Now Zoom has been linked to potential interference from Beijing, after admitting that some US calls were routed through China.
Zoom has apologised for the re-routing, saying it was trying to accommodate the massive influx of users over the past few weeks. But some critics say that, by routing content through China, authorities there could demand that Zoom turn over any encryption keys on its servers, allowing calls to be decrypted.
There are also major concerns about Zoom’s claims that the service is end-to-end encrypted, which is disputed by researchers at independent technology watchdog Citizen Lab. According to the Canadian outfit, Zoom controls the encryption keys and can therefore access customers’ calls.
Citizen Lab says the explosion in users has created “a new gold rush for cyber-spies”. It warned Zoom may not be suitable for governments, high profile businesses, healthcare providers, activists, lawyers and journalists working on sensitive topics. The revelations have prompted a prominent Zoom client, Elon Musk’s SpaceX, to suspend using the service.
Zoom says it is working to fix three issues. CEO Eric Yuan has admitted the service was not designed with the foresight that in a matter of weeks, every person in the world would suddenly be working, studying, and socialising from home.
In the meantime, at least two US attorneys-general are investigating the company, expressing alarm at so-called Zoom-bombing incidents and seeking more information about its privacy and security measures.