, POLITICO also confirmed the request for further explanations from New York to the company.
Returning to Connecticut, Senator Richard Blumenthal (Democratic Party), one of the most committed politicians on privacy issues in the US and elected by the state, demanded that Zoom reveal exactly what data it collects from its users. To the website The Intercept, in the last week, the company behind the application said that it promotes “safe” data collection from users, that is, it monitors and stores only information that lead to the improvement of the application, such as IP address, system operating system etc., but that information of a personal nature or pertinent to the content of the meetings is inaccessible to its employees.
Zoom Technologies CEO Eric Yuan said last week that the company would halt the launch of new features to address the many security issues discovered. Since then, one of the measures adopted by the company – and the only one publicly disclosed – has been the requirement for passwords to connect to any video call made in the application. Previously, this was determined by the preference of the meeting presenter and many ended up organizing videos without this feature.