Review date: Sept. 8, 2021


Mozilla says

People voted: Somewhat creepy

Zoom’s popularity went from 0 to 60 at the start of the coronavirus pandemic in 2020. Its daily meeting participants grew from 10 million to over 300 million in just a few months. With so many more people working, schooling, and socializing from home, Zoom became a favorite video call app for many because of its high video quality, call recording, and ease of use. With Zoom’s rapid growth came a number of growing pains. Like the phenomena known as Zoombombing, when strangers, often with bad intent, invade video calls and cause problems. Full disclosure, here at Mozilla we use Zoom and have worked closely with the company to get its privacy and security features right for us.

What could happen if something goes wrong?

Zoom’s privacy and security problems since 2020 are well documented -- not being completely honest about it being fully end-to-end encrypted, security flaws the company failed to disclose, zoomboomings that included abuse and hate speech, over 500,000 users accounts up for sale on the dark web, a lawsuit filed because Facebook was allegedly allowed to "eavesdrop" on Zoom users' personal data. The list of failures and vulnerabilities is long. So, have they gotten better? Zoom has acknowledged their mistakes and appears to be invested in fixing them, for the most part. As of July 2021, end-to-end encryption is in technical preview. Because it disables several features. Zoom recommends using end-to-end encryption only for meetings where additional protection is needed. And Zoom says it does not sell personal information. Zoom does share personal information with third-parties for advertising and other purposes. This sharing of data is fairly common with many similar video call apps we reviewed like Microsoft Teams and Cisco Webex doing the same thing. All in all, Zoom is an OK video call app for most purposes. Still, given Zoom’s many very public missteps over the past couple of years, we really hope they keep working to get better at both privacy and security.

mobile Privacy warning Security A.I.

Can it snoop on me? information


Device: N/A

App: Yes


Device: N/A

App: Yes

Tracks location

Device: N/A

App: No

What can be used to sign up?

Optional Facebook sign up is available.

What data does the company collect?

How does the company use this data?

Zoom claims that it does not sell any personal information. Zoom provides personal data to third parties, including third-party marketing and advertising (subject to prior consent where required under applicable law). These third-party partners may receive information about your activities on Zoom’s website through third-party cookies placed on Zoom’s website. Zoom may also share personal data with actual or prospective acquirers, their representatives and other relevant participants during any negotiation of sales, merger, or similar. Therefore, the data collected now could potentially be transferred to the other entity with different practices, without prior consent. Zoom collects user consent for tracking cookies on its web page and app.

How can you control your data?

The company mentions clear criteria to define retention periods, promises to not store data for longer than needed to offer services or as required by law. Hosts of Zoom calls can password-protect saved calls, password-protect meetings, lock a meeting to prevent new participants, turn on/off enter and exit chimes, mute participants on the call and even remove participants from the call. All Zoom participants have the ability to annotate the video of a call, but only hosts can clear all annotations and disable annotation for everyone. In the paid version, Zoom hosts are able to record meetings, with the option of saving the recording locally to their hard drive or remotely to Zoom's cloud.

What is the company’s known track record of protecting users’ data?

Needs Improvement

In April 2020, over 500,000 Zoom accounts' details were discovered on the dark web. In July 2021, Zoom agreed to settle a class-action US privacy lawsuit for $US85 million. The lawsuit claimed Zoom breached the privacy of millions of users by sharing personal data with Facebook, Google and LinkedIn. Zoom denied any wrongdoing but did agree to improve its security practices.

Can this product be used offline?


User-friendly privacy information?


After June 2021, Zoom updated its privacy policy, to make its language and navigation simpler. Now the privacy policy is formulated in a way of Question + Answer with links to the key points, like data retention rights, processing data of underage users, contact information, regional regulations, etc.

Links to privacy information

Does this product meet our Minimum Security Standards? information




As of July 2021, end-to-end encryption is in technical preview and disables several other features. Zoom recommends using end-to-end encryption only for meetings where additional protection is needed.

Strong password


Zoom requires a strong password to sign in. For an extra layer of security, Zoom meetings can also be password protected.

Security updates


Updates and bug fixes are released multiple times a month.

Manages vulnerabilities


Zoom has a program in place to handle security vulnerabilities.

Privacy policy


Easily accessible privacy policy, formulated in a way of Question + Answer

Does the product use AI? information


Zoom uses AI to auto-generate transcripts.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?


Does the user have control over the AI features?

Can’t Determine


Forget Zoom: Use these private video-chatting tools, instead
Here are three Zoom alternatives to consider for video conferencing and online meetings.
Tips to Make Your Zoom Gatherings More Private
While some privacy concerns relate to platform vulnerabilities, others are related to host and participant settings, so here are steps you can take – both as a host and a participant – to help protect your own privacy as well as that of others.
Zoom: Here’s When To Use It, And When You Should Avoid It
Before the COVID-19 crisis sent much of the world into lockdown a few weeks ago, a lot of people hadn’t even heard of video conferencing app Zoom. How things can change when you’re stuck at home–now, so many people have used Zoom, and everyone seems to have a strong opinion about it.
Zoom: Two new security exploits uncovered
Here's a timeline of every security issue uncovered in the video chat app.
Zoom privacy and security issues: Here's everything that's wrong (so far)
Tom's Guide
More than a dozen security and privacy problems have been found in Zoom recently. Here's an updated list.
Zoom will soon let you report meeting participants to help bust Zoombombers
The Verge
Zoom is adding a way for hosts to report meeting participants, according to the app’s release notes published on April 19th (via PC Mag). In theory, that could help the company track down trolls that take over Zoom calls and share inappropriate material, a practice more colloquially known as “Zoombombing.”
Zoom Updates User Privacy, Security on Its Videoconferencing Platform
Consumer Reports
Enhanced password protections and meeting controls are aimed at preventing Zoombombing
Zoom releases 5.0 update with security and privacy improvements
The Verge
Zoom promised a 90-day feature freeze to fix privacy and security issues, and the company is delivering on some of those promises. A new Zoom 5.0 update is rolling out this week that’s designed to address some of the many complaints that Zoom has faced in recent weeks. With this new update, there’s now a security icon that groups together a number of Zoom’s security features. You can use it to quickly lock meetings, remove participants, and restrict screen sharing and chatting in meetings.
Your Zoom videos could live on in the cloud even after you delete them
If you clicked Record to Cloud during a Zoom meeting, you might have assumed Zoom and the cloud storage provider would have password-protected your video by default once it was uploaded. And if you deleted that video from your Zoom account, you might have assumed it was gone for good. But in the latest example of the security and privacy woes that continue to plague Zoom, a security researcher found a vulnerability that turned those assumptions on their heads.
Hackers leak Zoom accounts’ usernames, passwords, full names and email addresses
Security Newspaper
A group of researchers from the cyber security course has published a report detailing how Zoom has become an ideal platform for online scammers, who have managed to extract login credentials from more than 350 verified accounts. This information is available on some hacker forums hosted on dark web.
Zoom is Leaking Peoples' Email Addresses and Photos to Strangers
Popular video-conferencing Zoom is leaking personal information of at least thousands of users, including their email address and photo, and giving strangers the ability to attempt to start a video call with them through Zoom.
What Can You Tell me About Zoom?
Zoom’s popularity has taken off – just seven weeks into 2020, the company has seen more user growth than in all of 2019. Here at Mozilla, we’ve been using Zoom for nearly a year at enterprise level. It allows our colleagues around the globe to connect with each other using high quality video and audio. When we were reviewing Zoom as a potential vendor, we asked a lot of questions about the platform’s privacy and security protections, and we think it is good consumers are asking these types of questions now. In our opinion, Zoom has done a solid job of responding to the questions, concerns, and interest that have come fast and furious in a short amount of time.
Zoom settles US privacy lawsuit for $US85 million
Zoom, the video conferencing company, has agreed to settle a class-action US privacy lawsuit for $US85 million ($115 Million).
Over 500,000 Zoom accounts sold on hacker forums, the dark web
Bleeping Computer
Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
Zoom to pay $85M for lying about encryption and sending data to Facebook and Google
Ars Technica
Zoom has agreed to pay $85 million to settle claims that it lied about offering end-to-end encryption and gave user data to Facebook and Google without the consent of users. The settlement between Zoom and the filers of a class-action lawsuit also covers security problems that led to rampant "Zoombombings."
How Your Boss Can Use Your Remote-Work Tools to Spy on You
In the past, we’ve covered the dos and don’ts of using your work computer for personal business (in short: don’t). But as companies expand their use of remote-work software, there are increasing concerns about what kinds of data bosses can access through such tools. Some of these fears are overblown. But depending on the software your company uses and the type of work you do, some of your activity could be exposed. And privacy concerns aren’t the only worry, as employers are also starting to use the data extracted from these tools to gauge productivity.


Got a comment? Let us hear it.