Video conferencing service Zoom on Friday issued an update for its iOS app, removing an SDK that sent users’ data to Facebook without their express consent.
Zoom for iOS was updated today to remove Facebook’s SDK.
Specifically, the app used Facebook’s SDK to integrate “Login with Facebook,” a feature that provides quick and easy sign-in capabilities. By including the SDK, however, Zoom automatically connected to and shared information with the Facebook Graph API, even if a user did not maintain Facebook account.
The company also failed to adequately inform users of its data sharing practices.
After the revelation was made public, Zoom on Friday removed Facebook’s SDK for “collecting unnecessary device data.”
“The data collected by the Facebook SDK did not include any personal user information, but rather included data about users’ devices such as the mobile OS type and version, the device time zone, device OS, device model and carrier, screen size, processor cores, and disk space,” Zoom said in a statement to Motherboard.
Zoom is “reconfiguring” the Facebook login feature to allow users to sign on with Facebook through a web browser. Users will need to download an updated version of Zoom’s iOS app in order for the changes to take effect.
“We sincerely apologize for this oversight, and remain firmly committed to the protection of our users’ data,” Zoom said in its statement.