Downloaded millions of times around the world, these two video conferencing applications have been extremely successful due to containment. It also highlighted problems with the management of users' personal data.
With the containment imposed in many countries due to the coronavirus pandemic, the use of communication applications is exploding. The Zoom and Houseparty applications benefited from this enthusiasm. If these two American applications allow telecommuting or aperitifs with friends, they are also singled out for their use of personal data. Unclear confidentiality policies, general data protection regulations (GDPR) not respected, conversations not encrypted … The True False Unit of Franceinfo explains to you.
On March 26, Motherboard, one of the reference sites of the American tech press, reveals that Zoom, on its version for iPhone, sent data to Facebook on its users, even if they were not registered on the platform . This information related to the phone model used, the time zone or the IP address. An unsurprising practice. “The principle is to recover data to make corrections”, explains Jean-Marc Bourguignon to franceinfo. The technical director of Noting2Hide, an association that offers tools to citizens to protect their personal information, explains that the fact of passing up these so-called data “telemetry” is legal. . Among other things, this process “to improve the software”, or to make updates.
If you are a company for example and you intend to exchange secret information know that Houseparty and Zoom can access your conversations.at franceinfo
Accessing communications is annoying because “there is a principle of secrecy of communications”, explains Suzanne Vergnolle to franceinfo. However, the doctoral student in law at Paris II Panthéon-Assas University and specialist in the protection of personal data recalls that from the moment the user accepts the conditions of the service in full awareness, the latter has fulfilled his obligation to 'information. Despite this, several questions arise, according to Suzanne Vergnolle, regarding the use made of the content of the conversations, in particular in terms of intellectual property protection.
Cyber security research firm Check Point Research has revealed another flaw in the Zoom platform. It allows people to invite themselves to meetings to broadcast pornographic images, to utter racist insults or simply to listen to conversations. The FBI office in Boston also said on Monday March 30 in a statement “have received several reports of teleconferences disrupted by pornographic or hateful images and threatening language”. This happens when a video conference room has not been set up with a password. Again, Zoom has announced that it has corrected the problem.
The application downloaded 115,000 times in France during the week of March 16 has also been criticized for its “attendee attention tracking” tools, for “attention indicator” in French. This feature allows the host of a meeting to know the behavior of his guests, in particular to know if they change windows to go to a site other than that of the meeting for example. According to Zoom, which is justified on its website, this functionality is intended so that teachers can keep an eye on the attention of their students.
If a French internet user believes that their data is not being used in accordance with the GDPR, they can appeal to the National Commission for Data Protection (Cnil). It is also possible to ask the company to exercise a right of erasure.