Can Zoom fix its cyber and privacy public image problem?

Zoom is under the spotlight over privacy and security issues — its share price has done something of an about turn as a result. With its new, high profile, adviser can it repair the damage?

For those of us concerned with privacy and cyber security, we may want to note that a Zoom call is nothing like watching a game of basket ball. We know this, because in a famous experiment, in which the viewer is invited to count the number of passes in a game of ‘pass the basketball’ the majority of people totally fail to spot the man in the gorilla outfit, who walks through the middle of the game. By contrast, when a naked adult male invaded a private Zoom meeting held by Berkeley High School in California, everyone noticed him.

It is just one example of the privacy and security nightmare that has enveloped Zoom. Just a few weeks ago, its share price was making headlines for the way it had soared while all around stock markets were crashing. By March 20th, it was almost double the start of year price. Then a trickle of reports casting doubts over Zoom’s security and privacy credentials, turned into a tsunami.

SpaceX has banned it. There are restrictions on its use in Taiwan and Germany. As for shares, they have now lost almost half the gains seen a couple of weeks ago.

If nothing else, it’s a stark reminder of how failure to get your privacy and security right can hit the share price hard. The jury is out on whether Zoom can recover and regain lost reputation. Either way, it will be a close call. The company could have come out of this dreadful Covid-19 crisis as a super star of the tech space. By failing to get its cyber security and privacy right, it has left the door open for competitors to seize the opportunity that seemed to belong to Zoom.

It’s a lesson of privacy and security design— bake good security and privacy principles in, and you are better equipped to deal with extreme surges in demand.

On the other hand, it is easy to be wise in hindsight. As Eric Yuan, the Zoom CEO, recently said: “Our platform was built primarily for enterprise customers – large institutions with full IT support… we did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home.”

A contrite Mr Yuan uttered his profuse apologies — one was left thinking that if he had thought it would do any good, he would have happily worn a hair shirt in atonement.

But he has done more than apologise. Mr Yuan has formed a CISO council. He explained: “The purpose of the CISO council will be to engage with us in an ongoing dialogue about privacy, security and technology issues and best practices – to share ideas and collaborate.”

The council will count in its number, none other than Alex Stamos, former head of security at Facebook and now an adjunct professor at Stanford University.

In a post on Medium,  Professor Stamos said: “To successfully scale a video-heavy platform to such a size, with no appreciable downtime, and in the space of a few weeks, is literally unprecedented in the history of the internet.”

He explained: “As someone who has walked through the galaxy of blinking lights and deafening whir of tens of thousands of servers carrying the sessions of millions of users, I appreciate the effort it takes to build a product that scales.”

Can Zoom fix this? It has a dual problem. Fix the privacy and security issues, and repair its public image.

The second of those tasks may be the hardest.


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.