Relevant text:
10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, training, testing, improvement of the Services, Software, or Zoom’s other products, services, and software, or any combination thereof; and (iii) for any other purpose relating to any use or other act permitted in accordance with Section 10.3. If you have any Proprietary Rights in or to Service Generated Data or Aggregated Anonymous Data, you hereby grant Zoom a perpetual, irrevocable, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to enable Zoom to exercise its rights pertaining to Service Generated Data and Aggregated Anonymous Data, as the case may be, in accordance with this Agreement.
Zoom is used by a lot of institutions for official, sometimes sensitive work (ex. Healthcare, education, etc.)
How are those plans affected by this change?
Zoom has a healthcare specific license for healthcare. Don’t think they could add that in and stay HIPAA compliant, but I can’t any exceptions in the ToS so maybe US healthcare is actually trash and this is “fine”
It’s definitely not fine, but they may be stupid enough to try and train a model on healthcare zoom meetings. I think I’m gonna let my healthcare company security team know. We do a lot of cross collaborative meetings with the university and I’m not sure their license is the healthcare one. Typically that’s all just resolved through a business agreement, but if it’s a part of the ToS now they may be violating HIPAA without knowing it even while having business agreements not to. Might be worth filling a complaint to give the hhs a heads up that they’re potentially noncompliant.
My synagogue uses zoom and I’m afraid of the potential risk this might place them with now
for meeting and other video conferencing needs: https://jitsi.org/jitsi-meet/ , not hard to set up and get going.
and of course just video chat with no back end there is always https://vdo.ninja/ though I strongly recommend rolling up a jitsi-meet server
for streaming https://obsproject.com/
Zoom could easily be replaced at little cost other than someone’s time and a donated fairly modern computer (note: businesses can often deduct the full value of the computer if it is two years or less old and is donated to a qualifying organization, such as a Synagogue).
This is not good. Thanks for highlighting this. I flagged this for my company’s enterprise risk management committee to consider and act upon.
A free, libre, opensource, and privacy focused alternative to Zoom is Jitsi, which can be used without an account.
If you want even more privacy, you could host your own video conferencing service. Some options are below.
How many of those support captions?
I’m not sure which use case you’re referring to specifically, but I have not used any caption functionality in any of the services listed. However, I was able to find the below documentation. At a quick glance, it looks like Jitsi and BigBlueButton support captions better than Jami does.
- Jitsi
- BigBlueButton
- Jami
Went to look at the TOS. The service generated data (10.2) isn’t actually the bad part. However, 10.4 is.
10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, training, testing, improvement of the Services, Software, or Zoom’s other products, services, and software, or any combination thereof; and (iii) for any other purpose relating to any use or other act permitted in accordance with Section 10.3. If you have any Proprietary Rights in or to Service Generated Data or Aggregated Anonymous Data, you hereby grant Zoom a perpetual, irrevocable, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to enable Zoom to exercise its rights pertaining to Service Generated Data and Aggregated Anonymous Data, as the case may be, in accordance with this Agreement.
Full Text
https://explore.zoom.us/en/terms/You’re correct, I mistakenly copied the wrong section. Fixed!
Ahh yes they’re going to harvest the infinite wisdom from our weekly conference calls. “Bob you’re on mute”. “Can you hear me now?” I hear echoes " " Bill is that a bong on your desk?"
Dare you not forget, “You sound like a robot!”
I had to get security clearance for my job. I hope this finally convinces them to not use zoom anymore. Otherwise the security clearance thing is a joke.
So I guess Zoom will be banned in Europe?
deleted by creator
zoom is a privacy and security nightmare.
The irony of zoom buying keybase…
Does that imply Zoom is not end to end encrypted?
It never is by default. In fact, they got in a bit of a fiasco early on for using the term “end to end encrypted” after it was revealed they were simply referring to TLS.
For people who physically cannot go places or access important services (like healthcare, or their jobs) in person, this is a double violation, because it’s unavoidable. Increasingly, the only spaces available to us, our only avenues for accessing services or community, are becoming heavily surveilled in a way that in-person places are not (though in some places physical spaces are catching up). Everyone deserves well-enforced privacy laws and all these corporations should be regulated , but for people who are disabled or housbound or otherwise forced to rely on digital services that we know we can’t trust, it’s extra bad. Between this and the heavy push to sign up for digital medial record apps, I do not feel great about the future.
Can’t wait for the impending data breach and all of the sensitive AI training conversation data is leaked
and when that data ends up going a lot farther back than the date of this policy change… that is, that they’ve been collecting it all this time.
User-generated data like recordings of all video and audio from meetings? Is that legal? And wouldn’t that be a lot of video to store?
of course it’s legal. You clicked “I agree” once 8 years ago when your aunt sent you a zoom link, that means they can watch everything you ever do ever again for any purpose, and that’s completely fair. /s
We need to ban the TOS model. There is no way artists uploading to DeviantArt 15 years ago could have known that their art was going to be trained on, there’s no way that should be legal. We shouldn’t be forced to sign away all rights for our content so it can be used in ways that don’t even exist yet so we can join a video call. When we had landlines we had laws about this, but we’ve never seen anything like that for the internet.
This sucks. A lot of people like me only use zoom because classes/webinars/meetings/interviews are hosted there and we can’t really complain about something we have to attend for our own good, especially if everyone else is doing it. It sucks so bad, I hate how it’s like this. I wish people in my country would care enough to find this AI shit a red flag, but sadly I don’t think so.
Entire industries are bound by the terms of a single company. Time for some anti-trust enforcement.
Some privacy protection laws would also be good.
Some politicians who are capable of understanding any of this would also be good. (What a mess we’re in.)