Experts urge privacy caution when using Zoom

With the University’s heavy reliance on Zoom, experts say more online classes could jeopardize student information

ASU is planning to hold in-person classes in the fall, but health experts say the reliance on a vaccine and nationwide decrease in cases needed to make the decision final is "a bit of a bridge too far." 

When classes do start, they may look different, with more hybrid courses and fewer students attending in-person. Whatever schools decide, technology, digital privacy and software professors and professionals say using Zoom as a platform for learning could be problematic.

Zoom, an online conference call application, allows large groups of people to attend presentations and meetings from all over the world as long as they have an internet connection. 

Students at the end of the spring semester used the platform to attend lectures and meetings and should expect to do so during the summer semester. 

READ MORE: Most ASU summer session B classes to be held remotely

"I think students tend to consider Zoom as safe software because it is officially provided by a University and professor," said Jaejong Baek, a postdoctoral researcher in the School of Computing, Informatics, and Decision Systems Engineering. "However, it is easily overlooked how their private information they consented is collected and processed." 

The University Technology Office set up a website with resources for students using the technology. It links to a guide for teaching with Zoom, learning with Zoom and more instructions on how to download and run the program on all computer operating systems. 

READ MORE: Zoom to launch new research and development center near ASU

A page addresses privacy concerns surrounding the company, letting students and faculty know "all enterprise software companies have the need to continually respond to new, creative ways researchers find to expose issues found with their products."

Among these issues, since millions have transitioned to remote work and school, are wrongful data sharing and less than ideal processes to download and open the program. A malware expert pointed out how installing the program takes over user privileges of operating systems. 

In addition, the platform was reportedly sending data to Facebook and had trouble rerouting encryption when numerous users reported strangers had joined their calls leaving threatening and confusing messages in the chat room and screen sharing inappropriate videos. 

"To mitigate security and privacy risk users should be careful about invitations to Zoom meetings from strangers, or from Zoom-like accounts that look suspicious," said Karen Gullo, senior media relations specialist at the Electronic Frontier Foundation, a nonprofit civil liberties organization based in San Francisco, in an email statement.

"We still don't know to what extent Zoom shares user information with other third parties," Gullo said in the email. 

Baek said while the transition to using software like Zoom was necessary, he believes the University should take a step back to read privacy policies, update their approach to the future of remote learning and recognize the changing environment with COVID-19 before returning to full-time reliance and use of the program.

"It is necessary for school authorities and professors to actively inform students of information protection and privacy issues and encourage them to take appropriate measures," Baek said.

READ MORE: Professors find unique challenges, solutions to online learning transition

Dan Gilmor, a professor of practice at the Cronkite School and adviser to the News Co/Lab, a program working to advance media literacy and create technology to aid in transparency, said people have always been indifferent to privacy. 

Educational products and technology systems do adhere to their own safety measure, Gilmor said, but added they should take as many steps as necessary to preserve as much personal information as they can. 

"This isn't just about Zoom though," Gilmor said. "This is about a whole genre of technology the public needs to understand."

Democratic senators asked the Federal Trade Commission and Department of Education at the end of March to jointly issue formal guidance to education technology companies to protect students and their families as they navigate privacy policies, a history of data breaches and improper disclosure of personal data.

They write how "student privacy must not fall by the wayside as the current pandemic moves learning from the classroom to online offerings at home."

Zoom's privacy policy confirms to users who read it that the company does not sell personal data, monitor meetings or use personal information for advertising. 

READ MORE: Smaller in-person classes, hybrid courses possible for ASU come Fall 2020

The privacy policy protects mainly K-12 students who are minors, clarifying and reaffirming their compliance with both the Family Educational Rights and Privacy Act and the Children's Online Privacy Protection Act

On March 29, the company updated its privacy policy attempting to address all of the issues the company was having. 

Instead, experts like Doc Searls, author and fellow at the Center for Information Technology and Society at the University of California: Santa Barbara, wrote how "Zoom is in a position to gather plenty of personal data, some of it very intimate (for example with a shrink talking to a patient) without anyone in the conversation knowing about it." 

Zoom gives hosts the power to monitor and access information like IP addresses, location data and chats during meetings.

Gilmor said the fault is not of schools or the software itself. He said users should take precautions themselves to protect their information.

Editor's Note: This story was updated on Friday, May 15 at 3:50 p.m. to better clarify the information on ASU's Zoom wesbite. 


Reach the reporter at pjhanse1@asu.edu and follow @piperjhansen on Twitter.

Like The State Press on Facebook and follow @statepress on Twitter.


Get the best of State Press delivered straight to your inbox.


×

Notice

This website uses cookies to make your expierence better and easier. By using this website you consent to our use of cookies. For more information, please see our Cookie Policy.