Connect with us

Business

Zoom’s Sudden Popularity Draws Attention to App’s Privacy Risks

Published

on

  • As more and more people use Zoom for virtual gatherings, several have raised concerns about privacy issues in the app.
  • One issue is that meeting hosts have the ability to save meetings to a cloud and monitor some behavior of attendees.
  • Many using the app have also experienced “zoombombers,” which are trolls making their way into calls, showing graphic and explicit content. 
  • Zoom has responded to one major criticism: its ability to share data with Facebook. Vice’s Motherboard found that the app could do so on Thursday and by Friday, Zoom got rid of that code.

Host Capabilities

As video chatting app Zoom increases in popularity while students and employees work from home, critics are afraid the app may have glaring privacy issues that users are unaware of. 

Zoom has become widely-used since millions of people across the country were forced inside because of the coronavirus. From meetings, to lectures to virtual boozy Sunday brunches, it has become the app of choice for video chatting in quarantine. Even Prime Minister Boris Johnson has used it to conduct government meetings in the U.K.

Calls on the app can be set up by a “host” who initiates scheduling the call, but many allege that these hosts are given too much power on Zoom. The app offers tools that, depending on the subscription tier-one belongs to, allow hosts to access what some may consider private information. 

One feature called “attention tracking” lets the host of a meeting see if an attendee does not have Zoom in focus for more than 30 seconds. This means that if an attendee is active in a window other than Zoom– to look at other documents, message a colleague, or watch the world collapse live on Twitter for 30 seconds– the host is made aware of this. They don’t see what the attendee is specifically doing, just that the Zoom window has become inactive. 

Still, the idea of this happening while you could be completely unaware has made a lot of people uneasy. Justin Brookman, director of privacy and technology policy at Consumer Reports  said this kind of feature should not exist. 

“If you’re teleworking on a home computer, your boss shouldn’t be able to monitor what’s on your screen,” he said in an article on Consumer Reports. “Zoom should get rid of attention tracking mode, or at the very least make participants aware when it’s on.” 

And this isn’t the only thing hosts can do that some see as potentially dangerous. There are several options that allow Zoom meetings to be recorded. One that some find particularly concerning is cloud recording, which is exclusively for paid subscribers and can only be done by hosts. It allows the video, audio, and a transcription of the meeting to be stored in the Zoom cloud. From there it can be accessed and downloaded by authorized employees at a company so that people who were not part of the meeting can read or watch it back. 

“Zoombombing”

Zoom’s issues extend past the powers a host has. There have also been reports about trolls being able to hack into Zoom meetings, something that has been called “zoombombing.” According to a report from TechCrunch, zoombombers are hopping into meetings and showing graphic content like pornography or violent imagery.

In one case, a public Zoom Work From Home Happy Hour was attacked with sexually explicit video and images. Despite the hosts’ many attempts to boot the zoombomber out of the meeting, they were able to re-enter under a new name. To stop this from happening, the hosts had to end the call.

That’s not the only time something like this has happened. NBC talked to a couple that read children’s books to kids stuck at home via Zoom. Ruha Benjamin, an associate professor of African American studies at Princeton University, was leading the call and told NBC that while she was reading to the kids, an image of a “chubby white man in a thong” popped up.

At first, she did not know if everyone could see it, but then a male voice began to repeatedly say the n-word for all 40 kids on the call to hear. She then had to shut the call down and told the outlet, “we knew it was a malicious, targeted thing. My husband and I are both African American.”

Virtual classrooms, religious services, and various other places have also been targets of this kind of harassment. Zoombombers have the ability to do this for a couple of reasons. First, if a Zoom call is public or if the link has been made public, anyone who wants to join can. Second, Zoom’s default settings allow anyone in a call to get screen time. A host does not need to grant an attendee access. Some of this can be changed in Zoom’s advanced settings if a user knows to look for it, but otherwise, this is the way the app will do things on its own.

Entrepreneur Alex Miller shared a Twitter thread giving tips on how to best protect your Zoom calls from hackings like this. 

You can disable the “join before host” feature so that no one can enter a chat and do something inappropriate without the host knowing. Zoom users can also add a co-host so that multiple people can remain on guard. Screen sharing can also be changed to host only.

On top of this, users can also disable file transfers and prevent removed people from joining the call again.

Info Sharing With Facebook

Zoom has also responded to another issue that was found within the app. A Thursday report from Vice’s Motherboard found that Zoom could send data to a company that is perhaps most well known for data privacy controversies: Facebook. This could happen even if you don’t even have a Facebook account.

One day after this report came out, Zoom removed the code that allowed this. According to Motherboard, Zoom would connect to Facebook’s Graph API, which is the main way developers get data in or out of Facebook. Zoom would then notify Facebook when a user opens the app and give details on the device they are doing so from, including the model, location, phone carrier, and a “unique advertiser identifier created by the user’s device which companies can use to target a user with advertisements.” Nothing in their privacy policy explicitly addressed this. 

When Zoom told Motherboard they were getting rid of this code, they explained that the issue had to do with their SDK, or software development kit, which is a bunch of code that can be used to implement app features, but can also send data to third parties.

“Zoom takes its users’ privacy extremely seriously,” they said in a statement to Motherboard. “We originally implemented the ‘Login with Facebook’ feature using the Facebook SDK in order to provide our users with another convenient way to access our platform. However, we were recently made aware that the Facebook SDK was collecting unnecessary device data.”

Zoom also confirmed that the information being collected was not personal user information, but device information, which lined up with Motherboard’s findings. 

See what others are saying: (The Guardian) (Forbes) (BBC)

Business

“Cyberpunk 2077” Developer Agrees To Settle Lawsuit for $1.85M

Published

on

If approved, CD Projekt Red would pay just a small fraction of the $316 million it reportedly spent developing the game.


CDPR Agrees To Settle

Game developer CD Projekt Red (CDPR) has agreed to settle a class-action lawsuit related to its buggy launch of “Cyberpunk 2077” for $1.85 million, The Verge reported Thursday.

The lawsuit itself is actually a conglomeration of four different suits brought by shareholders who alleged that they were misled about the company’s financial performance. Since the game’s release, CD Projekt Red’s share price has fallen 54%.

The settlement must now be approved in court, but overall, it appears to be a small amount compared to the game’s $316 million budget. In fact, the game reportedly made $563 million in sales and only spent around $2.2 million on a refund campaign, though the developer’s overall refund cost for 2020 could have been as much as $51 million.

“Perhaps the plaintiffs didn’t have much of a case?” The Verge writer Sean Hollister speculated on why “it sounds like the lead plaintiffs and their lawyers negotiated for a fairly tiny sum here in exchange for ‘relinquish[ing] any and all claims against the Company and members of its Management Board.’”

“As expressly stated in the Term Sheet, execution of the Term Sheet does not imply admission of any responsibility on the part of the Company or any of the other defendants named in the case,” the negotiated settlement reads.

“Cyberpunk’s” Botched Launch

“Cyberpunk” was first announced in 2012, and for years, it was the subject of widespread fan anticipation. Seven years later, a release date of April 16, 2020, was given; however, that date was pushed back several times much to the ire of fans, some of whom even sent CDPR staff death threats.

The game was ultimately released amid fan pressure on Dec. 10, 2020, but it was so riddled with glitches that Sony infamously pulled “Cyberpunk” from its Playstation Store a week later, offering full refunds to all players who had purchased a digital copy. In June this year, “Cyberpunk” finally made its way back onto the Playstation Store following multiple patches and hotfixes from CDPR.

Despite “Cyberpunk” surpassing a massive 8 million pre-orders before launch, Bloomberg reported last week that “Where analysts had originally expected Cyberpunk sales of 30 million units in the year after the game’s release, they now expect 17.3 million copies to have been sold in that time.”

In October, CDPR delayed planned next-gen updates for both “Cyberpunk” and “The Witcher 3” until the first and second quarters of 2022, respectively.

“Apologies for the extended wait, but we want to make it right,” the developer said.

See what others are saying: (The Verge) (Engadget) (Video Games Chronicle)

Continue Reading

Business

E.U. Court Rules That All Member Nations Must Recognize Same-Sex Parents

Published

on

The decision comes after a child named Sara was left without a country to call home because she had two mothers.


The Child With No Citizenship

The European Court of Justice, the European Union’s highest court, ruled Tuesday that all 27 of its member states must recognize same-sex parents and their children as a family.

The ruling stems from a case involving two women and their newborn daughter, whose status as a family originally varied between member nations. As a result, the couple’s daughter was left without citizenship in any country.

The two women, Bulgarian citizen Kalina Ivanova and Gibraltar-born British citizen Jane Jones, found themselves unable to take their newborn child Sara out of Spain after she was born in the country. Because Spain recognizes same-sex marriage, both Ivanova and Jones were registered as the girl’s legal mothers on her Spanish birth certificate.

However, under Spanish law, Sara was unable to gain citizenship in the country since neither of her parents were Spanish citizens. On top of that, she was denied British citizenship because Jones “was born in Gibraltar of British descent, and under the British Nationality Act (1981), [Jones] cannot transfer citizenship to her daughter,” the LGBTQ+ advocacy group ILGA-Europe said in a press release.

That left the couple with one other option: register Sara as a Bulgarian citizen. Still, the Bulgarian government refused to issue Sara a legally-recognized birth certificate, arguing that she is ineligible to have two mothers. Officially, Bulgaria does not recognize either same-sex marriages or same-sex registered partnerships. 

“Currently, the child has no personal documents and cannot leave Spain, the country of the family’s habitual residence,” lLGA-Europe said. “The lack of documents restrict Sara’s access to education, healthcare, and social security in Spain.”

EU Ruling

In its Tuesday decision, the European Court of Justice ruled that children in the EU have a legal right to freely move between countries given that such a right is afforded to all EU citizens. Because of this, all countries are now required to uniformly recognize the child’s parents, even if they are of the same sex. 

“That refusal could make it more difficult for a Bulgarian identity document to be issued and, therefore, hinder the child’s exercise of the right of free movement and thus full enjoyment of her rights as a Union citizen,” the court said

Despite some member states like Bulgaria not legally recognizing same-sex couples, the court stressed that its ruling “does not undermine the national identity or pose a threat to the public policy” of those nations.

That’s because while Bulgaria doesn’t have to issue its own birth certificate for Sara, it does have to recognize the Spanish birth certificate and issue its own identity card or passport for Sara.

“We are thrilled about the decision and cannot wait to get Sara her documentation and finally be able to see our families after more than two years,” Sara’s parents said according to the ILGA-Europe release. “It is important for us to be a family, not only in Spain but in any country in Europe and finally it might happen. This is a long-awaited step ahead for us but also a huge step for all LGBT families in Bulgaria and Europe.”

See what others are saying: (The Hill) (Insider) (Politico)

Continue Reading

Business

GoFundMe Campaign Raises $8,700 for Waitress Who Was Fired After Not Sharing $4,400 Tip With Co-Workers

Published

on

The waitress said this was the only time management had ever tried to force her to pool a tip in her three-and-a-half years working at the restaurant.


Waitress Gets Fired After Receiving Massive Tip

An Arkansas waitress has received over $8,700 in donations online after she was fired from her job for refusing to split her half of a $4,400 dollar tip with the rest of the restaurant’s crew.

That waitress, Ryan Brandt, told local Nexstar outlet KNWA last week that she and another server received the tip after waiting on a group of more than 40 people at the Oven & Tap restaurant in Bentonville.

“It was an incredible thing to do and to see her reaction was awesome, to see what that meant to her, the impact that it’s had on her life already,” Grant Wise, who was part of the party Brandt served, told the outlet.

According to KNWA, Wise called the restaurant before his large party arrived and asked about its tipping policy since they intentionally planned to donate $100 each as part of a way to thank restaurant workers. At the time of his call, Wise said he was told the money would go directly to his party’s servers. 

“We knew servers were really hit hard through COVID, and it was something that we had come up with to help give back,” Wise told KFSM.

The outcome, however, was much different. After receiving the tip, Brandt and the other server were allegedly told by a manager that they needed to pool the tip with the rest of the workers on duty. Brandt told KNWA she had never once been asked to pool her tips in her three-and-a-half years at the restaurant prior to this.

Complying meant Brant would take home just 20% of her half of the tip.

At some point before leaving, Brandt informed Wise that her tip would be pooled with the rest of the staff. Wise, who had intended the money to only go to his servers, then asked management to return his tip, which he gave to Brandt directly outside the restaurant. The following day, Brandt said she was fired over the phone.

“It was devastating,” Brandt told local outlets. “I borrowed a significant amount for student loans. Most of them were turned off because of the pandemic but they’re turning back on in January and that’s a harsh reality.”

Oven & Tap did not speak on Brandt’s firing in its initial statement. Instead, it only said, “After dining, this large group of guests requested that their gratuity be given to two particular servers. We fully honored their request. Out of respect for our highly valued team members, we do not discuss the details surrounding the termination of an employee.”

In a follow-up statement, Oven & Tap owners Mollie Mullis and Luke Wetzel said, “The server who was terminated several days after the group dined with us was not let go because she chose to keep the tip money.”

“We recognize and regret that a recent incident in our restaurant could have been handled differently by reminding our team how we would be splitting any tips prior to the event, however, our policy has always been to participate in a tip pool/share with the staff. Tip sharing is a common restaurant industry practice that we follow to ensure all of our team members are adequately compensated for their hard work.”

Oven & Tap has still not specifically commented on why it fired Brandt, but Brandt told KNWA she believes it’s because she violated company policy by telling Wise that his party’s tip was going to be pooled. 

Online Fundraising Campaigns for Brandt

After learning of Brandt’s firing, Wise created a GoFundMe, which ultimately raised $8,732 for Brandt.

“[Brandt] is, from what I can tell, a very kind woman that was working two jobs to get by through the pandemic,” he said in his initial post. “She has incredible aspirations to grow her own business and I can tell has a servants-heart.”

Wise provided an update Tuesday saying that instead of closing the GoFundMe, he will keep the campaign open to raise additional money to “pay it forward” to a future group of restaurant staff who will wait on his party.

In January, we are going to host another $100 Dinner Club and I have invited [Brandt] to be our ‘Guest of Honor’!” he said. “Any dollar amount raised over the $8,732 that has already been raised and is being paid out to [Brandt] will be given directly to the staff of the restaurant we decide to eat at.”

“We will be working to ensure through this that all staff in the restaurant are tipped so everyone feels blessed by our dinner.”

As of Tuesday morning, the GoFundMe page has raised over $9,100.

See what others are saying: (KNWA) (Insider) (KFSM)

Continue Reading