The lesson is one we need to learn and relearn. When a company fails to protect our privacy, we shouldn’t just continue to use its product — and tell the people we care about to use it — just because it works well and is simple to use. Once we lose our privacy, we rarely get it back again.

“There’s a revolving door,” said Matthew Guariglia, a policy analyst for the Electronic Frontier Foundation, a digital rights nonprofit. “When you give your data to one company, you have no idea who else is going to have access to it, because so much of it happens behind the black box of company secrecy.”

The onus is certainly on Zoom, not us, to fix the privacy and security problems of its app. But we can put pressure on Zoom by not accepting the situation. If you do use Zoom, do so with caution and strong security settings. More on this later.

Zoom’s Privacy and Security Issues

Let’s first take a closer look at why Zoom has been under the microscope. The issues boil down to two main things: its privacy policy and the architecture of its security.

Zoom’s privacy policy

Zoom recently announced that it had revised its privacy policy to be clearer and more transparent. In it, the company emphasized that it does not and has never sold people’s personal data, and has no plans to.

But the policy does not address whether Zoom shares data with third parties, as companies such as Apple and Cisco explicitly state in their privacy policies.

This is a notable omission. Tech companies can monetize user data in many ways without directly selling it, including by sharing it with other companies that mine the information for insights, according to research published by the M.I.T. Sloan School of Management. In some cases, tools to collect data from users are “rented” to third parties. Such practices would technically make it true that your personal data was not “sold,” but a company would still make money from your data.