They changed their TOS to allow themselves to license everyone’s videos for A.I. training (or anything else). One of the execs tried to say they weren’t doing that but unless they change their TOS, they can and no doubt will.
For some people, that’s a personal privacy issue but for people who have Zoom calls about, for instance, health records, it makes Zoom illegal. And even if it’s not illegal, companies use video calls for discussing proprietary information they don’t want to be potentially licensed to competitors.
Wow, wtf…it seems like every big tech company is going through “enshittification”. Is there an open-source alternative for Zoom that is hopefully more privacy-focused?
As of Monday afternoon, [section 10.4] has a new paragraph in bold below it: "Notwithstanding the above, Zoom will not use audio, video or chat Customer Content to train our artificial intelligence models without your consent.”
How exactly they obtain customer “consent” isn’t disclosed.
I’m not so worried about Zoom adding fancy autocomplete (“training our models”) as I am with them licensing it out. This is what section 10.4 says before the caveat:
You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content, including AI and ML training and testing.
I don’t think that extra caveat even addresses licensing meeting content to third parties for training A.I.
That consent, [Zoom Chief Product Officer Smita] Hashim closed, still won’t allow third parties to train an AI off your calls: “And even if you chose to share your data, it will not be used for training of any third-party models.”
However, glancing through the ToS I don’t see where Zoom prohibits third-party AI training, only prohibiting training their own models. On the other hand, data for training LLMs is apparently the modern gold-rush and it’s feasible that Zoom wouldn’t want that data to be accessed by any potential competitors.
Holy shit how did I not hear about this but the back to the office thing was everywhere? Fuck that, no. No that is not ok. Fuck. FUCK why is everything going to this shit?
Does software exists that encrypts video and audio data on one end, and requires a key to decrypt on the other end? Anyone looking at the feed without keys would be seeing garbage.
If those you wish to have a video call with already have each others phone numbers then Signal is a option. It supports up to 40 participants. Available on Android, iPhone, Windows, Mac and Linux.
Signal has other great chat/messaging features too.
Also a unofficial community on Kbin
Zoom already does 256bit AES end-to-end encryption. From what I understand it isn’t the live calls but the files and recorded calls you save on their servers after are what they would use for AI training.
Update, August 7, 5:06 p.m.: After this story was published, Zoom issued an update to its Terms of Service. The article has been updated to reflect the change.
Zoom and MS Teams both seem to have E2E encryption for 1-on-1 calls. They own the code, tho, so whether they really cannot decrypt the stuff is a matter of trust.
I’m not sure about the technicals, but there are some services that are HIPAA compliant, which I assume means something similar to the end-to-end encryption you’re describing. WebeX is the one I know one of my local hospital systems uses.
Yes, E2EE video call software exists, but then you’d be using something other than Zoom.
Theoretically you could have everyone in a call use a plugin that “added” E2EE to Zoom, but I’m not certain such a plugin exists - and even if it did, ensuring everyone you communicate with Zoom uses it would be enough of a barrier that it’d be simpler to just use something other than Zoom that has E2EE baked in.
Only thing I heard about zoom is their back to office?
They changed their TOS to allow themselves to license everyone’s videos for A.I. training (or anything else). One of the execs tried to say they weren’t doing that but unless they change their TOS, they can and no doubt will.
For some people, that’s a personal privacy issue but for people who have Zoom calls about, for instance, health records, it makes Zoom illegal. And even if it’s not illegal, companies use video calls for discussing proprietary information they don’t want to be potentially licensed to competitors.
Wow, wtf…it seems like every big tech company is going through “enshittification”. Is there an open-source alternative for Zoom that is hopefully more privacy-focused?
I haven’t used it but the !selfhosted community has mentioned Jitsy Meet before.
Just discovered it too from !privacy. Reading about it now, it’s FOSS which is always good. Here’s the link: https://meet.jit.si/
There’s element call as well. (https://call.element.io)
Apparently they did:
How exactly they obtain customer “consent” isn’t disclosed.
I’m not so worried about Zoom adding fancy autocomplete (“training our models”) as I am with them licensing it out. This is what section 10.4 says before the caveat:
I don’t think that extra caveat even addresses licensing meeting content to third parties for training A.I.
A bit later in the article also addresses this:
However, glancing through the ToS I don’t see where Zoom prohibits third-party AI training, only prohibiting training their own models. On the other hand, data for training LLMs is apparently the modern gold-rush and it’s feasible that Zoom wouldn’t want that data to be accessed by any potential competitors.
you agreed to the TOS, therefore they have your consent.
Holy shit how did I not hear about this but the back to the office thing was everywhere? Fuck that, no. No that is not ok. Fuck. FUCK why is everything going to this shit?
Does software exists that encrypts video and audio data on one end, and requires a key to decrypt on the other end? Anyone looking at the feed without keys would be seeing garbage.
If those you wish to have a video call with already have each others phone numbers then Signal is a option. It supports up to 40 participants. Available on Android, iPhone, Windows, Mac and Linux.
Signal has other great chat/messaging features too.
Also a unofficial community on Kbin
Oh,forgot to mention there is support for sharing screen and separate window on desktop. Unsure about mobile clients.
Zoom already does 256bit AES end-to-end encryption. From what I understand it isn’t the live calls but the files and recorded calls you save on their servers after are what they would use for AI training.
Zoom already updated their TOS a few hours ago to supposedly address the issue. https://gizmodo.com/zoom-ai-privacy-policy-train-on-your-data-1850712655
Zoom and MS Teams both seem to have E2E encryption for 1-on-1 calls. They own the code, tho, so whether they really cannot decrypt the stuff is a matter of trust.
Yes. End to end encryption between two parties is pretty trivial to implement. Video and audio is no exception.
I’m not sure about the technicals, but there are some services that are HIPAA compliant, which I assume means something similar to the end-to-end encryption you’re describing. WebeX is the one I know one of my local hospital systems uses.
Yes, E2EE video call software exists, but then you’d be using something other than Zoom.
Theoretically you could have everyone in a call use a plugin that “added” E2EE to Zoom, but I’m not certain such a plugin exists - and even if it did, ensuring everyone you communicate with Zoom uses it would be enough of a barrier that it’d be simpler to just use something other than Zoom that has E2EE baked in.
They also gave an opt-in to allow all your data to be used to train AI models. You auto opt-in if you use any of their AI assisted services