Technology
The FBI must be stoked about Zoom’s encryption policy
Zoom has big privacy plans — for its paying customers, that is.
After getting caught falsely claiming it offered end-to-end encryption, the video-conferencing app Zoom promised to increase the privacy and security of its product and even announced some concrete steps it would take to follow through on that promise. In a June 2 earnings call, however, Zoom CEO Eric Yuan clarified that one of those steps — adding true end-to-end encryption to its platform — will only be available to paying customers.
The reason for the two-tiered service? So that Zoom can more easily turn over its users’ to the FBI. Seriously.
“Free users, for sure, we don’t want to give that [end-to-end encryption],” The Next Web reports Yuan as saying. “Because we also want to work it together with FBI and local law enforcement, in case some people use Zoom for bad purpose.”
Notably, Zoom does offer a form of encryption to all users — just not the gold standard that is end-to-end. With end-to-end encryption, offered by the likes of Signal and Apple’s iMessage, not even the service relaying your message (e.g. Apple) can read its contents. Other forms of encryption may protect your message as it goes from your phone to a company’s servers, and then to its recipient, but while it passes through those servers it’s readable by third parties.
Zoom has skyrocketed in popularity since the coronavirus pandemic and corresponding shelter-in-place order left many people homebound. With the increase in use, came an increase in scrutiny, and many privacy experts didn’t exactly like what they saw. So Zoom got to work, hiring former Facebook Chief Security Officer Alex Stamos as a consultant to spearhead its security efforts.
In a long Twitter thread Tuesday night, Stamos attempted to clarify why Zoom’s forthcoming end-to-end encryption would only be available to paying customers. Essentially, he argued that enterprise users (i.e., anyone someone paying for the service and using it in a business context) have legitimate needs for end-to-end encryption. That being said, Zoom still wants to be able “[reduce] the human impact of the abuse of its product.”
Lots of companies are facing this balancing act, but as a paid enterprise product that has to offer E2EE as an option due to legitimate product needs, Zoom has a slightly different calculus.
— Alex Stamos (@alexstamos) June 3, 2020
Will this eliminate all abuse? No, but since the vast majority of harm comes from self-service users with fake identities this will create friction and reduce harm.
— Alex Stamos (@alexstamos) June 3, 2020
Non-enterprise users, of course, also have a legitimate need for end-to-end encryption. They also, as evidenced by the growth in popularity of encrypted messaging apps like Signal, have a desire for the private communication that end-to-end encryption makes possible. They may just have to look elsewhere to find it.
Thankfully, Zoom is not the only game in town.
-
Entertainment7 days ago
‘The Wild Robot’ and ‘Flow’ are quietly revolutionary climate change films
-
Entertainment7 days ago
Mars is littered with junk. Historians want to save it.
-
Entertainment6 days ago
Should you buy the 2024 Kindle Paperwhite Signature Edition?
-
Entertainment5 days ago
Beyoncé’s Christmas halftime show on Netflix: What to know about the NFL event
-
Entertainment5 days ago
2024: A year of digital organizing from Palestine to X
-
Entertainment4 days ago
Greatest films by women creators on Netflix
-
Entertainment4 days ago
Is ‘Blink Twice’ streaming anywhere? Here’s what you need to know.
-
Entertainment3 days ago
Every ‘Doctor Who’ Easter egg found in ‘Joy to the World’