Source: Ars Technica
Richard Blumenthal, the US senator sponsoring a bill that critics say will limit the use of encryption, is calling for an investigation of video-conference provider Zoom, in part over its false claim it offered... end-to-end encryption.
The Connecticut Democrat is a sponsor of the EARN IT (Eliminating Abusive and Rampant Neglect of Interactive Technologies) Act bill that would create incentives for companies to make changes to their platforms. In return, the companies would receive liability protections for any violations of laws related to online child sexual abuse material. Critics of the proposed law, who include the Electronic Frontier Foundation and Sen. Ron Wyden (D-Ore.), say it's a Trojan horse designed to allow the government to weaken end-to-end encryption.
A pattern of privacy infringements
Citing a "pattern of security failures & privacy infringements," Sen. Blumenthal on Tuesday called for the FTC to investigate Zoom. Chief among cited privacy infringements is the claim on the Zoom website that meetings were end-to-end encrypted, meaning video, audio, and text was encrypted at all times in transit, and couldn't be decrypted by Zoom or anyone else, other than conference participants. A post published last week by The Intercept reported that Zoom meetings, in fact, used what's usually called transport encryption, which allows Zoom to decrypt meeting data.