No, they don't? There are very few companies that record your phone calls/video calls, then transcribe them into text. Then store the data for themselves. This includes any data that we shared in the session. Why can't Zoom just come out and explain why they do this? Seems pretty simple. If you asked me?
This is what scares most security analysts is the fact that the product was developed and stores data in a place that has incredibly sketchy laws when it comes to intellectual property.
I can't see why Zoom can't come out with a statement regarding why they are collecting all of this sensitive data.
Big corporations might be sharing stuff unwittingly with people that they don't want to share it with.
"In addition, we have a high concentration of research and development personnel in China, which could expose us to market scrutiny regarding the integrity of our solution or data security features. Any security compromise in our industry, whether actual or perceived, could harm our reputation, erode confidence in the effectiveness of our security measures, negatively affect our ability to attract new customers and hosts, cause existing customers to elect not to renew their subscriptions or subject us to third-party lawsuits, regulatory fines or other action or liability, which could harm our business."
From security perspective, Companies do not like the fact that Zoom was developed in China and the vast majority of its R&D is still in China. China has different rules on security than many other countries. Particularly surrounding intellectual property. https://www.sec.gov/Archives/edgar/data/1585521/000119312519...
"Top of page 21- In addition, we have a high concentration of research and development personnel in China, which could expose us to market scrutiny regarding the integrity of our solution or data security features. Any security compromise in our industry, whether actual or perceived, could harm our reputation, erode confidence in the effectiveness of our security measures, negatively affect our ability to attract new customers and hosts, cause existing customers to elect not to renew their subscriptions or subject us to third-party lawsuits, regulatory fines or other action or liability, which could harm our business."
Why do they have to record calls? Transcribe the call into text then Store it. Why do they need to take copies of whiteboards and PowerPoint’s it’s does not make sense.
The top of page 21 in the first set of SEC documents:
Quote " Many governments have enacted laws requiring companies to provide notice of data security incidents involving certain types of personal data. In addition, some of our customers require us to notify them of data security breaches. Security compromises experienced by our competitors, by our customers or by us may lead to public disclosures, which may lead to widespread negative publicity. In addition, we have a high concentration of research and development personnel in China, which could expose us to market scrutiny regarding the integrity of our solution or data security features. Any security compromise in our industry, whether actual or perceived, could harm our reputation, erode confidence in the effectiveness of our security measures, negatively affect our ability to attract new customers and hosts, cause existing customers to elect not to renew their subscriptions or subject us to third-party lawsuits, regulatory fines or other action or liability, which could harm our business. "
Zoom is unencrypted by default? So you have to physically turn encryption on. Also, it is very unclear if your data is encrypted at rest. "End to end encryption" does not necessarily mean "end-to-end encryption" as has been shown many times before
The one thing nobody ever mentions about this is the Chinese connection. Zoom is 100% developed in China. They have a datacentre in tianjin. Even states in their financial papers. The S1 form that one of the risks is the fact the product is predominantly developed in China. By PRC citizens.
Encryption is also off by default? why is this?
The Zoom App also collects screenshots and transcriptions of shared data. This is fine if you are Facebook or Google.
Mistake? whoops