Zoom app is one of the few apps whose businesses have boomed in the time when all other companies are facing a recession. But this popularity has also brought more attention to the company and its privacy practices.
The Intercept, a news organization, has alleged on Tuesday that zoom video calls do not end to end encrypted which it claims to be.
What Is End To End Encryption?
End-to-end encryption (E2EE) is a system of communication where only communicating users can read the messages. Thus, it prevents any third party to eavesdrop. They won’t have the cryptographic keys needed to decrypt the conversation between the users. Telecom providers, Internet providers, and even the provider of the communication service cannot decrypt the messages exchanged between the users.
What Encryption Does Zoom Use?
The platform uses TLS encryption to protect meetings information. It is the same technology that web servers use to secure HTTPS websites. TLS is commonly known as transport encryption, explained further below.
So when you have a Zoom meeting, the video and audio content will stay private from anyone spying but Zoom can access these unencrypted videos and audio from meetings. In their policy, however, they have said that it does not directly access, mine, or sell user data.
What did Zoom say?
A Zoom spokesperson wrote that it is not possible to enable E2E encryption for video meetings. It further revealed that Zoom’s video meetings use a combination of TCP and UDP.
The spokesperson explained that with end to end phrase, they actually meant “the connection being encrypted from endpoint to endpoint”. “The content is not decrypted as it transfers across the Zoom cloud”, they added.
Zoom in its statement to The Intercept said that it takes its users’ privacy extremely seriously and that they have “layered safeguards in place to protect users’ privacy.”
Matthew Green, a cryptographer said, “I think they’re doing this in a slightly dishonest way.”
Zoom has also faced a lawsuit by a user this week lodged in California court. The complaint read that the platform is selling the personal information of the million users to third-party, including Facebook, without their discreet knowledge.
Checkout the Housparty is offering $100,000 bounty.