Last week, the U.S. Department of Justice charged a China-based Zoom executive with disrupting video meetings hosted by users outside China that commemorated the 1989 Tiananmen Square massacre.
- The complaint reveals the now-terminated employee was sending the private data of some U.S.-based users directly to the Ministry of State Security (MSS), China's main civilian spy agency.
Why it matters: Researchers and U.S. government officials have warned that the Chinese government might require China-based employees of U.S. companies to hand over private company data to Beijing. The DOJ's charges indicate those fears are valid.
Details: Xinjiang Jin, also known as Julien Jin, officially served as Zoom's "primary liaison" with Chinese law enforcement and intelligence services, regularly responding to requests from Beijing "for information and to terminate video meetings" hosted on the company's video platform, according to the complaint.
- Zoom abides by Chinese domestic law for users based in China, handing over information and suspending meetings deemed to be in violation of Chinese law, which can include meetings that discuss politically sensitive topics.
- But Jin's communications with the MSS and other Chinese officials went beyond what Zoom had authorized, according to the DOJ. Jin allegedly provided the Chinese government with information including IP addresses, names and email addresses of users located outside of China.
- While in close communication with MSS officials, Jin allegedly fabricated evidence to falsely accuse accounts that held Tiananmen memorials in May and June of this year of promoting terrorism and pornographic content and sent falsified images to Zoom executives, according to the complaint.
The big picture: This is precisely the scenario U.S. analysts and national security professionals have warned might happen to U.S. tech companies with operations in China. That's because China's laws mandate cooperation and coordination between Chinese firms and the Chinese government.
- A 2015 national security law obligates individuals and companies to provide assistance to the government to "safeguard national security," and a 2017 law requires private-sector cooperation with China’s intelligence services.
- This means Chinese law requires local employees to assist with government information and censorship — and to keep that assistance a secret upon request.
Put simply, if the MSS was sending these requests to Jin, a Chinese national on Chinese soil, he was required by law to comply and to keep his actions a secret.
Zoom executives have long known their China operations carry a degree of risk. Zoom has more than 700 employees in China, many of them part of its research and development team.
- In its January 2020 filings to the U.S. Securities and Exchange Commission, the company stated its “high concentration of research and development personnel in China” could “expose us to market scrutiny regarding the integrity of our solution or data security features."
- But despite this risk, Zoom’s official position as stated in its 2020 SEC filings was that its China operations presented a “strategic advantage” because it allowed the company to “invest more in increasing our product capabilities in an efficient manner.” Relocating its product development team outside of China would result in “higher operating expenses.”
What they're saying: "We support the U.S. Government’s commitment to protect American interests from foreign influence. As the DOJ notes, Zoom has been fully cooperating with them in this matter," a statement posted to Zoom's website read.
What to watch: While Zoom said earlier this year it would boost the number of U.S.-based members of its R&D team, Zoom has not indicated it will close its China-based R&D operations. Zoom declined to comment.