Hacker News new | ask | show | jobs
by stronglikedan 1050 days ago
I don't think it's reasonable that a SaaS should be able to train their AI on anything that is uploaded (if you're paying for the service). In fact, I don't think it's reasonable that they should even have access to view what you're uploading and sharing in private meetings. If neither of those were true, then they wouldn't have to worry about IP infringement.
2 comments
raynr 1050 days ago
> In fact, I don't think it's reasonable that they should even have access to view what you're uploading and sharing in private meetings.

There may be a setting you can set in the application to disable this. I don't know, I don't use Zoom.

But in any case, I think you hit the nail on the head. Just from a plain English perspective:

10.1 says that content you (as host or participant) upload to Zoom, may be used by Zoom to provide derivative information. An example listed is transcripts. Both the information you upload, and the information Zoom provides, is "Customer Content". Customer Content is your responsibility.

10.3 and 10.4 covers a wide variety of purposes for which Zoom can use the Customer Content.

10.5 says that Zoom will reasonably protect Customer Content from unauthorized disclosure, etc., but that it has no other obligations with respect to Customer Content. In particular, it can share the Customer Content with their "consultants,contractors, service providers, subprocessors, and other Zoom-authorized third parties accessing, using, collecting, maintaining, processing, storing, and transmitting Customer Content on Zoom’s or your (or your End Users’) behalf in connection with the Services or Software".

17.1, the confidentiality clause, says that Customer Content is not confidential information. That suggest the obligations of confidentiality, such as disclosing to third parties only with a confidentiality agreement in place, do not apply.

So if I'm reading this right, Zoom can disclose your meeting transcripts [edit: I meant audio of your meeting] to a third party, without an obligation of confidence between Zoom and that third party, so long as it is for the purposes of providing you the transcript feature.

Which is really strange, to say the least. At minimum I would expect Zoom to treat Customer Content as confidential.

Wish a lawyer could read this and give us (free) insight.

link
lifeinthevoid 1050 days ago
Zoom End-to-End encryption should theoretically not allow Zoom to see any of the content no?
link
screamingninja 1050 days ago
There was a big controversy around Zoom calling it E2E with their server being one of the ends. Not sure what their new narrative is but I do not trust Zoom to do the right thing regardless.
link
remram 1050 days ago
Cloudflare does the same thing.
link
pipingdog 1050 days ago
I'll go out on a limb and propose that end-to-end encryption and many-to-many real-time multimedia communication are two things that aren't often combined in a single product.
link
bigfishrunning 1050 days ago
only if you trust them -- zoom has never had me submit a public key of any kind, so they're in control of all encryption parameters
link