The FBI Should Be Stung About Zoom’s Encryption Policy

Zoom has great privacy plans — for its paying customers, that is.

after being caught making a false claim(opens in a new tab) It offered end-to-end encryption, video-conferencing app Zoom promised to increase the privacy and security of its product, and even announced some concrete steps to deliver on that promise. In a June 2 earnings call, however, Zoom CEO Eric Yuan clarified that one of those steps — adding true end-to-end encryption to its platform — will only be available to paying customers.

The reason for the two tier service? So that Zoom can more easily hand over its users to the FBI. seriously.

“Free users, of course, we don’t want to give that [end-to-end encryption],” reports The Next Web(opens in a new tab) Yuan is saying. “Because we want to work closely with the FBI and local law enforcement in case some people use Zoom for evil purposes.”

Notably, Zoom provides a form of encryption for all users – not just the gold standard which is end-to-end. With the end-to-end encryption offered by Signal and Apple’s iMessage, not even the service relaying your message (such as Apple) can read its contents. Other forms of encryption can protect your message as it travels from your phone to a company’s servers, and then on to its recipient, but when it passes through those servers it is readable by third parties. .

RELATED VIDEO: Zoom’s newfound popularity is being exploited by hackers during the coronavirus pandemic

Zoom has skyrocketed in popularity as the coronavirus pandemic and related shelter-in-place orders have left many people homebound. With the increase in usage, came an increase in scrutiny, and many privacy experts didn’t exactly like what they saw. So Zoom got to work, hiring former Facebook chief security officer Alex Stamos as a consultant.(opens in a new tab) To lead your security efforts.

in the long run twitter thread(opens in a new tab) On Tuesday night, Stamos attempted to clarify why Zoom’s upcoming end-to-end encryption would only be available to paying customers. Essentially, he argued that an enterprise user (i.e., anyone paying for the service and using it in a business context) has legitimate needs for end-to-end encryption. That being said, Zoom still wants to be enabled”[reduce] Human impact of misuse of its product.”

Of course, non-enterprise users also have a legitimate need for end-to-end encryption. They too, as evidenced by the rise in popularity(opens in a new tab) In encrypted messaging apps like Signal, there is a desire for private communications that end-to-end encryption makes possible. They may have to look elsewhere to find it.

Thankfully Zoom isn’t the only game in town.

Leave a Comment