“Zoom sees into our bedrooms, offices and living rooms. They therefore have a duty to ensure that they respect our human rights as we try to maintain daily life in the midst of a public health crisis.”
Isedua Oribhabor, Policy Analyst at Access Now
With more people working from home than ever before to fight the spread of COVID-19, video conferencing services like Zoom are seeing an unprecedented spike in usage. That surge in popularity means Zoom is dealing with massive amounts of new personal data from its users, which is worrying, given some of its features already make it ripe for misuse. Access Now, a digital advocacy group, is pushing for the company to release a transparency report.
Access Now released an open letter to Zoom this morning, urging for disclosure about how the company responds to third-party requests for user data. The letter is clear in its reasoning: Zoom’s increased internet presence makes it a clear target for mismanaged data. Moreover, with Zoom being used for sensitive work by some, its growing userbase deserves to know how data is managed and how Zoom responds to requests for data from government, law enforcement, and the like.
Transparency reports are the norm — Access Now’s request for a transparency report falls well within the realm of normalcy for tech companies. This is especially true in larger companies where, as more data is stored, the chance of mismanagement of that data increases. Google, for instance, shares regularly updated transparency reports and makes the full reports available for download.
Clear, simple demands — The strength of Access Now’s letter lies in its ability to lay out a list of clear demands for Zoom’s transparency report. The organization calls on Zoom to disclose:
- The number of government requests for user data it receives by country, with compliance rates, and Zoom's procedures for responding to these requests;
- The circumstances when it provides user information to government authorities;
- Policies on notice to potentially affected users when their information has been requested or provided to government authorities, or exposed by breach, misuse, or abuse;
- Policies and practices affecting the security of data in transit and at rest, including on multi-factor authentication, encryption, and retention; and
Zoom has only managed to get away without releasing a transparency report for this long because of the company’s relatively small size. With it growing at breakneck spead, pressure from organizations like Access Now are only going to increase. Getting out in front of the issue could help Zoom in the longrun, and keep competitors like Around, who are eager to usurp it, in check.