If you use Zoom for business meetings or healthcare, you should stop.
By now, I’m sure all readers are familiar with the company. Zoom is a video conferencing platform. Widespread lockdowns during the pandemic saw its daily meeting participants jump from 10 million in December 2019 to 300 million in April 2020.
It was arguably one of the biggest benefactors of Covid-19. Its share price increased by 1,579%… and revenue grew from $330 million to over $4 billion.
Now that lockdowns are over and people are returning to work, Zoom’s growth has largely stalled out.
That’s caused the share price to plummet 88% from its peak.
And that’s led to Zoom’s latest decision. It’s moving into AI. It wants to chase the next hot trend in tech stocks.
But it’s going about it all the wrong way.
Zoom updated its terms of service to open the door for training AI. But it’s alienating its customer base of enterprises and healthcare providers in the process.
Zoom’s new terms of service are invasive. Here’s just one line about the rights you’re being asked to give away by using Zoom:
You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary.
In layman’s terms, Zoom wants you to agree to let it use your likeness or intellectual property (IP) in any way it sees fit. Zoom has downplayed these allegations by saying it just wants to be able to create digital avatars with your likeness. But I don’t believe that.
Zoom realizes that it can train an AI model with the millions of minutes users log every day. In 2020, Zoom users logged over 45 billion minutes of video chat on the platform . Using speech-to-text transcription, the company would have access to a massive – if unethical – data set.
This goes beyond just a breach of trust. Zoom is opening the door to potentially steal IP. Depending on the conversation, this could even breach Health Insurance Portability and Accountability Act (HIPAA) compliance – which protects patient privacy and medical information.
I don’t think Zoom wants to steal intellectual property. But I do think it could mishandle IP in a way that leaks it out to the world.
After all, think about it. How often do we hear about a major corporation that “lost” sensitive customer data through lax cybersecurity? It happens constantly.
My concern for businesses is that conversations about IP will be fed into Zoom’s AI. Then, other users will be able to gain access to this information through prompts and dialogue.
This would create a huge problem for businesses. Imagine spending millions of dollars over months or years to develop new tech, only to have a competitor stumble on your secrets while chatting with Zoom’s AI.
That may sound unlikely, but that’s exactly what Zoom is permitting itself to do in section 10.4.
If you have any Proprietary Rights in or to Service Generated Data or Aggregated Anonymous Data, you hereby grant Zoom a perpetual, irrevocable, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to enable Zoom to exercise its rights pertaining to Service Generated Data and Aggregated Anonymous Data.
This goes beyond IP. Millions of patients are also at risk.
In the wake of Covid, millions of Americans began meeting with their healthcare providers over Zoom. In 2021, 85% of physicians in an American Medical Association study were using telehealth options like Zoom.
Zoom gives itself the right to collect sensitive patient information. That would violate HIPAA compliance.
HIPAA is what stops doctors and medical workers from sharing your information with anyone that isn’t authorized. You’ve probably signed paperwork at your doctor’s office to allow your medical records to be shared with your spouse. That’s just one example of HIPAA in action.
The new terms of service allow Zoom to record your entire conversation with your doctor over Zoom. It’s anyone’s guess what Zoom is going to do with that data.
But I certainly wouldn’t want my healthcare data fed into an AI.
Zoom is going about AI all wrong. That’s why I’m recommending to my friends, family, and colleagues to stop using Zoom immediately.
But there are other companies that show us how to do enterprise AI the right way.
Privacy in the Age of AI
Amazon and Salesforce are two examples of companies handling business and healthcare data the right way.
Amazon’s Bedrock service allows companies to use a third-party AI without feeding their proprietary data into the AI’s training model. That means you get the benefit of an AI that can access your company data… but can’t store it or allow others to have access to it.
Similarly, Salesforce is using what it’s calling a “trust layer” to protect sensitive data. That includes IP, client information, and patient information.
The trust layer restricts Salesforce’s AI. It can limit access to only certain people… or not store any of the information. The trust layer allows a given company to decide on the information that is stored and shared.
These are the kinds of safeguards that clients, enterprises or individuals, should expect when using AI.
This is going to be a major obstacle for the industry going forward. The companies that pull this off correctly will benefit. Others – like Zoom – could see their share price fall even further as customers leave the platform.
AI is a powerful tool. It’s more important now than ever to make sure the companies we use are being responsible with how they handle our data.
Editor, The Bleeding Edge