Taiwan bans government use of Zoom after data was ‘mistakenly’ routed through China

Lucas Niewenhuis Published April 7, 2020

Zoom, the video conferencing app that has seen a twentyfold increase in traffic during the COVID-19 pandemic, has dealt with a corresponding increase in scrutiny of its security practices in recent weeks. A CNET article documents the unsettlingly long list of security problems in the app that have come to light.

A China-related security vulnerability was uncovered by University of Toronto’s Citizen Lab last Friday. As the Financial Times explains (paywall), “in some cases, Zoom’s encryption keys — the code used to unscramble meetings data — appeared to be being sent to servers in Beijing,” and given China’s cybersecurity laws, Citizen Lab said that “Zoom may be legally obligated to disclose these keys to authorities in China.”

In a blog post, the company’s founder, Eric Yuan (Yuán Zhēng 袁征), explained that the data had been “mistakenly” routed through the company’s two Chinese data centers, and emphasized that government customers had not been affected.

Taiwan, however, is taking no chances: Quartz reports, “In a statement (in Chinese), Taiwan’s executive branch said it had informed all government agencies to cease the use of ‘products with information security concerns, such as Zoom.’ Instead, it recommended that officials use conferencing software provided by other companies, such as Google and Microsoft.”

—Lucas Niewenhuis

Lucas Niewenhuis is the Newsletter Editor at The China Project. Previously, he has researched China-Africa relations at the Social Science Research Council, interned at the Council on Foreign Relations, and studied Chinese language and culture in Shanghai and Beijing. Read more

Twitter

Suggested for you

Society & Culture

Cookie	Description
_gat	This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites.
YSC	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Description
bcookie	This cookie is set by linkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
lang	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	This cookie is set by LinkedIn and used for routing.
PugT	This cookie is set by pubmatic.com. The purpose of the cookie is to check when the cookies were last updated on the browser in order to limit the number of calls to the server-side cookie store.

Cookie	Description
__gads	This cookie is set by Google and stored under the name dounleclick.com. This cookie is used to track how many times users see a particular advert which helps in measuring the success of the campaign and calculate the revenue generated by the campaign. These cookies can only be read from the domain that it is set on so it will not track any data while browsing through another sites.
_ga	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randomly generated number to identify unique visitors.
_gid	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
_omappvp	The cookie is set to identify new vs returning users. The cookie is used in conjunction with _omappvs cookie to determine whether a user is new or returning.
_omappvs	The cookie is used to in conjunction with the _omappvp cookies. If the cookies are set, the user is a returning user. If neither of the cookies are set, the user is a new user.
GPS	This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location

Cookie	Description
__qca	This cookie is associated with Quantcast and is used for collecting anonymized data to analyze log data from different websites to create reports that enables the website owners and advertisers provide ads for the appropriate audience segments.
_fbp	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
everest_g_v2	The cookie is set under eversttech.net domain. The purpose of the cookie is to map clicks to other events on the client's website.
fr	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
mc	This cookie is associated with Quantserve to track anonymously how a user interact with the website.
personalization_id	This cookie is set by twitter.com. It is used integrate the sharing features of this social media. It also stores information about how the user uses the website for tracking and targeting.
PUBMDCID	This cookie is set by pubmatic.com. The cookie stores an ID that is used to display ads on the users' browser.
TDCPM	The cookie is set by CloudFare service to store a unique ID to identify a returning users device which then is used for targeted advertising.
TDID	The cookie is set by CloudFare service to store a unique ID to identify a returning users device which then is used for targeted advertising.
test_cookie	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the users' browser supports cookies.
uid	This cookie is used to measure the number and behavior of the visitors to the website anonymously. The data includes the number of visits, average duration of the visit on the website, pages visited, etc. for the purpose of better understanding user preferences for targeted advertisments.
uuid	To optimize ad relevance by collecting visitor data from multiple websites such as what pages have been loaded.
uuidc	This cookie is used to stores information about how the user uses the website such as what pages have been loaded and any other advertisement before visiting the website. This data is used to provide users with relevant ads.
VISITOR_INFO1_LIVE	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Trending

Trending

Taiwan bans government use of Zoom after data was ‘mistakenly’ routed through China

Suggested for you

This Land Is Not Your Land

China faces college admissions scandal after identity theft cases reported in Shandong

China accuses India of ‘vile’ acts on border

‘The Chinese leadership has miscalculated’: Deepa Ollapally on the India-China border conflict

Chinese basketball returns after five-month absence

The youth are angry, but it’s business as usual for Hong Kong’s corporate elite as they embrace national security law

Subscribe

About

Business Services

Advertise

Trending

Extended Navigation

Trending

Suggested for you