In response to recent reports concerning the cybersecurity of the videoconferencing platform Zoom, Democratic Senators Elizabeth Warren and Edward Markey sent a letter to Zoom Founder and CEO Eric Yuan urging him to investigate these incidents and prevent further breaches of security.
“We write to request more information on how Zoom Video Communications, Inc. (Zoom) is protecting the safety and privacy of students who use your service,” the senators wrote in their recent letter to Yuan. “As schools across the country have rapidly shifted to remote education due to the coronavirus disease 2019 pandemic, Zoom has seen a rapid increase in users, including teachers and children at more than 90,000 schools who are using the platform to continue instruction. The platform is fulfilling a critical need during the pandemic. But precisely because Zoom’s technology has become such an invaluable – and in many cases, required – tool for learning and keeping students connected to their school communities during this crisis, we are concerned by recent reports that the platform may not be adequately safeguarding users’ data and privacy.
“On March 30, 2020, the Federal Bureau of Investigation (FBI)’s Boston division warned that two high schools in Massachusetts have experienced hijackings of Zoom classes. In one incident, an unidentified individual entered the classroom and ‘yelled a profanity and then shouted the teacher’s home address in the middle of instruction,’ while in the other, an unidentified individual ‘was visible on the video camera and displayed swastika tattoos.’ These incidents follow other reports of ‘Zoom-bombing,’ in which intruders share pornographic images or racist and anti-Semitic slurs during Zoom meetings. While your website has shared some information with users about steps they can take to restrict meetings to authorized participants and prevent disruption, Zoom largely puts the onus on the user to manage the security of their classroom, adding an extra burden to teachers who are rapidly trying to shift instruction to an entirely new format and to parents who are juggling a multitude of new challenges at home. We urge you to take all possible actions to prevent these disturbing intrusions, including by publicly releasing an independent, comprehensive review of your cybersecurity and privacy practices, including any data sharing arrangements, modifying default settings, permanently banning users who engage in this harassment, and publicly reporting data on the frequency and nature of these incidents.”
The senators concluded their letter by requesting answers to a list of questions, including knowledge of previous breaches exposing student data, potential transactions to a third party for user data, and the number of incident reports that Zoom has received of intruders interrupting classrooms.
One day before the senators sent their letter to Yuan, reports announced that Google banned the popular videoconferencing software Zoom from its employees’ devices due to “security vulnerabilities.”