Taiwan Bans Zoom Amid Mounting Security Concerns

April 9, 2020 Updated: April 9, 2020

Taiwan’s government has banned all official use of video conferencing service Zoom amid mounting security concerns, marking the first time a government has imposed a formal action against the company.

In a statement published April 7, the Taiwanese government’s executive branch said that “If agencies must hold remote videoconferencing for business needs, they should not use products with security concerns such as Zoom,” and that “non-Chinese video software must be used.”

“At present, all major international information service providers provide free software during the epidemic, such as Google or Microsoft. Under the security risk assessment, [these] can be considered for use,” it continued.

Zoom’s popularity has skyrocketed in recent weeks as strict social distancing measures and stay-at-home orders have been rolled out in nations across the globe. Governments, businesses, and even schools have been forced to work from home amid the CCP (Chinese Communist Party) virus pandemic and have utilized the video conferencing service to maintain communication.

A statement published by Zoom’s CEO Eric Yuan on April 1 said the company, which is headquartered in San Jose, California, has seen its daily user base grow from 10 million in December last year to more than 200 million last month, including over 90,000 schools across 20 countries, adding that it had far surpassed their initial expectations.

However, Zoom has also come under scrutiny in recent months due to a range of security and privacy concerns and after the CEO admitted its encryption keys were being transmitted to servers in China in some cases. More recently, Zoom’s privacy and security features are being carefully examined after hackers exploited a screen-sharing feature by hijacking meetings and online classrooms with messages in an emerging phenomenon known as “zoom-bombing.”

Yuan has since apologized for mistakenly routing calls via China, explaining that it had occurred because the company had been dealing with a “massive increase” in demand. The CEO said the company has since corrected this and has stopped using that capacity as backup for non-Chinese clients. “We have also been working on improving our encryption and will be working with experts to ensure we are following best practices,” he added, but did not say how many users had been affected by the issue.

As China refuses to acknowledge Taiwan as an independent state—despite the self-ruled island having its own currency, military, and democratically-elected government—official data being relayed through China could be considered a privacy threat for the nation.

Shortly after Taiwan’s announcement banning the video conferencing service, the German foreign ministry also restricted the use of Zoom on Wednesday, due to the lack of adequate encryption and “critical” weaknesses in the software, according to German newspaper Handelsblatt.

In the United States a number of schools have banned the use of Zoom for remote classes and switched to Microsoft Teams. New York City Attorney General Letitia James has also initiated investigations into Zoom over privacy and data security practices, while in California one of its shareholders has filed a lawsuit against the company accusing it of overstating its privacy standards and failing to disclose that its service was not end-to-end encrypted.

The shareholder, Michael Drieu, claimed in a court filing that a string of recent media reports highlighting the privacy flaws in Zoom’s application have led to the company’s stock to plummet.

More recently, Elon Musk’s SpaceX banned employees from using the software because of “significant privacy and security concerns,” while space agency NASA has done the same. Earlier this week, Google also banned the use of Zoom on employee computers as it “does not meet security standards.”

Janita Kan contributed to this report.