Zoom Exec Charged With Tiananmen Square Massacre Censorship - Security Boulevard

Zoom Exec Charged With Tiananmen Square Massacre Censorship

You’ll recall the alarm, six months ago, when Zoom was accused of being a Chinese puppet—specifically for closing accounts of U.S. residents who were discussing the 1989 Tiananmen Square massacre (and other things the Chinese Communist Party would prefer we all forgot about). Now it’s emerged that Zoom is being investigated by the U.S. SEC and two separate U.S. Attorney’s offices.

And the U.S. Justice Department has brought a case against a Zoom executive in China—Xinjiang “Julien” Jin (pictured thrice). The FBI accuses him of conspiring to harass Americans and to leak their PII. As a reminder, the NASDAQ-listed company doesn’t really look like a U.S. firm: At least 30% of Zoom’s engineers are in China, and the company’s naturalized CEO was born in China—with family still living there, subject to the whims of the CCP.

DevOps Experience

Tiananmen Square massacre. There—I said it again. In today’s SB Blogwatch, it’s weird how this page isn’t viewable in China. 六月四日大屠杀

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: 51 years.


Jin Jin Jin in Sin Bin

What’s the craic? Drew Harwell and Ellen Nakashima report—“prosecutors accuse Zoom executive of working with Chinese government to surveil users”:

 A security executive with the video-tech giant Zoom worked with the Chinese government to terminate Americans’ accounts and disrupt video calls about the 1989 massacre of pro-democracy activists in Tiananmen Square, Justice Department prosecutors said. … The case is a stunning blow for the $100 billion video-call giant and raises questions about how the California-based company protects users’ data.

Prosecutors said the China-based executive, Xinjiang Jin … also known as Julien Jin … worked as Zoom’s primary liaison with Chinese law enforcement and intelligence services, sharing user information and terminating video calls at the Chinese government’s request. … He gave government officials the names, email addresses and other sensitive information of users, even those outside China [said the DoJ].

FBI agents outlined a months-long, high-pressure campaign by China’s “Internet Police” to view users’ video calls and suppress unwanted speech. … Jin sent meeting passwords and other sensitive internal data directly to Chinese law enforcement.

A Zoom spokesperson said … the company has cooperated with the case and launched its own internal investigation. … Jin was fired for violating company policies, the statement said, and other employees have been placed on administrative leave. … Jin could not be reached for comment. … A spokesperson for the Chinese embassy in Washington did not respond.

It gets worse. Nico Grant adds—“Zoom Says It’s Being Probed by SEC, Two U.S. Attorneys”:

 [Zoom] disclosed the legal and regulatory scrutiny the same day a former employee was charged by the U.S. Department of Justice for assisting China to block a remote gathering on the service commemorating the anniversary of … Tiananmen Square. … Jin was meant to be Zoom’s liaison with Chinese authorities on national security requests, but instead did the government’s bidding in concert with other employees, prosecutors said.

[Zoom] also said it had received a grand jury subpoena in June from the U.S. Attorney’s Office for the Eastern District of New York, requesting information about interactions with foreign governments and political parties, including the Chinese government. The federal prosecutors also sought details on the company’s storage of and access to user data, its privacy policies and its actions around the Tiananmen meetings. … In July, Zoom received subpoenas from the U.S. Attorney’s Office for the Northern District of California and the SEC.

Zoom settled a case in November with the U.S. Federal Trade Commission, which accused the software maker of deceiving customers about its platform’s level of security.

This looks bad. Really bad. But Zoom’s anonymous PR gnomes beg to differ—“Our Perspective”:

 We support the U.S. Government’s commitment to protect American interests from foreign influence. … We are dedicated to the free and open exchange of ideas. … We will continue to act aggressively to anticipate and combat ever-evolving data security challenges.

In September 2019, the Chinese government turned off our service in China without warning. … The shutdown put Zoom in an unfamiliar and uncomfortable position. … China requested that Zoom confirm it would comply with Chinese law, including designating an in-house contact for law enforcement requests and transferring China-based user data housed in the United States to a data center in China.

The “rectification plan” that the DOJ cited in its complaint … included measures to comply with real ID and data localization requirements … in China. … The goal of the rectification plan was to get our service restored, and the Chinese government ultimately unblocked Zoom on November 17.

A robust defense. But fossuser has heard it all before:

 So much for “Zoom is committed to supporting the open exchange of ideas and conversations.” It was clear this was nonsense when they said it [in June], but the stuff alleged here is way worse than even I would have predicted.

Anyway, what can we do about it? Christina Warren—@film_girl—doesn’t speak for her Zoom-competing employer:

 Stop. Using. Zoom.

If even half of the allegations … are true, Zoom is even worse than we all thought. Executives will literally create aliases with profile pictures related to terrorism and child porn in order to shut down discussions China doesn’t like.

Zoom’s own response makes it clear they didn’t fire the executive in June. … This is a bad company full of bad people. … The product is top-notch. But … this should freak everyone out at the most basic level.

Zoom has repeatedly crossed lines that make it impossible for me to ever trust or support. … Every single time Zoom has shut down anything over anti-terrorist or child-pornography grounds is now suspect. Every single one. Credibility is utterly destroyed.

Too soon? These are only allegations, after all. Let’s not jump the Dutch Gun: [You’re fired—Ed.]

 Sadly, most companies will kowtow to external pressure willingly. … The economic muscle of the Chinese market is a frightening menace to free expression at this point.

This is disgusting, and frankly, a black mark on all western democracies who mouth platitudes about noble ideals, but seem to have no compunction with financially enriching brutal authoritarian regimes that gleefully stomp all over human rights.

So guygo goes and summarizes:

 It is … demonstrating the pattern that Chinese-led companies (for instance Huawei) cannot be trusted to supply secure, non-political infrastructure as they are all beholden to report to their government anything it might be interested in.

How’s your camel’s back? It’s the last straw for paganel:

 Companies like Zoom are probably 5th column-like entities. Had someone told me something like this just a couple of years ago I would have called that person crazy or paranoid, but the latest moves from the CCP have cemented that belief for me.

I was almost totally against TikTok’s de facto nationalization … but seeing executives like this one acting on the orders of the CCP as part of a huge IT company lead by a Chinese citizen (and I now presume also a CCP asset himself) has reversed [my] belief.

Meanwhile, Local ID10T cuts to the chase:

 He is a Chinese citizen, in China, following Chinese law. If we don’t like it, maybe we shouldn’t use Chinese software platforms?

Update: an earlier version of this story referred to investigations by “state AGs,” which should in fact read “U.S. Attorney’s offices.” Your humble blogwatcher regrets the error. Additionally, Zoom spokesperson Vera Ranneft asked me to clarify that the company’s CEO is American—so, for clarity: Yuan “Eric” Zheng became a naturalized citizen 10 years after emigrating to the U.S. from his native China.

And Finally:

51 Years; 52 Tunes

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.

Image sauce: U.S. Justice Department

Featured eBook
Managing the AppSec Toolstack

Managing the AppSec Toolstack

The best cybersecurity defense is always applied in layers—if one line of defense fails, the next should be able to thwart an attack, and so on. Now that DevOps teams are taking  more responsibility for application security by embracing DevSecOps processes, that same philosophy applies to security controls. The challenge many organizations are facing now ... Read More
Security Boulevard

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 291 posts and counting.See all posts by richi

Techstrong Group