Zoom Will Let Paid Customers Control Where Their Calls Are Routed After a report revealed Zoom was transmitting encryption keys through China, the company will now allow paying customers to opt in or out of a specific data center region so they know exactly where their data is going.
By Stephanie Mlot Edited by Frances Dodds
This story originally appeared on PC Mag
Zoom will soon let paid customers choose the data center through which their calls are routed. Beginning April 18, clients can opt in or out of a specific region, customizing the servers used to connect to hosted meetings.
The move comes after an April 3 report from the University of Toronto's Citizen Lab found that Zoom was transmitting encryption keys through China. Researchers revealed that "during multiple test calls in North America, we observed keys for encrypting and decrypting [Zoom] meetings transmitted to servers in Beijing." The app, they said, uses "non-industry-standard cryptographic techniques with identifiable weaknesses."
Folks using Zoom for regular catch-ups, social events, or courses that would otherwise be held in a public or semi-public place have little to worry about. It's those sharing secrets via the digital meeting platform who should be concerned, according to Citizen Lab.
Only for a few more days, though. Starting Saturday, every paying Zoom customer can customize which data center region their account uses for real-time meeting traffic. Choose from one of eight designated zones: Australia, Canada, China, Europe, India, Japan/Hong Kong, Latin America, and the United States. You cannot change or opt out of your default region—the US, for most people—which is locked.
"This feature gives our customers more control over their data and their interaction with our global network when using Zoom's industry-leading video communication services," CTO Brendan Ittelson wrote in a blog post.
Free users are chained to data centers within their default region. Data of free users outside China "will never be routed through China," Ittelson said. Earlier this month, the company admitted it was mistakenly using Chinese servers to generate encryption keys for North American users. They have since been taken off a list of "backup bridges," which can serve users during times of high traffic.
Citizen Lab also identified a security issue with Zoom's Waiting Room feature, the details of which will be published in the future, in an attempt to prevent the flaw from being exploited.