Comprehensive software reviews to make better IT decisions
University Researchers Use AI to Highlight Zoom’s Privacy Risks
University researchers used artificial intelligence (AI) in an experiment to determine the extent of privacy risks associated with using the popular web conferencing tool Zoom. Publicly available data scraped from a number of social networks was cross-referenced as part of this research.
Online technology publication VentureBeat recently published an article that highlights research conducted by Ben-Gurion University on Zoom privacy. The research includes the use of public screenshots of video meetings analyzed along with publicly accessible content curated from Instagram and Twitter using simple searches on keywords and hashtags.
The process made use of over 15,700 publicly available meeting screenshots processed through Microsoft Azure Face API, allowing researchers to differentiate 1,153 unique faces from the 140,000 rendered. Researchers were then able to determine the gender and age of each face and further cross-reference that data with text recognition to extract 85,000 usernames. They were further able to cross-reference their findings against public social network accounts to determine identities and other personal information.
Source: SoftwareReviews Product Scorecard. Accessed July 22, 2020.
The research goes on to recommend privacy risk mitigation techniques, such using pseudo-names, hiding backgrounds, and implementing video filters that can foil facial recognition software. The full research paper can be viewed here:Zooming Into Video Conferencing Privacy and Security Threats.
What the Ben-Gurion University research really underscores is a privacy concern that exists across all publicly accessible platforms and the ease of uncovering information about an individual with a bit of effort and the use of mainstream technology. If nothing else is taken from this learning, everyone needs to begin verifying the privacy settings of their accounts on all social media networks!
To be fair to Zoom, the privacy risk highlighted in the VentureBeat article and the research paper are not due to shortcomings in the Zoom product itself but rather to human behaviors in the use of the product, such as posting screenshots or cell phone camera pictures of Zoom meeting sessions. The Ben-Gurion research acknowledges that this is a limitation of the research but does not explicitly note that the breach of privacy is a human factor.
The privacy concern is internet-wide. The Ben-Gurion research uses information from social network accounts whose content is publicly accessible to extract the additional information to correlate against its face and text detection findings. Social network providers do not do enough to alert users to the public nature of their posts; in many cases, the default setting is “public” and it is up to the user to remember to set their settings to “private” or “friends only.” Today’s social networks provide options to opt out of marketing settings that govern the sharing of information and privacy settings that switch the default privacy of new posts. Unfortunately, users remain unaware of this and assume that the default settings are secure, which allows the social network and external parties to prey on their ignorance.
The use of social networks to gain access to people’s identities is becoming more prevalent in today’s connected world. One recent example of this is the legally ambiguous use of social networks by a federal agency to identify individuals for arrest.
Users must consider two key actions to take in order to safeguard their personal profiles:
- Do not post pictures or screenshots of your web conferencing meetings. No measure of privacy protection technology will guard against this type of circumvention.
- Carefully review the privacy settings of all social media accounts. Some social networks allow you review your profile using a “View As” function, where you view your profile as a member of the public. Failing that, assume that your profile is public to the world and take appropriate precautions.
Info-Tech Research Group is staying on top of these developments. Watch this space for more updates!
Want to Know More?
On October 8, 2021, BlueJeans by Verizon announced their “Next-Generation BlueJeans” suite and partnership with Google Glass. The Next-Generation suite ties BlueJeans Meetings to two new products: BlueJeans Spaces and BlueJeans Collab Board.
On June 3, 2021, BlueJeans provided an update on its product direction for 2H 2021. BlueJeans is now fully integrated with Verizon One, completing Verizon’s full UCaaS solution.
On May 21, 2021, Cisco briefed on Webex’s security features. This not only included information about the type of administration control for end users when using Webex from any device, but also Cisco’s certifications and compliances more broadly.
This note outlines Info-Tech’s Three C’s of Enterprise Collaboration framework to help buyers effectively navigate the collaboration software marketspace.
With a return to the office looking ever more feasible, organizations need to consider what role web conferencing solutions will play moving forward. This note outlines three trends organizations should be aware of as we move into 2022.
On March 11, 2021, Verizon provided updates to BlueJeans’ product vision and direction for FY2021. BlueJeans experienced dramatic adoption in 2020, particularly for webinars and events, and seeks to offer advanced breakout room features in the future.
On February 24-25, 2021, Zoho held its annual ZohoDay – a conference aimed at communicating the state of the business and product roadmaps. The event coincided with Zoho’s 25th year as a company, testament to Zoho’s long-term business approach: grow organically, have zero debt, zero external investments, remain cashflow positive, and plow cashflow back into the business and customers.
On October 29, 2020, Verizon briefed on BlueJeans’ product vision and direction. This note outlines the new and upcoming features that users can expect from BlueJeans for the rest of 2020 and into 2021. However, with the table stakes margin for features rapidly increasing in the web conferencing marketspace, BlueJeans’ new features are less a way to stand out from the crowd and more as a necessity to keep up.
On November 5, 2020, Cisco briefed on its upcoming virtual legislative session tool Webex Legislate. With a range of features that governing bodies around the globe have desired throughout the extent of the pandemic, Webex Legislate surely becomes the must-have tool for conducting virtual and hybrid sessions – especially if an agency is already leveraging Cisco products.