Zoom’s recent growth has highlighted a range of privacy and security concerns, and the company now promises to address them over the next 90 days. In a detailed blog post, Zoom CEO Eric S. Yuan explains how the company is responding to a massive increase in users. Zoom has never shared user numbers, but Yuan reveals that the company had up to 10 million daily users in December. “In March of this year, we reached over 200 million daily meeting participants, both free and paid,” said Yuan.
That’s a huge increase that has led people to use Zoom for reasons no one expected before the coronavirus pandemic. “Our platform is built primarily for corporate customers,” Yuan explains. “We didn’t design the product with the expectation that within a few weeks everyone in the world would suddenly work, study and socialize from home. We now have a much wider group of users who use our product in a variety of unexpected ways and face challenges that we had not anticipated when the platform was conceived. “
The challenges of supporting 200 million users, compared to just 10 million a few months ago, are big enough, but the privacy and security concerns recently discovered pose bigger challenges for the company. Zoom now freezes the feature updates and focuses on the security and privacy issues instead. “Over the next 90 days, we are committed to devoting the resources needed to proactively better identify, address, and resolve problems,” Yuan explains. “We also want to be transparent throughout this process.”
All of Zoom’s technical resources will now focus on security and privacy issues, and the company is planning an “in-depth review” with third parties to ensure that it handles the security of these new consumer issues appropriately.
Zoom also undertakes to issue a transparency report to share the number of requests from law enforcement and governmental authorities for user data. It’s something digital rights advocacy groups have asked Zoom for. Zoom also “enhances” its bug bounty program, consults other chief information security officers across the industry, and uses white-box penetration testing to identify other security bugs.
Yuan will also hold a weekly webinar on Wednesdays at 10 a.m.PT / 1 p.m. ET to discuss privacy and security updates for Zoom as it addresses its response over the next 90 days. “Transparency has always been a core part of our culture,” said Yuan. “I am committed to being open and honest with you about areas where we strengthen our platform and areas where users can take steps themselves to make the best use of and protect themselves on the platform.”
Zoom’s response is what many in the security community asked for, and the company is committed to addressing the identified issues and promising to be transparent in the process. That’s encouraging to hear from existing Zoom users and the many millions of new users who choose the app to connect with friends, family and colleagues for the first time.