Technology
The FBI must be stoked about Zoom’s encryption policy
Zoom has big privacy plans — for its paying customers, that is.
After getting caught falsely claiming it offered end-to-end encryption, the video-conferencing app Zoom promised to increase the privacy and security of its product and even announced some concrete steps it would take to follow through on that promise. In a June 2 earnings call, however, Zoom CEO Eric Yuan clarified that one of those steps — adding true end-to-end encryption to its platform — will only be available to paying customers.
The reason for the two-tiered service? So that Zoom can more easily turn over its users’ to the FBI. Seriously.
“Free users, for sure, we don’t want to give that [end-to-end encryption],” The Next Web reports Yuan as saying. “Because we also want to work it together with FBI and local law enforcement, in case some people use Zoom for bad purpose.”
Notably, Zoom does offer a form of encryption to all users — just not the gold standard that is end-to-end. With end-to-end encryption, offered by the likes of Signal and Apple’s iMessage, not even the service relaying your message (e.g. Apple) can read its contents. Other forms of encryption may protect your message as it goes from your phone to a company’s servers, and then to its recipient, but while it passes through those servers it’s readable by third parties.
Zoom has skyrocketed in popularity since the coronavirus pandemic and corresponding shelter-in-place order left many people homebound. With the increase in use, came an increase in scrutiny, and many privacy experts didn’t exactly like what they saw. So Zoom got to work, hiring former Facebook Chief Security Officer Alex Stamos as a consultant to spearhead its security efforts.
In a long Twitter thread Tuesday night, Stamos attempted to clarify why Zoom’s forthcoming end-to-end encryption would only be available to paying customers. Essentially, he argued that enterprise users (i.e., anyone someone paying for the service and using it in a business context) have legitimate needs for end-to-end encryption. That being said, Zoom still wants to be able “[reduce] the human impact of the abuse of its product.”
Lots of companies are facing this balancing act, but as a paid enterprise product that has to offer E2EE as an option due to legitimate product needs, Zoom has a slightly different calculus.
— Alex Stamos (@alexstamos) June 3, 2020
Will this eliminate all abuse? No, but since the vast majority of harm comes from self-service users with fake identities this will create friction and reduce harm.
— Alex Stamos (@alexstamos) June 3, 2020
Non-enterprise users, of course, also have a legitimate need for end-to-end encryption. They also, as evidenced by the growth in popularity of encrypted messaging apps like Signal, have a desire for the private communication that end-to-end encryption makes possible. They may just have to look elsewhere to find it.
Thankfully, Zoom is not the only game in town.
-
Entertainment7 days ago
Earth’s mini moon could be a chunk of the big moon, scientists say
-
Entertainment7 days ago
The space station is leaking. Why it hasn’t imperiled the mission.
-
Entertainment6 days ago
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
-
Entertainment5 days ago
Black Friday 2024: The greatest early deals in Australia – live now
-
Entertainment4 days ago
How to watch ‘Smile 2’ at home: When is it streaming?
-
Entertainment4 days ago
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
-
Entertainment3 days ago
A24 is selling chocolate now. But what would their films actually taste like?
-
Entertainment3 days ago
New teen video-viewing guidelines: What you should know