After a long day of awkward virtual meetings and scrolling through increasingly apocalyptic headlines, hanging out with friends on a Zoom call might be the closest thing to normalcy you’ll get all week. But using your company account to circumvent the 40-minute time limit on free calls is a pretty bad idea—just not for the reasons you’d think.
Like every web application that runs ads, Zoom passes some user data to third-party apps for advertising purposes, although they technically don’t “sell” it. The real privacy issue with Zoom isn’t third-party apps or even the software itself, but whoever holds admin privileges in any given organisation. Their powers are simply too great to be trusted.
You might already know about some of the dumber Zoom privacy quirks, like how easy it is for jerks to gate-crash public meetings (very, very easy) and how private side chats actually are (not at all). The Electronic Frontier Foundation, a nonprofit organisation dedicated to digital privacy, also takes serious issue with how much information Zoom admins can access on meeting participants. According to the EFF’s guide to remote conferencing tools, all of the following is accessible via Zoom’s reporting and/or dashboard tools:
Operating system, IP address, and location of each device in use, including the make and model of any external cameras or microphones
Real-time usage data for all users on all calls—who is using the software, where they’re using it, and for how long
The full contents of all recorded calls, including chat logs, transcripts, and other analytic information
Keep in mind that admins can run reports on everyone in a call—even accounts that aren’t affiliated with the host organisation.
Some of the creepier admin tools—like the setting that tracks whether participants are actually looking at the meeting window, or the one that lets hosts identify guest accounts—are off by default, but easily enabled. From an off-hours group chat perspective, it gets worse: Owners (and some admins, depending on their privileges) can drop into any meeting on their account at any time, without prior consent from the other participants. Yep, whoever runs your company’s Zoom instance can crash your happy hour if they feel so inclined. They almost definitely have more important things to do than spy on their colleagues’ friends or drop into random calls unannounced—but that doesn’t change the fact that it’s well within their power to do so.
The question isn’t if Zoom collects information your buddies might prefer not to share with your employer—it definitely does—but whether you trust your company’s Zoom admins not to go digging for it. If not, create an account with your personal email and host calls yourself. Group chats are capped to 40 minutes on the free tier, but you can just restart them. If that’s too much of a hassle, splitting a $US15 ($25) monthly subscription fee with the group chat might be worth it, at least for the time being. And, of course, keep in mind that Zoom is far from your only option for socialising during quarantine. There are other apps out there that work just as well, and won’t let your boss crash the party.