How and why Zoom relaunches on privacy

How and why Zoom relaunches on privacy

All the news announced by Zoom on the privacy front and beyond. Facts and controversies

Zoom gives in to pressure. The popular video conferencing platform will offer full end-to-end encryption to all users. No longer therefore only to paying users as previously mentioned. The company led by Eric Yuan thus gives in to pressure from US lawmakers and the public to strengthen privacy.

His shares more than tripled this year ( with the latest record quarterly ). In recent months, in fact, more and more people have rushed to Zoom to virtually meet colleagues, classmates, friends and family while the measures to contain the contagion from Coronavirus imposed social distancing.

Along with popularity, the controversy over the company's security practices also came for Zoom.

Just last week, the video conferencing company tried to reassure global users that it would no longer deactivate accounts outside mainland China at the behest of Beijing. Previously Zoom had closed three accounts that wanted, by videoconference, to commemorate the Chinese repression of Tiananmen, at the request of the Chinese government.

It was not the first time that Zoom's privacy and security policies or society's potentially overly welcoming relationships with the Chinese government were questioned.


Starting in July, Zoom will offer end-to-end encryption to all users, free and paid. "We are pleased to share that we have identified a path forward that balances the legitimate right of all users to the privacy and security of users on our platform," wrote Yuan.

End-to-end encryption is one of the most private ways to communicate online and allows users to have secure conversations without anyone, including the platform, having access to data.


When Zoom implements the feature, it will ask free users for additional information to verify their accounts, such as a phone number to "reduce the mass creation of offensive accounts." At the moment, users can register with a single e-mail address.

End-to-end encryption will also be an optional feature that Zoom users need to enable, as it can limit certain features, including the ability to connect via a phone or record meetings.

The verification of the identities of the free gifts will therefore help the company to combat the abuses that take place on its platform. Like the practice of "Zoombombing" (breaking into troll meetings to share vulgarity or pornography), complained by users since March.


About 70,000 web users signed two petitions this week. They both called on Zoom to provide full encryption to everyone in the interest of cybersecurity for those who cannot afford a subscription.

But privacy concerns have haunted Zoom since late March, as we said, pushing control by the US authorities . In addition to temporary bans from New York City and Singapore schools.


In early April, Zoom responded with the announcement of corrections, suspending all new features for a period of 90 days in order to focus on privacy and the strengthening of security measures. This 90-day period is expected to end at the end of this month.

Meanwhile, the San Jose-based company has purchased Keybase, a secure messaging company, to help strengthen its encryption capabilities.


If CEO Yuan said earlier this month that he would reserve end-to-end encryption for large corporate customers who paid for the service, Zoom has now raised the bar. The company will therefore make encryption available to all users starting in July.


But it doesn't end there. The move on the implementation of cryptography may not be enough to appease the discontent on the platform.

Last week Zoom admitted that it had accepted the Chinese government's requests to close the accounts of activists in the United States and Hong Kong who wanted, by videoconference, to commemorate the Chinese crackdown on Tiananmen.

The admission came after some human rights activists had denounced the suspension, without explanation, of their accounts in the days before.


Zoom had to recognize that they had temporarily closed them, with the justification that "like any global company, we must comply with the laws in force in the jurisdictions in which we operate. The Chinese government has informed us that "the video chats planned on Tiananmen were illegal activities in China and asked Zoom to block meetings and accounts," the company said.

But two of the accounts involved were in the United States. Zoom has since reinstated the accounts stating that in the future "it will not allow the Chinese government's requests to impact anyone outside of mainland China."

Zoom denied having provided user data or having forwarded the contents to the Chinese authorities. Then adding that its current technology does not allow it to "remove specific participants from a meeting or block participants from a specific country".


As Axios pointed out, Zoom has around 700 engineers in China and several branches based in China, according to the company's latest Sec documents. The Yuan-led company said that having a research and development team in China helps cut costs and is therefore an important profit factor.


A concern for lawmakers and authorities (not only US ) is a 2015 Chinese national security law that obliges individuals and companies to provide assistance to the Beijing government to "safeguard national security" and a 2017 law that requires private sector cooperation with the Chinese intelligence services.
This means that Chinese law requires local employees to provide government information and censorship assistance. As Jacob Helberg, senior consultant at Stanford University Cyber ​​Policy Center, in Axios pointed out.

This is a potential security risk as government officials, technology startups working on sensitive technologies, defense contractors and many others rely on Zoom meetings in both their professional and private lives.

This is a machine translation from Italian language of a post published on Start Magazine at the URL on Fri, 19 Jun 2020 13:30:04 +0000.