Daily Digest (4/7)

Zoom CEO Admits Flawed Encryption After Canadian Tests; Senators Question Apple’s Tim Cook on COVID-19 App’s Privacy; Feds Ready to Tap Many Laws to Get Data in Pandemic. Click below to read.

Zoom CEO Admits Flawed Encryption After Canadian Tests

Zoom CEO Eric Yuan admitted that the company’s encryption on its beleaguered teleconferencing app was substandard after Canadian researchers deemed it woefully sufficient for sharing secrets or for government or business use.

“We recognize that we can do better with our encryption design,” Yuan said Monday, ZDNet reports. “Due to the unique needs of our platform, our goal is to utilize encryption best practices to provide maximum security, while also covering the large range of use cases that we support.”

Citizen Lab, a research group at the University of Toronto, found that Zoom’s platform included encryption protocols that were “well-understood to be a bad idea” and discovered a “serious security issue” in the app’s waiting room service, ZDNet reports.

The researchers, who told Zoom of the security flaw, suggested that users avoid the feature and use passwords on meetings instead, to prevent the issue from being abused.

Source ZDNet (external link)

Senators Question Apple’s Tim Cook on COVID-19 App’s Privacy

Four Democratic U.S. senators have asked Apple Inc. CEO Tim Cook about the company’s coronavirus app and how it handles personal data.

The Friday letter was signed by Sens. Robert Menendez, N.J.; Richard Blumenthal, Conn.; Kamala Harris, Calif., and Cory Booker, N.J., CNBC reports.

The senators sought specifics on how Apple was handling personal information from the app and whether it complied with HIPAA guidelines.

Apple released a screening app and website called COVID-19 last month with the Centers for Disease Control, the White House-led coronavirus task force and the Federal Emergency Management Agency.

The app includes a screening tool for COVID-19 symptoms along with current information from trusted sources about the coronavirus outbreak.

Apple is not providing any tests, CNBC reports.

Sources:

  • Senate.Gov (external link)
  • CNBC (external link)

Feds Ready to Tap Many Laws to Get Data in Pandemic

The U.S. Stored Communications Act and other federal laws could be invoked to give the government more information fight coronavirus.

The 1986 law is among many that include exceptions that allow telecommunications and technology companies to disclose, without individuals’ consent, large amounts of data to the federal government, FedScoop.com reports.

Privacy experts are on high alert.

Albert Gidari, director of privacy at the Center for Internet and Society, said COVID-19 could lead to the sharing of “hundreds of thousands of data points from hundreds of thousands of individuals” with U.S. agencies.

“We’ve never had a system on the backend to limit what the government does to it,” he told an Information Technology & Innovation Foundation conference last week.

Source: FedScoop (external link)

— By DPN Staff