CounterPath Store

Buy - CounterPath Bria

for Windows, Mac and iOS/Android Devices

Interested in buying Bria for Windows?

Buy Now

Zoom Security is an Issue, but its Data Sharing Practices are Also a Concern

By Todd Carothers


By now, I am sure you have seen the headlines around Zoom's users' latest security concerns:

Due to COVID-19, Zoom, CounterPath and others in the industry have seen a spike in usage. Overnight, workers were told to work at home - many of them without the proper tools. Whenever this happens, it creates chaos and an opportunity for users to become the targets of wrongdoing.


As our VP of Product Management, Damian Wallace, says: there is a very big difference between “do it right now!” and “do it right, now.” With the rush to work at home, so many organizations have had to choose the “now” over the “right, and hope that their chosen vendor is doing security right.   

I recall a meeting I had with an executive at Skype back in the summer of 2009. At the time, we were discussing SIP related to JoltID infringement issues (before the Microsoft acquisition). I was very impressed with Skype’s approach to protect their customers’ data and their "end-to-end" security. I remarked to the gentleman something to the effect of: "It sounds like you are bulletproof!" Without hesitation, he replied, "Nothing is 100 percent safe when it comes to potential end-to-end security vulnerabilities." I was far from a security expert, and that statement made me pause and consider the implications. It was one of those moments where a subject matter expert accelerated my understanding with just a few words. So, to that end, I am not surprised that we now see security issues with Zoom, as it grows in popularity. In some ways, it was inevitable.  

As for CounterPath, our UC solutions are fully encrypted to and from the CounterPath collaboration server. This includes the voicevideo streams, messaging and file transfers. We do not store video conferences or allow third-party endpoints to connect to our services.   

Icon - Security

By design, we do not allow guests to automatically have screensharing ability, which prevents “Conference Bombing”.  “Conference Bombing” is where mischievous people, who are all at home now with nothing better to do, find open conferences and share pornographic or other inappropriate material in a conference.  

What does shock me, and frankly is not acceptable, is the other story that has emerged about Zoom's practice of sharing information with third parties.

In particular, Zoom is dealing with a lawsuit to stop the company from sharing its customers' data and is currently being sued for allegedly sharing user data with Facebook. The company has published a blog post around its privacy policy, however it has neglected to address the Facebook data-sharing issue.  


This issue is more significant than Zoom getting hacked. A company needs to take care of its users' personal information. At CounterPath, we are proud to do this. We do not store individual customer data that is not required to provide our services.  That data we do store is encrypted, and wherever possible anonymizedWe do not share data with third parties for marketing or technical purposes. We also do not store recorded calls on our servers, those files are saved in our users' hard drives or Dropbox accounts 

How a company approaches its security and privacy policy is essential. To say a company complies with regulatory privacy mandates is simply not enough. Its culture and DNA needs to put customer data privacy policies first.    

At CounterPath, we have always been committed to keeping our customers' data privatenever sharing it with third parties. This is one of our core values and is standard among our Bria Solo, Bria Teams, and Bria Enterprise solutions. If you are interested in a secure solution for your enterprise, reach out to one of our CounterPath Channel Partners or contact our sales team today.


Todd Carothers

About Todd Carothers

Todd Carothers is the Executive Vice President of Marketing and Products at CounterPath and oversees Product Management and Marketing initiatives. Growing up in Silicon Valley and having witnessed the technical marvels coming out of Xerox PARC (where his dad was a patent attorney) Todd developed a deep passion for the high-tech industry. With a particular interest in Internet and mobile applications, Todd eventually found himself within the massive Telecommunications sector and companies that were on the leading edge of new services that added significant value to operators worldwide.