Zoom, the internet videoconferencing platform that has seen usage boom 20-fold during the COVID-19 pandemic, is going into triage mode.
In the past few weeks, as Zoom virtual meetings have become ubiquitous, new concerns and government scrutiny — and at least one lawsuit — have reared up about the company’s privacy and security measures. In response, Zoom is freezing all feature development for 90 days to divert all its engineering resources “to focus on our biggest trust, safety, and privacy issues,” founder and CEO Eric Yuan wrote in a blog post Wednesday.
“We want to do what it takes to maintain your trust,” Yuan wrote.
The development comes amid a massive spike in usage of Zoom in March, when it had 200 million daily meeting participants (both free and paid), up from a maximum of 10 million per day in December 2019, according to the company.
Zoom’s stock price fell more than 11% Thursday after Yuan’s announcement, as the broader market indices were slightly higher. The shares had doubled year-to-date on investor enthusiasm over its prospects amid global stay-at-home environment.
The problems Zoom’s users have encountered include “Zoombombing,” in which unauthorized trolls crash into online meetings and have shared violent and pornographic images. Last month, Zoom posted guidance on how to prevent this, such as by setting up waiting rooms, passwords, muting controls, and limiting screen sharing. “We absolutely condemn these types of attacks and deeply feel for anyone whose meeting has been interrupted in this way,” Yuan commented.
Earlier this week, a California man sued Zoom, alleging it illegally disclosed private info to third-party partners, including Facebook. Meanwhile, Zoom has reportedly improperly shared contact info and photos of some users with strangers, based on Zoom’s grouping of people with the same email address domain names together (based on the assumption they work for the same company), according to a report by Vice. And the New York attorney general’s office has launched a probe into Zoom’s privacy practices.
The company also admitted that Zoom meetings are not always encrypted end-to-end. In a post attempting to “clarify” the issue, it noted that data cannot be encrypted on devices that don’t use Zoom’s proprietary communication protocol (such as phones or certain room-based videoconferencing systems).
Yuan apologized for the lapses, writing, “we recognize that we have fallen short of the community’s – and our own – privacy and security expectations.”
In addition, according to Yuan, Zoom is conducting a “comprehensive review” with third-party experts and representative users to review its security protocols and is prepping a transparency report to detail information related to requests for data, records or content.
The surge in Zoom usage has included over 90,000 schools across 20 countries, who are using the platform free of charge for remote education. Zoom says it originally built the videoconferencing system for business users and has had to adapt to consumers using it “in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived,” Yuan said.