SpaceX has banned use of Zoom for remote operations. So have Google, Apple, NASA, and New York City schools. Earlier this week, the FBI warned about Zoom teleconferences and live classrooms being hacked by trolls; security experts warn that holes in the technology make user data vulnerable to exploitation. Zoom’s CEO, Eric Yuan, has this week publicly admitted that he “messed up” on privacy and security.
But we are missing a larger question as we grapple with these security flaws. Zoom today is a publicly-traded American company listed on NASDAQ, but the company’s mainline app is developed by China-based subsidiaries. Its servers in China also appear to have transmitted the company’s AES-128 encryption keys earlier this year, including, as a Citizen Labs report documents, some keys used for meetings among North American participants (the company posted a response to that report here, noting that a geofencing error due to the heavy traffic from the outbreak of COVID-19 might have led some meetings “under extremely limited circumstances” to be routed through China, and it has corrected the error). Beijing’s intelligence laws obligate Zoom and other companies with nexus in China to share data held on the mainland with Chinese government authorities upon request.
These are precisely the kind of tools that Beijing values. The Chinese Communist Party (CCP) pursues a decades-long grand strategy to develop and capture global networks and platforms – with them to define global standards. Hold over standards promises enduring control of international resources, exchange, and information; a global geopolitical operating system with coercive might. Beijing has officially endorsed this ambition since its 2001 accession to the World Trade Organization, when it launched the National Standardization Strategy.
Now, the CCP is putting that intent into action. Beijing is about to launch China Standards 2035, an industrial plan to write international rules. China Standards 2035 is the successor to Made in China 2025; an even bolder plan for the subsequent decade premised not on governing where global goods are made, but on setting the standards that define production, exchange, and consumption.