Technology
The FBI must be stoked about Zoom’s encryption policy
Zoom has big privacy plans — for its paying customers, that is.
After getting caught falsely claiming it offered end-to-end encryption, the video-conferencing app Zoom promised to increase the privacy and security of its product and even announced some concrete steps it would take to follow through on that promise. In a June 2 earnings call, however, Zoom CEO Eric Yuan clarified that one of those steps — adding true end-to-end encryption to its platform — will only be available to paying customers.
The reason for the two-tiered service? So that Zoom can more easily turn over its users’ to the FBI. Seriously.
“Free users, for sure, we don’t want to give that [end-to-end encryption],” The Next Web reports Yuan as saying. “Because we also want to work it together with FBI and local law enforcement, in case some people use Zoom for bad purpose.”
Notably, Zoom does offer a form of encryption to all users — just not the gold standard that is end-to-end. With end-to-end encryption, offered by the likes of Signal and Apple’s iMessage, not even the service relaying your message (e.g. Apple) can read its contents. Other forms of encryption may protect your message as it goes from your phone to a company’s servers, and then to its recipient, but while it passes through those servers it’s readable by third parties.
Zoom has skyrocketed in popularity since the coronavirus pandemic and corresponding shelter-in-place order left many people homebound. With the increase in use, came an increase in scrutiny, and many privacy experts didn’t exactly like what they saw. So Zoom got to work, hiring former Facebook Chief Security Officer Alex Stamos as a consultant to spearhead its security efforts.
In a long Twitter thread Tuesday night, Stamos attempted to clarify why Zoom’s forthcoming end-to-end encryption would only be available to paying customers. Essentially, he argued that enterprise users (i.e., anyone someone paying for the service and using it in a business context) have legitimate needs for end-to-end encryption. That being said, Zoom still wants to be able “[reduce] the human impact of the abuse of its product.”
Lots of companies are facing this balancing act, but as a paid enterprise product that has to offer E2EE as an option due to legitimate product needs, Zoom has a slightly different calculus.
— Alex Stamos (@alexstamos) June 3, 2020
Will this eliminate all abuse? No, but since the vast majority of harm comes from self-service users with fake identities this will create friction and reduce harm.
— Alex Stamos (@alexstamos) June 3, 2020
Non-enterprise users, of course, also have a legitimate need for end-to-end encryption. They also, as evidenced by the growth in popularity of encrypted messaging apps like Signal, have a desire for the private communication that end-to-end encryption makes possible. They may just have to look elsewhere to find it.
Thankfully, Zoom is not the only game in town.
-
Entertainment4 days ago
‘Furiosa: A Mad Max Saga’ review: George Miller’s blazing action folktale might just have outdone ‘Fury Road’
-
Business6 days ago
Healthy growth helps B2B food e-commerce startup Pepper nab $30 million led by ICONIQ Growth
-
Entertainment5 days ago
‘House of the Dragon’ Season 2 trailer breakdown: Dragons, Rook’s Rest, and more
-
Entertainment5 days ago
Sex education is under threat in the UK. What’s going on?
-
Business4 days ago
Orange Charger thinks a $750 outlet will solve EV charging for apartment dwellers
-
Business4 days ago
Senate study proposes ‘at least’ $32B yearly for AI programs
-
Business3 days ago
Colab’s collaborative tools for engineers line up $21M in new funding
-
Entertainment6 days ago
Apple iPad Pro 2024 (13-inch) review: The battery life is bonkers