Second Strike for Zoom

The Washington Post this evening reported that Federal Prosecutors have accused a Zoom executive of working with the Chinese Government to surveil users and suppress video calls.

https://www.washingtonpost.com/technology/2020/12/18/zoom-he…

This is the second big strike for Zoom in my book. The first was early on in the Pandemic when it was revealed that they were making claims about the security of their platform that were in fact not true.

Both of these developments, occurring within less than a year’s time, leave me with very mixed feelings about management and the culture of the company. On the one hand this has been a good investment for me, but on the other my reservations about the company are growing stronger. There are lots of good companies to invest in out there, so I expect I’ll close out my position and redeploy.

Regards,

Dorset

highlights the often-hidden threats of censorship on a forum promoted as a platform for free speech.

• That’s not any kind of understanding I have of Zoom’s marketing?
• I think this “second strike” is actually the same event that attention was drawn to back in early 2020.
• I feel sure (pretty sure) Zoom has moved past this and won’t be making similar mistakes, soon.
• But, being “global” is not easy. Just look at Facebook’s troubles in Jakarta, too. It’s not like they can just operate globally and only adhere to U.S. laws and norms.

China-based executive, Xinjiang Jin, worked as Zoom’s primary liaison with Chinese law enforcement … this is ~90% grandstanding by federal prosecutors, because they will never get their hands on this Chinese citizen, who was working in China, for Zoom.

Or maybe…

Maybe ZM is innocent
Maybe management is as surprised as we are
Maybe someone has an axe to grind against someone who stole their market share
Maybe a journalists’ sister’s boyfriend just got laid off by a shrinking competitor
Maybe maybe maybe

Or maybe…

Maybe they do have a rogue employee

Or maybe…

Maybe we can not expect a small, young company to take over their industry with dozens of employees and customers, morphing to thousands of employees and hundreds of thousands of customers, all in 1 year, without a mistake somewhere. That’s not an excuse, it’s just a question, because that is EXACTLY the company this board searches for.

There are lots of good companies to invest in out there, so I expect I’ll close out my position and redeploy.

Or maybe…

Maybe we can’t handle young, small companies that take over an industry. Things never go perfect, and this is all new ground. But Microsoft never screwed up. Nor Netflix. Nor Amazon. Tesla never made a mistake, did they?

Maybe we have no idea just how rare a “Zoom” is.

Maybe we are reacting prematurely?

Or maybe…

Not. Maybe they’re crooks, first and foremost. Maybe taking over an industry in the worlds’ largest economy was an unintended mistake which they now regret. (Sure took a lot of hard work, though.)

Or maybe…

It’s just Zoom. Maybe they are inadequate to the task. I mean, Microsoft took over the whole world except one Apple Orchard, and nobody has ever said, “God, I hate Microsoft!”, right?

Pardon me if I wait to see the fallout. And maybe … maybe you’re 100% right to bail. If you don’t mind, I hope not.

Dan

https://discussion.fool.com/cloudflare-exec-arrested-34597786.as…

I remember when a few months ago a Cloudflare executive was arrested, and there were a number of posts questioning the integrity of management and in a couple of cases people sold out completely. The share price was $39 at the time. Some people had also been frustrated at Cloudflare’s price action at the time, as it lagged other stocks. Today the share price is $86 (after hours) and this is largely forgotten about.

I was still very new to investing at the time and had looked to the board in what to do in these situations. I decided to stick it out.

While the circumstances in Zoom’s case are different, in my opinion the overarching point is the same. Be careful making reactionary decisions based on sensationalist headlines.

I am always keen to understand the facts of a situation before making a decision. The first I heard about this was an email from Zoom of the press release.

Zoom’s side of the story

For press release: https://investors.zoom.us/static-files/9936e760-7ba0-4df7-bc…
For blog post: https://blog.zoom.us/improving-our-policies-as-we-continue-t…

My immediate interpretation here is that Zoom are being transparent, offering a detailed background and characterising the events as partly the actions of a rogue employee. They announce they were contacted by the DOJ in June and July.

What We’ve Done

- End-to-end encryption: We launched our end-to-end encryption feature to free and paid users worldwide;
- Geo-fenced data routing: We implemented strict geo-fencing procedures around our mainland China data center. No meeting content will ever be routed through our mainland China data center (one of 19 co-located data centers routing traffic) unless the meeting includes a participant from China. Our paid customers have the ability to choose the specific data centers through which their data is routed;
- Internal access controls: We significantly enhanced our internal access controls. Among other things, we have restricted China-based employees’ access to Zoom’s global production network;

• Government Requests Guide: We implemented a Government Requests Guide, which provides that Zoom will subject any government request to a careful and thoughtful review, prioritizing the privacy, security, and safety of our users at all times. Zoom’s handling of requests from any government must now receive approval by Zoom’s U.S. legal department; and
• Employee training: We’ve conducted robust training for employees focused on data protection and compliance.

Perhaps this is why Yuan had stated that he spends ‘all his time’ on security. I am not an expert in this space, and I am waiting to understand from some of the experts whether this is indeed something to ‘shrug off’ or something to pay closer attention to. If someone was leaning to selling out and this tips them over the edge, then that is their decision. Personally I am not making any decisions based on the news article alone, but will listen out for more information.

As for Zoom ‘lying to users about end to end encryption’ and the FTC scrutiny of that I was interested in Beth Kindig’s take on it:

"I expect more from @arstechnica as they are fully aware that enterprise apps do not typically offer end-to-end encryption. Microsoft Teams offers encryption in transit and at rest. What Zoom did here is being blown out of proportion. If the government wants to get involved with free markets then they need to be consistent and go after $MSFT too. With encryption in transit and at rest, the service in the middle can de-crypt. To offer ECE, which $ZM is rolling out, is totally unheard of for enterprise. Slack is encryption in transit and at rest, as well, and does not do end-to-end encryption. The FTC is clearly discouraging free trade by not examining the other competitors to understand the industry standard. Arstechnica should know better and should detail these important facts. The government clearly favors Microsoft but consumers do not." (https://twitter.com/Beth_Kindig/status/1326226267973185537)

Zoom now has the FTC, DOJ and the SEC seemingly breathing down its neck. While that doesn’t reassure me a whole lot, an element of resistance might be expected with a new entrant battering down the incumbents’ door. And what can Zoom do, other than the list of actions above? I would agree it is a distraction the company could probably do without, but if an outcome is a best of breed security offering, perhaps this could end up being a blessing in disguise.

“The government clearly favours Microsoft but consumers do not”. I find it interesting that the government is Zoom’s fastest growing vertical in Q3. Maybe this is a clue of who might end up winning this fight.

Zoom, its easy to agree, has many problems but there are no rapidly growing companies without glitches and missteps. Tesla haha- so many recalls & delays, its like a glitch factory. Some of them have been too greedy, getting themselves in trouble when they were successful enough already- like Google, FB, Apple. One could go on about their missteps.But these huge innovators have so far been successful.

This accusation of Zoom’a collaboration with the Chinese government could be true, could be just a rogue guy, but don’t take it for granted. It would be more credible accusation if our current government were not on a “Maim China- ignore the Russians” quest. And don’t we hack and whack too?. Its the Cold War.
How do we handle it as investors? Jump ship or tread water?

Those of you who can access premium boards should check out this post by rtichy

https://discussion.fool.com/4056/1-it-is-old-news-this-made-news…

The one liner is that this is old news and the fellow involved was a Chinese national who worked for Zoom offices in China … this was not something the company itself was involved in.

Lots more at the link.

Maybe a journalists’ sister’s boyfriend just got laid off by a shrinking competitor

And maybe calling the person a “journalist” is a compliment way above their actual skillset or role expectations; maybe his editor thought they could sell a lot more eyeballs by writing some sensationalist headline grab, because in the age of digital media it’s much more about MONEY than it is about FACTS.

Just saying.

FC

One person wrote:

Maybe a journalists’ sister’s boyfriend just got laid off by a shrinking competitor,

Then a second person wrote:

And maybe calling the person a “journalist” is a compliment way above their actual skillset or role expectations; maybe his editor thought they could sell a lot more eyeballs by writing some sensationalist headline grab, because in the age of digital media it’s much more about MONEY than it is about FACTS.

Just saying.

This isn’t how reporting works at the Washington Post, or at virtually any mainstream U.S. news organization.

But to avoid the debate about that, it might be useful to go straight to the source–the criminal complaint filed by DOJ in the Eastern District of New York. I don’t know how to attach the PDF, but I can summarize it here. This is the summary of the allegations, which DOJ calls the “Criminal Scheme.” “Company-1,” obviously, is Zoom. DOJ alleges:

The investigation revealed that Jin (the Zoom executive) has conspired with others to use Zoom’s systems in the U.S. to censor the political and religious speech of individuals located in the U.S. and around the world at the direction and under the control of officials in the PRC government. (That’s DOJ’s term.) Among other actions taken at the direction of the PRC government, Jin and others terminated at least four video meetings hosted on Zoom’s networks commemorating the 31st anniversary of the Tiananmen Square massacre, most of which were organized by and attended by U.S. based participants. Some of the participants who were unable to attend the meetings were Zoom customers in Queens and Long Island who had entered into service agreements government by Zoom’s terms of service.

Jin, officials of the PRC government, and others collaborated to identify meeting participants and to disrupt some of the meetings hosted on Zoom’s servers, at times creating pretextual reasons to justify their actions to other employees and executives of Zoom, as well as Zoo’s users themselves. In particularly, in May and June 2020, Jun, together with others, including others located in the PRC, acted to disrupt meetings held on Zoom to discuss politically sensitive topics by infiltrating the meetings to gather evidence about the purported misconduct occurring in those meetings. In fact, there was no misconduct; Jin and his co-conspirators fabricated evidence of TOS violations to provide pretexutal justification for terminating the meetings, as well as certain participants’ accounts. Jin then asked a high-ranking employee of Zoom in the United States (Employee-1) to effect the termination of meetings and the suspension and cancellation of user accounts.

– End of paraphrase –

So, who is Employee-1? It’s not Eric Yuan. And we know this because Eric Yuan exchanged electronic messages with Jin and Employee-1 regarding what is characterized as agreeing to provide PRC law enforcement with special
access to Zoom’s systems. This was in October 2019.

Whoever Employee-1 is, he got Employee-2 involved. Employee-2 got Jin direct access to Zoom’s U.S. based systems “so that Jin comply with instructions from the PRC government.”

Jin and Employee-1 were also communicating about these topics with Zoom’s COO and General Counsel.

It goes on and on, in rather extraordinary detail. The FBI affidavit is 47 dense pages.

I’m not sure how this affects the investing thesis, but I would say it is not good.

And, as should have been obvious from reading the initial story, it has nothing to do with a vengeful journalist.

This is the same event from April this year. Zoom employee is accused of working with Chinese government to block Hong Kong and US based activists from commemorating Tiananmen sq massacre. The wheels of “justice” are just slow in the US, thus the announcement now.

What Zoom has accomplished is quote amazing and it is because of its employees in China where most of its development is still based. Having such a substantial and mission critical presence in China does however run risks that they get entangled in Chinese communist party’s censorship and private sector intervention (which is rampant). It is impossible to have such a presence in China without having official government “minders” present at all times and involved in running the company and these minders certainly do not care about western values, democracy or company policies.

Zoom has done a number of things since then to rectify this issue, demonstrating they take this issue seriously 1) no longer routing any non China traffic thru China 2) announcing new development sites outside of China to diversify its development base and tap new talent around the world 3) hired former national security advisors to its board 4) implemented new security for its platform.

All that is a good news and probably reduces the overall risk of this happening again somewhat. I’m giving them a pass though I do have to say having Chinese censors in their main development center makes me queasy. But that’s just me.

I’m not concerned one bit. This does not change my investment thesis on Zoom. It’s the lead dog in telecommunications between private and public companies as well as with private citizens. Not only that, but it’s been adopted by every sector including tech, retail, medical and legal. Cyber security is becoming more and more important and I still have confidence in the leadership of Zoom to correct any mistakes. I’m not selling any shares of Zoom and if there’s a dip, I’ll buy more. I don’t sell winners and there could be 100 strikes as long as it doesn’t affect my investment thesis.

Mario
Long ZM, DDOG, NET, CRWD, PINS, ETSY

rtichy wrote:

This, being filed late last week, is very hard to ignore as possibly a “politically useful” set of charges, by a lame-duck administration.

The criminal complaint was filed on November 18 under seal; it was unsealed last week. The criminal complaint was signed under oath by a career FBI agent; it is getting hard to keep track of what motives they have supposedly have politically.

"One person wrote:

Maybe a journalists’ sister’s boyfriend just got laid off by a shrinking competitor,"

Clearly Raptor’s numerous ‘maybe’ scenarios were tongue in cheek. Couldn’t haven’t been more obvious.