Zoom announces 90-day feature freeze to fix privacy and security issues
Zoom’s recent growth has put it in the spotlight over a series of privacy and security issues, and the company is now promising to address them over the coming 90 days. In a detailed blog post, Zoom CEO Eric S. Yuan explains how the company has been responding to a massive increase in users. Zoom has never shared user numbers before, but Yuan reveals that back in December the company had a maximum of 10 million daily users. “In March this year, we reached more than 200 million daily meeting participants, both free and paid,” says Yuan.
That’s a huge increase that has seen people use Zoom for reasons nobody expected before the coronavirus pandemic. “Our platform was built primarily for enterprise customers,” explains Yuan. “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home. We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived.”
The challenges of supporting 200 million users compared to just 10 million a few months ago are significant enough, but the privacy and security issues that have been uncovered recently present greater challenges for the company. Zoom is now freezing its feature updates and focusing on its security and privacy issues instead. “Over the next 90 days, we are committed to dedicating the resources needed to better identify, address, and fix issues proactively,” explains Yuan. “We are also committed to being transparent throughout this process.”
All of Zoom’s engineering resources will now be focused on safety and privacy issues, and the company is planning a “comprehensive review” with third-parties to ensure it’s handling the security of these new consumer cases properly.
Zoom is also committing to releasing a transparency report to share the number of requests from law enforcement and governments for user data. It’s something that digital rights advocacy groups have called on Zoom to release. Zoom is also “enhancing” its bug bounty program, consulting with other chief information security officers across the industry, and using white box penetration tests to identify other security bugs.
Yuan will also hold a weekly webinar on Wednesdays at 10AM PT / 1PM ET to discuss privacy and security updates for Zoom as it tackles its response over the next 90 days. “Transparency has always been a core part of our culture,” says Yuan. “I am committed to being open and honest with you about areas where we are strengthening our platform and areas where users can take steps of their own to best use and protect themselves on the platform.”
Zoom’s response is what many in the security community had been asking for, and the company is committing to fixing the issues that have been identified and promising to be transparent in the process. That’s encouraging to hear for Zoom’s existing users, and the many millions of new users that are choosing the app to connect to friends, family, and coworkers for the first time.