The new semester has started and because of Covid to attend lectures we all need to use either Zoom or MS Teams. What makes it worse however is that many professors require us to use our real names and have cameras open. I consider however both Zoom and Teams to be spyware so I'm trying to avoid them. I sent a few emails trying to change people's minds without success. I do understand that change is difficult especially once we have learned the previous system well. But we should be willing to jump ship sometimes, I believe this to be one of those times.
First and foremost both services are proprietary, meaning the software is not open source so whatever claims their devs make about them we cannot confirm nor deny whether they are telling the truth. This is beautifully demonstrated by the fact that zoom for a long time was falsely marketed as end to end encrypted which it wasn't. A year or 2 ago when it was confirmed that Zoom didn't have e2eE they really didn't want to implement it, then they said they would only provide it for paying users until finally after some pushback they said they will offer it to the masses. Don't be fooled however we have no way of verifying their claims. When you've got power and nobody is looking it's easy to abuse it, and Zoom has abused that power, when for instance they sold user data to facebook. People will call claims like mine conspiracies but this sort of conspiracies usually are proven true with the pass of time. If a piece of software is not open source, run for the hills, don't use it or it will use you.
Zoom has had a really bad history in terms of privacy and security. It's poor security allowed hackers to take over meetings and stream porn or just harass attendees. Zoom would install a webserver on user's computers that would allow websites to add users to calls without their permission and would even enable their camera. Also after uninstalling zoom it would be able to reinstall itself without permission. Zoom implemented a feature that would allow hosts to monitor what users were doing, how much attention they were paying to the meeting and whether they have clicked away for longer than 30 seconds. Another issue Zoom faced because of its slack security is a vulnerability that allowed attackers to take over a person's camera and microphone. Zoom also shared data of its users with facebook and got compensated for it, in fact a lawsuit for 85m was filed for this reason and each zoom user is entitled to $15 or $25. Here's some data that Zoom collects(some of it even if you don't have a Zoom account): type of device you are using, ip address, unique advertisement ID, employer, job title, phone number, email address, physical address and name. Zoom also used techniques often used by malware to install itself on a machine without a user's permission. Just don't use Zoom the company is corrupt and doesn't care about you, it only cares about profits (like almost all other companies)
As for Microsoft Teams, there's not as much bad history as with Zoom. Only a few vulnerabilities have been mentioned. Like an evil gif being able to take over your computer through teams. However there are many inbuilt and extra tools for maximum surveillance. An employer can see when you are online offline with notifications enabled, they can see for how long you have been away from your computer. There are options for retrieving all of your messages, record calls, track your camera, microphone and location and measure your productivity. In fact all your activity throughout the whole Office365 suit can be tracked. Let's also not forget that Microsoft is not the most privacy respecting company out there.
"Ok then what should I use?" you ask. There is a bunch of open source alternatives, there's Jitsi, BigBlueButton and Jami to name a few. Personally I have only used jitsi and I have no complaints. All of those 3 can be self hosted (Tutorial for jitsi) if you don't want to trust the people that are running the instances. Also there are many public instances you can use without any problems.
Now for counter arguments I got.