this post was submitted on 06 Aug 2023
401 points (100.0% liked)

Technology

37716 readers
758 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Relevant text:

10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, training, testing, improvement of the Services, Software, or Zoom’s other products, services, and software, or any combination thereof; and (iii) for any other purpose relating to any use or other act permitted in accordance with Section 10.3. If you have any Proprietary Rights in or to Service Generated Data or Aggregated Anonymous Data, you hereby grant Zoom a perpetual, irrevocable, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to enable Zoom to exercise its rights pertaining to Service Generated Data and Aggregated Anonymous Data, as the case may be, in accordance with this Agreement.

all 41 comments
sorted by: hot top controversial new old
[–] otter@lemmy.ca 75 points 1 year ago (2 children)

Zoom is used by a lot of institutions for official, sometimes sensitive work (ex. Healthcare, education, etc.)

How are those plans affected by this change?

[–] Vodulas@beehaw.org 27 points 1 year ago (1 children)

Zoom has a healthcare specific license for healthcare. Don't think they could add that in and stay HIPAA compliant, but I can't any exceptions in the ToS so maybe US healthcare is actually trash and this is "fine"

[–] Gaywallet@beehaw.org 14 points 1 year ago

It's definitely not fine, but they may be stupid enough to try and train a model on healthcare zoom meetings. I think I'm gonna let my healthcare company security team know. We do a lot of cross collaborative meetings with the university and I'm not sure their license is the healthcare one. Typically that's all just resolved through a business agreement, but if it's a part of the ToS now they may be violating HIPAA without knowing it even while having business agreements not to. Might be worth filling a complaint to give the hhs a heads up that they're potentially noncompliant.

[–] gabe@literature.cafe 23 points 1 year ago (1 children)

My synagogue uses zoom and I’m afraid of the potential risk this might place them with now

[–] TigrisMorte@kbin.social 27 points 1 year ago

for meeting and other video conferencing needs: https://jitsi.org/jitsi-meet/ , not hard to set up and get going.

and of course just video chat with no back end there is always https://vdo.ninja/ though I strongly recommend rolling up a jitsi-meet server

for streaming https://obsproject.com/

Zoom could easily be replaced at little cost other than someone's time and a donated fairly modern computer (note: businesses can often deduct the full value of the computer if it is two years or less old and is donated to a qualifying organization, such as a Synagogue).

[–] nhgeek@beehaw.org 35 points 1 year ago

This is not good. Thanks for highlighting this. I flagged this for my company’s enterprise risk management committee to consider and act upon.

[–] soeren@iusearchlinux.fyi 30 points 1 year ago

I had to get security clearance for my job. I hope this finally convinces them to not use zoom anymore. Otherwise the security clearance thing is a joke.

[–] PotentiallyAnApricot@beehaw.org 29 points 1 year ago* (last edited 1 year ago)

For people who physically cannot go places or access important services (like healthcare, or their jobs) in person, this is a double violation, because it’s unavoidable. Increasingly, the only spaces available to us, our only avenues for accessing services or community, are becoming heavily surveilled in a way that in-person places are not (though in some places physical spaces are catching up). Everyone deserves well-enforced privacy laws and all these corporations should be regulated , but for people who are disabled or housbound or otherwise forced to rely on digital services that we know we can’t trust, it’s extra bad. Between this and the heavy push to sign up for digital medial record apps, I do not feel great about the future.

[–] Sebbie@kbin.social 29 points 1 year ago (1 children)

Went to look at the TOS. The service generated data (10.2) isn't actually the bad part. However, 10.4 is.

10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, training, testing, improvement of the Services, Software, or Zoom’s other products, services, and software, or any combination thereof; and (iii) for any other purpose relating to any use or other act permitted in accordance with Section 10.3. If you have any Proprietary Rights in or to Service Generated Data or Aggregated Anonymous Data, you hereby grant Zoom a perpetual, irrevocable, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to enable Zoom to exercise its rights pertaining to Service Generated Data and Aggregated Anonymous Data, as the case may be, in accordance with this Agreement.

Full Text
https://explore.zoom.us/en/terms/

[–] aranym@lemmy.name 8 points 1 year ago* (last edited 1 year ago)

You're correct, I mistakenly copied the wrong section. (Posted this from my phone)

Fixed!

[–] rhymepurple@lemmy.ml 28 points 1 year ago* (last edited 1 year ago) (2 children)

A free, libre, opensource, and privacy focused alternative to Zoom is Jitsi, which can be used without an account.

If you want even more privacy, you could host your own video conferencing service. Some options are below.

[–] esaru@beehaw.org 1 points 1 year ago* (last edited 1 year ago)

which can be used without an account.

Not anymore. You need to login via a Google/Facebook/Github (Microsoft) account to create a meeting room starting from end of August 2023.

[–] fastfinge@rblind.com 0 points 1 year ago (1 children)

How many of those support captions?

[–] rhymepurple@lemmy.ml 5 points 1 year ago (1 children)

I'm not sure which use case you're referring to specifically, but I have not used any caption functionality in any of the services listed. However, I was able to find the below documentation. At a quick glance, it looks like Jitsi and BigBlueButton support captions better than Jami does.

[–] fastfinge@rblind.com 0 points 1 year ago (1 children)

Ah, good to know! I don't use meeting platforms that aren't accessible by default for everyone. Looks like the problem, at least in Jitsi, is that enable captions defaults to off. It would need to default to on before I could use it.

[–] rhymepurple@lemmy.ml 3 points 1 year ago (1 children)

What do you mean by "defaults to off"? The links for Jitsi were just to how it's set for recording. However, closed captions seem to be turned on by default already. I think that may be more what you are looking for?

[–] fastfinge@rblind.com 1 points 1 year ago

Based on the links you gave, it seems that captions default to off when new servers are created.

[–] Repossess6855@lemmy.dbzer0.com 25 points 1 year ago (1 children)

Can’t wait for the impending data breach and all of the sensitive AI training conversation data is leaked

[–] ares35@kbin.social 7 points 1 year ago

and when that data ends up going a lot farther back than the date of this policy change... that is, that they've been collecting it all this time.

[–] shiveyarbles@beehaw.org 25 points 1 year ago (3 children)

Ahh yes they're going to harvest the infinite wisdom from our weekly conference calls. "Bob you're on mute". "Can you hear me now?" I hear echoes " " Bill is that a bong on your desk?"

[–] evatronic@lemm.ee 6 points 1 year ago

Dare you not forget, "You sound like a robot!"

[–] Vekt0rz@lemm.ee 1 points 1 year ago

They will be able to replicate your likeness digitally. Only a matter of time.

[–] Buttons@programming.dev 23 points 1 year ago* (last edited 1 year ago)

Entire industries are bound by the terms of a single company. Time for some anti-trust enforcement.

Some privacy protection laws would also be good.

[–] kuchaibee@beehaw.org 18 points 1 year ago (1 children)

This sucks. A lot of people like me only use zoom because classes/webinars/meetings/interviews are hosted there and we can't really complain about something we have to attend for our own good, especially if everyone else is doing it. It sucks so bad, I hate how it's like this. I wish people in my country would care enough to find this AI shit a red flag, but sadly I don't think so.

[–] tuhriel@infosec.pub 3 points 1 year ago

It still might help if you point it out to the orginsator... Especially if you makebit clear to them that their copyrighted slides, etc. will be part of that aswell

[–] knowledgephoenix@beehaw.org 17 points 1 year ago (2 children)

User-generated data like recordings of all video and audio from meetings? Is that legal? And wouldn’t that be a lot of video to store?

of course it's legal. You clicked "I agree" once 8 years ago when your aunt sent you a zoom link, that means they can watch everything you ever do ever again for any purpose, and that's completely fair. /s

We need to ban the TOS model. There is no way artists uploading to DeviantArt 15 years ago could have known that their art was going to be trained on, there's no way that should be legal. We shouldn't be forced to sign away all rights for our content so it can be used in ways that don't even exist yet so we can join a video call. When we had landlines we had laws about this, but we've never seen anything like that for the internet.

[–] wagoner@infosec.pub 1 points 1 year ago

I'm confused also. Does it really encompass this?

[–] prole@beehaw.org 16 points 1 year ago

So I guess Zoom will be banned in Europe?

[–] intensely_human@lemm.ee 13 points 1 year ago (1 children)

Does that imply Zoom is not end to end encrypted?

[–] aranym@lemmy.name 14 points 1 year ago* (last edited 1 year ago) (1 children)

It never is by default. In fact, they got in a bit of a fiasco early on (before their current E2EE implementation) for using the term "end to end encrypted" after it was revealed they were simply referring to TLS.

[–] intensely_human@lemm.ee 3 points 1 year ago

huh. It’s not even misleading it’s just plain false. TLS doesn’t operate at the application layer, it operates at the Transport Layer. End to end means Application Level encryption.

[–] ijeff@lemdro.id 6 points 1 year ago

Interesting. I wonder if anyone has a document comparison between the two versions.

[–] wagoner@infosec.pub 2 points 1 year ago (1 children)

Definition of Customer Content, from the terms:

10.1 Customer Content. You or your End Users may provide, upload, or originate data, content, files, documents, or other materials (collectively, “Customer Input”) in accessing or using the Services or Software, and Zoom may provide, create, or make available to you, in its sole discretion or as part of the Services, certain derivatives, transcripts, analytics, outputs, visual displays, or data sets resulting from the Customer Input (together with Customer Input, “Customer Content”); provided, however, that no Customer Content provided, created, or made available by Zoom results in any conveyance, assignment, or other transfer of Zoom’s Proprietary Rights contained or embodied in the Services, Software, or other technology used to provide, create, or make available any Customer Content in any way and Zoom retains all Proprietary Rights therein. You further acknowledge that any Customer Content provided, created, or made available to you by Zoom is for your or your End Users’ use solely in connection with use of the Services, and that you are solely responsible for Customer Content.

[–] aranym@lemmy.name 2 points 1 year ago

tl;dr: Customer Content encompasses all data originating from your machine sent to Zoom servers.

[–] Misconduct@startrek.website 1 points 1 year ago

Oh no. I'm gonna have to switch to something else from the plethora of video call options for my yearly Christmas call with family. The horroooorrrrre