Fresh from high-profile security issues, Zoom looks to avoid being caught in US-China rift

One of the most headline-grabbing stories last month was how Zoom Video Communications inadvertently routed some of its data to China, a no-no for Western organisations that don’t trust the country’s communist government.

Fresh from that lapse, along with other equally high-profile security issues, the video call company is looking to avoid being caught in the superpower rivalry between China and the United States.

It now gives users a choice of where their traffic is routed to and it is also trying to boost its security, such as through end-to-end encryption, in a transparent manner, said Abe Smith, head of international at Zoom.

“We don’t look at ourselves as a part of a government or political discussion,” he told Techgoondu in a video call interview earlier in May.

Among the new features introduced in a massive security overhaul for Zoom services is the ability for paying users to decide which region they want their data to flow through.

For example, a user based in the US can connect through Hong Kong or Tokyo to speak with counterparts in Asia, by controlling this from his app settings.

Smith also said that some of its customers have been rigorous when examining its security practices, say, by visiting its data centres around the globe or through penetration testing.

He also pointed to the transparency that the company has displayed through the regular webinars that chief executive Eric Yuan uses to share updates on its 90-day security plan

The company, however, would find it tough to avoid being collateral damage in the spat between the world’s two largest economies, especially as it has become one of of the most popular ways to stay connected during the coronavirus pandemic.

With the coronavirus rhetoric ramping up in recent weeks, the US government has further restricted technology exports to Chinese companies such as Huawei. China, meanwhile, has threatened to retaliate against American firms such as Apple and Qualcomm.

Zoom was briefly banned in China in September last year, but is now being used by enterprise customers that buy the service through authorised sales representatives.

For the free service, users have to be invited to join meetings hosted by paid users. This has allowed local alternatives from rivals like Alibaba, Tencent and others to flourish.

Meanwhile, in the US, Zoom has been careful to install some powerful establishment figures, such as H R McMaster, formerly the Trump administration’s National Security Advisor, as an independent board member earlier this month.

Earlier in April, it also hired Facebook’s former security chief, Alex Stamos, as an advisor. Plus, it has acquired Keybase, a secure file sharing and messaging service, to bring end-to-end encryption to its service.

That’s all in the past couple of months, since the first signs of trouble started with schoolchildren getting uninvited guests during their online lessons.

But is the effort enough? Not for some. Taiwan’s government, spooked by Zoom sending data accidentally to mainland China, has banned the video call service.

Yet, despite the unhappiness in some quarters, Zoom has continued to be popular. There were 300 million users on April 21, up 50 per cent from from 200 million at the start of the month, it has reported.

Smith said it will continue to work with governments and businesses to deliver a service that will satisfy their cybersecurity requirements.

He pointed to Singapore’s education ministry, which had suspended the use of Zoom for virtual classrooms in April after a hacker had logged onto one such session, but eventually resumed using the service when security features were made more easily available to teachers.

In a very short time, users had to understand simple concepts like setting up a waiting room, ejecting someone from a meeting or disabling the sharing of a screen on Zoom, he said.

“So many people were using it for the first time that there was tremendous amount of education needed,” he added.