Users' Calls And Data Routed Through China, Zoom Privacy Is Again Questioned

Salena Harshini |Apr 08, 2020

Concern on Zoom privacy is rising as security researchers revealed that the users' calls and data are being routed through China.

As hundreds and millions are forced to work from home due to the spread of coronavirus, the need for communication explains why the use of video calling apps like Zoom gets more mainstream than ever. However, Zoom privacy has faced quite an issue lately because of its practices and security policies.

Thousands of video call recordings on Zoom have been exposed on the Internet, including personal therapy sessions, business meetings with confidential financial reports, and even online classes where personal details of students. They were all visible to those who watch the recordings. Besides, there have been new notices about Zoom privacy currently.

Zoom 2
Users are doubting if Zoom privacy can really be trusted

Zoom calls are reported to be routed through China although encryption keys have been used to protect them. As noted this week, Zoom is not at all end-to-end encrypted which is a total rebuttal to the company’s previous claims. This means that they take control of encryption keys and therefore can access customers’ call content.

This is reported by Citizen Lab’s security researchers and hours after this statement, the platform has offered an apology and a partial explanation.

Zoom 4
Zoom privacy is again put in question as it is reported to route through China

Zoom presently says that during its endeavors to increase the server ability to suit the enormous deluge of clients during recent weeks, it "mistakenly" permitted two of its Chinese data centers to accept calls as a stand-in in case of system blockage.

CEO of Zoom, Eric Yuan, said:

“During normal operations, Zoom clients attempt to connect to a series of primary datacenters in or near a user’s region, and if those multiple connection attempts fail due to network congestion or other issues, clients will reach out to two secondary datacenters off of a list of several secondary datacenters as a potential backup bridge to the Zoom platform. In all instances, Zoom clients are provided with a list of datacenters appropriate to their region. This system is critical to Zoom’s trademark reliability, particularly during times of massive internet stress.”

This means, European calls are supposed to be in Europe, just like American calls should stay in America. It’s how Zoom’s “geofencing” data center works. But when traffic climbs, it is shifted to the closest data center which has the biggest available capacity.

The video conferencing application mentioned that this happened in very limited cases. When asked for details, a spokesperson of Zoom, however, didn’t reveal how many users were affected.

Zoom 3
The network will shift the traffic to the nearest data center with the most available capacity

Zoom said that it has now overturned that inaccurate whitelisting. The organization additionally said clients on the organization's committed government plan were not influenced by the inadvertent rerouting.

Zoom has posted a blog post, saying they have “implemented robust and validated internal controls to prevent unauthorized access to any content that users share during meetings.”

>> 6 Best Free Video Call Apps For Work And Study From Home

Zoom
They are trying to fix the privacy issues

Patrick Jackson, the technology chief of Disconnect, a former researcher at the US National Security Agency,  had suggested that companies should change the name of convention videos to make them more difficult to find.

Jackson also urged others to only record video calls if they really need to and always secure those when hosting.

Zoom 1
Will the concern over Zoom privacy be eased off?

Zoom has got points for hitting the right notes in replying to the wave of inspection from security researchers. However, they are still under pressure of 2 class-action lawsuits and attorney general of New York. Recently, a number of lawmakers have demanded to know what they are doing to protect the privacy of users.

Comments

Sort by Newest | Popular

Next Story

Read more