Zoom Bends to Chinese Government Demands to Terminate Activist Accounts
Not so long ago, nobody had heard of Zoom. Then came the COVID-19 pandemic and the video conferencing software rocketed to prominence. It has rapidly become the most popular commercial video meeting conference tool, going from 10 million users to over 300 million. Inevitably, this had led to scrutiny. Much of it focuses around security issues with the popular software…and the company’s ties to China.
Censorship and Tiananmen Square
Discussion of the Tiananmen Square massacre remains banned in China. In late May and early June, four Zoom meetings were held to commemorate the anniversary. These were fairly large meetings, with one hosting over 200 participants.
Zoom bowed to Chinese demands, ending three of the four meetings (the fourth turned out to have no participants from China, and suspending multiple accounts. Some of the suspended accounts belonged to activists not located in China, such as that of Zhou Fengsuo, founder of Humanitarian China. The accounts concerned have since been reinstated, and Zoom claims that this was a result of not having tools to block participation based off of location. One meeting at least was terminated mid stream.
As one of the few tools not banned in China, Zoom was essential to many Chinese citizens during quarantine. What makes this particularly disturbing is the involvement of people not located in China and, indeed, not Chinese citizens. The video conferencing company has now said they are working on ways to block participation so that those outside China are not affected…but what about those within its borders.
Zoom also claims that there are no backdoors to allow silent participation and that no meeting content or attendee information was handed over to Chinese authorities.
Zoom’s Ties to China
Zoom’s headquarters are in San Jose, California. However, the company did much of its product development in China and has a good number of Chinese employees. This, no doubt, is what allows the Chinese government to put continued pressure on them. Some calls have been mistakenly routed through China and there are open questions about how good the encryption is. (Zoom offers end-to-end encryption only for paid accounts, and less significant encryption on free ones).
Security concerns have led a number of entities to ban the use of Zoom, including the government of Taiwan.
The company has also stopped offering free accounts to China-based users, although it still sells paid accounts. The widespread use of the software leads to obvious concerns. It’s understandable that a company with employees in China would be concerned about abiding by local law, but at the same time the laws in China are harsh and often do not meet the normal standards of human rights.
Will Zoom Fix This?
The answer, as of right now, appears to be: Not exactly. Zoom’s removal of free accounts in China and decision to go ahead with the development of a tool which will allow participants to be removed or blocked from meetings indicate, along with the lower encryption on free accounts, a willingness to cooperate with law enforcement.
Participant-level blocking should at least protect those not in China from being interrupted, which Zoom apparently did to at least one meeting without either warning or notification. However, it shows that Zoom is more concerned with profits and abiding by local law than with human rights.
This issue may well extend beyond China. For example, Russia has strict laws to prevent the dissemination of what it considers to be “gay propaganda,” and thus Zoom may well block Russian users from meetings on those topics too. China no doubt has leverage over Zoom, but their attitude indicates they are likely to take the side of law enforcement in other countries too. While it may be true that they are not handing over meeting contents, the decision to keep encryption on free accounts partial “to cooperate with law enforcement” may mean they can’t be trusted in this area either. Their grounds revolve around a fear of free accounts being used for child pornography, but deny end-to-end encryption once it is implemented to some of the people who need it the most, including journalists who may have few resources and, ironically, abused teenagers who are seeking help.
What Should Users Do?
Zoom is incredibly useful and versatile. However, it should not be considered a secure tool because of the encryption issues and some other issues with security, particularly around the desktop client for Mac computers. For business use, it’s best to seek other solutions even if they might not have Zoom’s power and flexibility. It is very likely that Zoom competitors will begin to emerge as, even after the pandemic, companies realize the value of video conferencing for keeping in touch with remote workers and allowing remote attendance of meetings and conferences of all types.
Paid accounts are more secure than free ones, especially as Zoom finally implements end-to-end encryption for paid users only. Zoom is, in fact, ahead of the curve on this technology. However, it is also using non-standard encryption schemes, perhaps for speed purposes, that may not be as secure as recognized industry standards.
Can we trust Zoom not to provide a backdoor to China in their end-to-end encryption? The answer is a solid maybe, and because of that Zoom should not be considered safe for communications in and out of China. In fact, one should hesitate to use Zoom at all unless things change.
In other words, Zoom is fine for low security stuff, but should not be used for sensitive or confidential meetings (and, despite claims, for HIPAA-compliant things such as telehealth). But you should also consider whether you want to give your support to a company which is kowtowing to censors in the search for short-term profits.