by Ashley Boyd
security features and flaws...
Right now, a record
number of people are using video call apps to conduct business,
teach classes, meet with doctors, and stay in touch with friends.
It's more important than ever for this technology to be trustworthy
- but some apps don't always respect users' privacy and security.
So today, Mozilla
publishing a guide to popular video call apps' privacy and
security features and flaws. Consumers can use this information to
choose apps they're comfortable with - and to avoid ones they find
This work is an
addition to Mozilla's annual *Privacy Not Included guide, which
rates popular connected products' privacy and security features
during the holiday shopping season.
We created this new
edition based on reader demand: Last month, we asked our community
what information they need most right now, and an overwhelming
number asked for privacy and security insights into video call apps.
In this latest
installment, Mozilla researchers dug into 15 apps, from Zoom and
Skype to HouseParty and Discord.
answered important questions like:
Does the app
share user data - and if so, with whom?
alerted when meetings are recorded?
Is the app
compliant with U.S. medical privacy laws?
And many more...
determined whether or not apps meet Mozilla's
Minimum Security Standards.
These five guidelines include:
providing security updates
requiring strong passwords
In total, 12 apps
met Mozilla's Minimum Security Standards:
did not meet Mozilla's Minimum Security Standards:
Security Standards are just one layer of our guide, however.
else did our research uncover?
is fierce in the video call app space - which is good news
has been criticized for privacy and security flaws.
Because there are many other video call app options out
there, Zoom acted quickly to address concerns.
isn't something we necessarily see with companies like
Facebook, which don't have a true competitor
one company adds a feature that users really like, other
companies are quick to follow.
Google Hangouts popularized one-click links to get
into meetings, and Skype recently added the feature.
just last week Facebook added Messenger Rooms, which
allows up to 50 people to chat at once in
Messenger for as long as they want
use some form of
encryption, but not all encryption is equal.
video call apps in our guide offer some form of
But not all apps use the holy grail:
End-to-end encryption means only
those who are part of the call can access the call's
content. No one can listen in, not even the company.
apps use client-to-server encryption, similar to what
your browser does for HTTPS web sites. As your data
moves from one point to another, it's unreadable.
unlike end-to-end encryption, once your data lands on a
company's servers, it then becomes readable
apps targeting businesses have a different set of features
than video call apps targeting everyday use
may seem obvious. But it's important.
Video call apps
...have a very different set of video chat
features and ease of use than business-oriented apps
Consumers who want something simple may want to skip the
Business users who want a fuller set of
features and have money to pay may look to
There is a
diverse range of risks.
It collects name, email, location, geolocations on photos you upload, information about
your contacts, information about you other people might
share, and even any information it can gather about you
when you use the camera feature.
Facebook says it can
use all this personal information to target you with
It also shares information with a large number of
third-party partners including advertisers, vendors,
academic researchers, and analytic services
is solid for video chat, and gets bonus points for using
end-to-end encryption on users' messages and calls.
However, it is sullied by an
overwhelming amount of
misinformation on the platform. Especially during this
conspiracies and fake news are being spread across
is admittedly more fun than some others on our list, but
it comes with its own problems. Houseparty appears to be
a personal data vacuum (though kudos to their
for being easy to read to tell you that)
collects more information than we're comfortable with.
For example, it collects information on your contacts if
you link your social media accounts.
And then there's
the toxicity: dig deep enough and you'll find some
pretty troubling corners of Discord that are
known for misogyny, racial
harassment, and human