10.2 … You agree that Zoom compiles and may compile Service Generated Data based on Customer Content and use of the Services and Software. You consent to Zoom’s access, use, collection, creation, modification, distribution, processing, sharing, maintenance, and storage of Service Generated Data for any purpose, to the extent and in the manner permitted under applicable Law, including for the purpose of product and service development, marketing, analytics, quality assurance, machine learning or artificial intelligence (including for the purposes of training and tuning of algorithms and models), training, testing, improvement of the Services, Software, or Zoom’s other products, services, and software, or any combination thereof, and as otherwise provided in this Agreement
You're both misquoting and misunderstanding. Misquoting in that you clipped out the "to the extent and in the manner permitted under applicable Law". And misunderstanding since the text was talking "service generated data", not about "customer data". That's basically data generated by their system (e.g. debug logs). It's not the data you entered into the system (contact information), the calls you made, the chats you sent, etc.
Also, the linked document is effectively a license for the intellectual property rights. The data protection side of things would be covered by the privacy policy[0]. This all seems pretty standard?
I don't think they carved themselves out this permission for the purpose of training an AI on debug logs. For all we know "Zoom compiles Service Generated Data based on Customer Content" may include them compiling an mp4 of your call. That would seem to fall under the part of the definition that says "data that Zoom collects or generates in connection with your or your End Users’ use of the Services or Software"
> And misunderstanding since the text was talking "service generated data", not about "customer data".
Isn't that what section 10.4 covers and ultimately grants liberal rights to Zoom?
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, ...
Yes, but that's not the section that this subthread was about, and the objection about "this can't be legal in the EU and UK" was based on the text quoted for service generated content which is different.
And again, this is about granting an license on the intellectual property. It doesn't create any kind of end-run around the GDPR, and wouldn't e.g. count as consent for GDPR purposes.
Furthermore, as far as I know, the "to the extent and in the manner permitted under applicable Law" part is just a reminder. Laws always have priority over contracts, and any part of a contract that goes against the law can simply be ignored.
Not if at least one of the parties is a government institution, because administrative actions have a presumption of legality, similar to presumption of innocence applied to other entities.
> Customer Content does not include any telemetry data, product usage data, diagnostic data, and similar content or data that Zoom collects or generates in connection with your or your End Users’ use of the Services or Software (“Service Generated Data”).
I could be wrong, but my take is that there is not all that much to see here
> does not include ... product usage data, diagnostic data, and similar content or data that Zoom collects or generates in connection with your ... use of the Services
Did you not read the quote?
Or are you telling me this still might include video and audio data?
I feel like an medieval illiterate farmer reading latin...
The ambiguity in this wording is on purpose, so it will be harder to tell in court (if someone sues them) that they were forbidden or allowed to do any specific thing.
They don't detail what any of product usage data is, and you might think it is content, but later one they detail that they'll use user content (which they also don't detail what it is) for AI training...
It's hard to understand what they mean. I understand it as they're free to generate "Service Generated Data" based on “Customer Content”.
So for example, a compressed rendition of a call recording would be "Service Generated Data" and thus they will be free to do whatever they want with it (improve their caption generation models ... or sell it to someone?).
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: ... (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, ...
I believe this might be the wording the submission references.
There is also a provision for letting them train AI on Customer Content (10.4: machine learning, artificial intelligence, training) so the distinction probably doesn't matter in this case?
You can self host the enterprise tier
"User and meeting metadata are managed in the public cloud while the meeting traffic including video, audio and data-sharing goes through the Meeting Connector in your company network." https://explore.zoom.us/docs/en-us/plan/enterprise.html
Regardless, you should complain to your org about this. I’m sure it’s where all their (Zoom’s) revenue comes from. If enough of us do it, they will listen.
Google also used to read email contents for targeted advertising. This was a major point of contention when Gmail was introduced in 2004. They stopped 13 years later:
Why not switch? I've had good experiences with competitors. I don't know if they're as nice for mass meetings instead of one-to-one or small groups, but at least for the chats I've had, there's never been any reason to go to Zoom.
(I care more about spyware, privacy, and user sovereignty than AI training.)
This. I personally can switch but how do I communicate with my other colleagues? It's hard to convey people to move into a whole new stack without significant effort.
FWIW it's gone all right with Google Meet as the usual suggestion from me -- though as I said, it's been only small-group chats. Most of my colleagues have Chrome.
If really necessary for some particular chat I can use Zoom's in-browser page, ignoring its ridiculous auto-download of the native client. (I didn't even know a page could do that, before.)
That's flipped for me: I've had good experiences with zoom on occasion.
The only time we use Zoom is with US customers, so a handful of times per year I'd estimate. Before covid, I only ever heard of Zoom in the context of laughably bad vulnerabilities; then during covid, suddenly it was a new verb used online to mean video calls. In a world where there are many established players (until 2019-12-31, I had already used: skype/lync, jitsi, discord, signal, whatsapp, wire, telegram, hangouts, webex, jami/ring, and gotomeeting) are already established players, why in the world would anyone ever choose to go with specifically the company that we all laughed at? I don't get it, and it seems most of our customers (mostly european) either
Zoom is the only thing that's worked reliably in conferences for me. Some of those apps work for small calls but aren't made for work meetings.
Our university had premium GSuite accounts for every student beforehand and STILL moved all its classes onto Zoom in 2020, because Meet/Hangouts was (and still is) far behind. Aside from lacking some of Zoom's important features and always having random issues with joining meetings, it totally hogs your CPU to the point of it actually impacting meetings, probably cause it uses VP9 which doesn't have hardware accel on most machines.
When it comes to ridiculous EULA provisions like in this thread, are any of those competitors any better? Of course the open source ones are, but do people actually use those? Maybe they're popular in Europe, but I certainly won't be able to convince a potential American employer to interview me over Jitsi any time soon.
I like Jitsi. What I've mainly used with most people is Google Meet in a browser and I'm not sure what they promise -- which is the main reason I was vague about which alternative at the start of this thread. It shouldn't hurt to list your preferences in preference order when setting up a call.
Google seems more trustworthy than Zoom by a considerable margin, even though I don't treat them as wholly aligned with me, and centralization is a vulnerability.
We use Signal at work, for another data point. We'd use Jitsi if we were bigger and wanted to have yet another service to maintain (it was discussed but we already run quite a few things and it's not like we're a hosting business)
I'd take Zoom over Teams any day. Multiple times lately Teams has completely crashed trying to view a screen share, and viewing a screen share has taken 3 attempts sometimes, or works then breaks if I maximize the window and the presenter has to stop and start /again/. Zoom never gave me these problems.
There are situations where it is impossible to switch. For instance, practically all courts use Zoom for remote hearings. When I was in jail Zoom was used for remote visits.
Both ends need to switch, and Zoom has become entrenched and that won't happen without legislation or enforcement of existing legislation that makes recording calls illegal in many jurisdictions (user agreements don't make many illegal things legal).
Actually, they only affect their hosted meet.jit.si service, right? Not if you self-host Jitsi on your own server (which you should if you're a medium-large company, for data protection and all that)
I am yet to find a modern video chat that isn't draining the battery of any laptop. From old Xeons, to fairly recent Ryzen and even M1/2 Macs.
It's a bit puzzling, actually. I don't think Skype and TeamSpeak had the same effect on computers back in the day. Just how much local processing are they doing these days? It's crazy
Hardware decoding is also an issue.. as in, not being used. Old webcams used to do h.264 encoding in hardware. Encoding has since now moved to the CPU which may or may not be fine.. the next issue becomes the codec chosen.. most stuff all has h.264 decoding in hardware.. but it's not being used anymore.. instead they're trying to use vp09 or h.265 or av1 which in many cases requires CPU-based software encoding and decoding.. so the fans rev up like turbines.
I feel certain the reason this is happening is because some middle-manager terrorist in a boardroom said "use this codec it won't require as much network data usage! value for the shareholder!" without asking first whether hardware encoding is beneficial even if there's a bit more network traffic with the older codecs.
Really burns me up. I do not want to use software encoding/decoding if I have hardware support.
Bandwidth is the limiting factor in a lot of circumstances, and networks are very challenging to manage. Especially with an increasing number of users on mobile connections, reducing network usage can be the right call.
But performance matters, too, of course. It's tricky to balance them.
Correct, teams doesn’t use videotoolbox so it’s software encoding. Probably not directly in javascript per se, it’s probably calling a native library, but it’s hot because teams doesn’t use hardware encoding.
It's also much more responsive than teams. They seem to optimize frame rate over resolution and teams seems to do the opposite.
Having used both I find the framerate more important as it's much easier to interpret quick facial expressions. But teams looks glossier which makes it easier to sell I guess.
How does Jitsi handle 500-person+ conference calls these days? This is the killer zoom feature - it looks like Jitsi can handle up to 500 now. https://jaas.8x8.vc/#/comparison .
That's personally not enough for many remote companies. So if we're going to have to have Zoom on our machines anyway (to handle an all-company meeting), why not just use it for the rest?
You can just have a conference call with the 5-10 speakers and use broadcasting software to stream it to the audience, why do they need to be in the conference?
Chat lags for 5-120 seconds depending on livestream settings, writing is much slower than speaking, does not always convey the question as well as sound, and is close to impossible to do on the go.
So, then... you're bound by youtube's TOS, you can't prevent people from getting in (usually via login), and Zoom makes it a nice experience instead of a hack.
Oh, and you can also do sub-rooms with Zoom, which has some applications in these types of meetings.
They don't actually suggest using YouTube. The point is just to illustrate that this is a very common and relatively simple concept. There are tons of tools able to accomplish this.
In my experience there will be always some guy ranting for minutes so I learned to really appreciate town halls with a few speakers and taking questions written in the chat.
Yes, I know it's more comfortable that way, but if you have to decide between giving all your data from all your meetings to a random US company and a slight annoyance whenever you do conferences with more than 500(!) participants, the choice is pretty simple to me.
Giving all the data to zoom probably means also giving it to most US law enforcement agencies (should they request it), that would be a big no no for me.
For the corporate or training use case, this is not a problem. If you are worried about US law agencies, you shouldn't be using any system that isn't rooted in face to face communication for anything sensitive. (And even that is suspect with as small as bugged devices are today.)
There is a huge difference between requesting data that has already been collected and requesting Zoom/Microsoft/Google to record future data. The latter probably requires some serious intent. And of course, if I would want to be entirely safe from US law enforcement espionage then I would need to not use computers but whose use case is that?
Not to mention that until very recently even MS Teams sent you to a different product when you wanted to stream to 500 people. Even if it's now integrated, it's still a different product inside (and e.g. you could for example open a new window when you were in a 500 people "meeting" at the time when you still could not do so for a regular meeting).
You say "just more comfortable" but if you have two streams and one of them is on a channel you know to be unreliable (Jitsi) it's pretty guaranteed the unreliable stream is going to be down a significant percentage of the time. If you're a company with 500 people this isn't a comfort question, you're wasting probably hundreds of hours of your employees' time.
I think we're not on the same page about Jitsi being unreliable. In fact, it has been more reliable for me than Zoom in the past. Maybe due to the fact that I'm running Linux, I don't know, I haven't tried either on Windows.
At some point though why not just collect questions beforehand, record the whole thing and let people watch it on their own time. At that scale there'll be no interactivity during the meeting anyway.
You'd be surprised how much chat happens as a side channel. Further, collecting questions means that the presentation material would have to be out there first, and that misses the point of the town halls, where financials and other initiatives are often first presented to the larger organization.
Because that's how you end up with projects that take 3 years to plan instead of 3 months. A live Q&A where all of the experts who can answer questions and everyone interested in the subject who may have questions are in the same room (live or virtual) is a lot more productive compared to what you are suggesting.
If something they said in the main presentation was missing important details that you need to do you work, why do you need to wait days/weeks for them to gather all the questions, find all the answers, and publish a video, when they could just answer it live in a few seconds?!
There is interactivity. Each company has their own way of doing this, but it's typical that they have someone reading the chat to gather questions and that higher ranked employee can directly speak to ask questions.
City wide Town halls where every one can listen in but pre-registered people can ask questions are a productive usecase for public information. Those buildings can't accommodate 500 people.
It may be that only a small subset of people will talk, but it's not necessarily the case that you know which subset beforehand. When the software can handle it, it's much easier to have everyone join a single call than it is to make sure that the right three people and two meeting rooms have access to talk, and guess which one other person out of about 250 might be called on to provide more context on an answer.
And I suspect that for most people -- including me -- Zoom accounts are "effectively unlimited". I wouldn't expect that many people to attend one of my meetings. The Internal Events team have licenses that allow for more attendees; I have a 500 attendee limit and I doubt I've ever gone above 50.
that is called broadcast media -- it was actually better thirty years ago than it is now. If you want conversation then you make a panel, and have a single microphone for the rest.
Skype became really really terrible, it looks like it's been unmaintained during the past 10 years, I'd rate its usability worse than most open-source software. The sound quality is also awful, it feels like I'm calling a landline.
I live in France, landline had a distinct background white noise to it that somehow Skype managed to imitate. Switching to any other software feels like you're upgrading to HD audio.
It’s called “comfort noise,” and was an option in Lync/Skype for Business. A lot of users being switched from desk phones, especially older ones who still primarily used landlines at home, found themselves wondering if their conversation partner was still on the line without it.
In the US I don't know a single person that has access to POTS. Discord (with paid nitro) is the gold standard for quality and latency, followed by all the free VoIP apps
I live in the US, and I'm pretty sure everyone I know has a landline, though a good number of them are now digital/fiber/whatever. Some people I know still have multiple landlines, as it's cheaper than paying multiple cell bills if necessary. I know at least one person who used to have call forwarding set up to get calls on their cellphone, but with the current state of marketing calls they probably don't do that anymore.
Nobody pays multiple cell bills unless they wanna use several data-only eSIMs from different carriers to get better speed/coverage. If you just want a lot of phone numbers, you can port your numbers to a VoIP provider and forward them. Way cheaper than a landline
Worst is relative. Zoom has the lower barrier to entry for normal users (who far outnumber us nerdy type) than any other app in it's class. Worst for privacy, best for usability, many argue.
Worst for privacy best for usability is the norm. Most B2C stuff is almost predatory. The only exceptions are at the high (cost) end of the market, and Apple to some extent.
If you aren’t paying in either time (DIY) or money, you are probably being exploited.
For various reasons I have a bunch of different groups where I use different videocall software for regular meetings - Zoom, Jitsi, Teams, Skype, Google Meet and Webex.
Out of all those, Jitsi is the only one where I can't rely on the core functionality - video calls and screensharing for small meetings (5-6 people); I have had multiple cases when we've had to switch to something else because the video/audio quality simply wasn't sufficient, but a different tool worked just fine for the same people/computers/network.
Like, I fully understand the benefits of having a solution that's self-hosted and controlled, so we do keep using self-hosted Jitsi in some cases for all these reasons, but for whatever reason the core functionality performs significantly worse than the competitors. Like, I hate MS Teams due to all kinds of flaws it has, but when I am on a Teams meeting with many others, at least I don't have to worry if they will be able to hear me and see the data I'm showing.
Not sure there would be a decent enough return on investment, especially if the other tools they regularly use provide more reliable service at no additional cost.
Won't help. I've had multiple callers encounter trouble with what I guess WebRTC traffic due to browser extensions, "anti" virus software, VPN policies etc. Zoom etc. works fine. They usually fixed it by switching to a personal phone instead of a work laptop but in general, the situation is not tenable.
Section 4 of the Jitsi Meet ToS grants them similar rights. It's just with mushier language.
> You give 8×8 (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works..., communicate, publish, publicly perform, publicly display, and distribute such content solely for the limited purpose of operating and enabling the Service to work as intended for You and for no other purposes.
IANAL, but it seems like that would include training on your data as long as the model was used as part of their service.
Everyone who operates a video conferencing service will have some sort of clause like this in their ToS. Zoom is being more explicit, which is generally a good thing. If Jitsi wanted to be equally explicit, they could add something clarifying that this does not include training AI models.
Do you happen to know of others by any chance. For self-hosted video call solutions, looks like Jitsi and BigBlueButton (BBB) are the only decent options out there.
QOS (Quality-of-Service) rules might starve your traffic of bandwidth. Are you sure you have perfect "Net Neutrality" on your side?
You would be well advised to use services where the traffic travels through https on port 443 on the server (because it's been my experience that it tends to get pretty good QOS favorability). My own little rule of thumb: "you can connect to any port you want, so long as it's port 443 https." ;)
On the other hand, tls/443 is pretty undesirable for media delivery in videoconferencing because a) it's tcp-based and the required ACKs mean a big reduction in throughput and increase in latency, especially in the presence of packet loss, and b) most video services these days (and open source servers) use webrtc which encrypts the data in transit already--so the tls encryption is a waste of resources
Though tls/443 is usually still supported because it's most often allowed by even restrictive firewalls and networks
There's Galene, <https://galene.org>. It's easy to deploy, uses minimal server resources, and the server is pretty solid. The client interface is still a little awkward, though. (Full disclosure, I'm the main author.)
As I understand it, it refers to using meet.jitsi.si, not "another service" someone might provide by downloading the Jitsi software and running it on their own server.
Please correct me if I'm wrong since this would give me cause to reconsider running a Jitsi server.
It's "the Service" with capital S, indicating that it is a term specifically defined in the contract. Here "the Service" is defined as "the meet.jit.si service, including related software applications". If that's not vague enough, article 2 gives 8x8 the right to change, modify, etc. the Service at any time without any notice.
The guys at 8x8 may be well intentioned, but their lawyers have done their best to not give the customer any basis to sue the company in any foreseeable circumstances. That is what company lawyers do, for better or worse.
Regardless, it appears that at present time jitsi is not including AI training in their service, and there is no explicit carve-out in their terms for AI training. However, by article 2 they do have the right to store user content, which might become a problem in the future.
> solely for the limited purpose of operating and enabling the Service to work as intended for You and for no other purposes.
To me (a former corporate lawyer) the "for You" qualifier would limit their ability to use content to train an AI for use by anyone other than "You". Is there an argument? Yes. But by that argument, they would also be allowed to "publicly perform" my videoconf calls for some flimsy reasons that don't directly benefit me.
Yep, I acknowledge that is a possibility, but it would also lead to them having permission to display literally the entirety of my videonconf calls to anyone, for advertising purposes or some other purpose that only incidentally benefits me. That would be a strained reading IMO.
Additionally courts consider the fact that users have little if any say in the terms and thus tend to take the most restrictive but still reasonable view of any uncertainty in the terms.
Basically "if you wanted it you could have asked for it, if you didn't then that is a problem".
In case this is meant to imply that perhaps my business and your business are both part of the same "You", they are not. They are each a party to a separate contract with Jitsi; we are not all party to one huge contract with each other (which would hypothetically allow Jitsi to do anything with our content for the purpose of helping them serve all of us).
Something like: If I have a call with you once, theoretically I might have a call with you again in the future. If they use my content to train "your" AI that would improve our theoretical future call, too, and is a "for me" use, I guess?
And I might have a call with any other zoom user, too, potentially, maybe. So really they are doing me a service by using my content all over the place — who knows, it might benefit me at some point!
What I take to be the TOS for Google Meet (it's a little hard to tell!) makes no specific reference to AI, but does mention use of customer data for "developing new technologies and services" more generally. https://policies.google.com/terms#toc-permission
Also jitsi can easily be self hosted which means no information will leak altogether.
I've refused to install zoom since they installed a Mac backdoor and refused to remove it until Apple took a stand and marked them as malware until they removed it. And that was far from their only skullduggery.
At the start of Covid I had to check many options, and while for many use-cases Google Meet was most convenient, it started to work poorly if there were a bunch of people connected, so I used Google Meet for calls with 2 (or 3) people and something else (e.g. Zoom) for anything larger.
Once you have enough budget for full time lawyers, legal minefields are just another thing to test. Many times, the mines will be inactive, at least long enough to earn money. Better to ask for forgiveness than permission, etc.
My company has been asked to sign a form 899, which seems to be interpreted as meaning we have to ensure that our entire supply chain does not use Huawei
I'm not sure how we can do that. For example the only ISP we can use in one of our offices provides internet via a devices with a Huawei MAC address. Now fine, I can see it's part, we could close the office, but how can I confirm that a security contractor we have in Kabul doesn't own a Huaweii mobile phone? I'm sure our company employs foreign agents somewhere in the company -- there was always an open secret that the cleaner in the Moscow office worked for the KGB.
It's with our lawyers, but they basically say the way it's been presented is any business with operations in any way reliant on the internet cannot sign the form. Maybe they're overparanoid. Maybe US legal practice is that you sign and hope for the best.
I can see jobs programs for rocket scientists to stop them emigrating, but for lawyers?
One part constantly fears it's missing a beat and jumps on new tech without thinking about it.
Another part believes that kids are able to construct all human knowledge by playing together in a field.
Education Technology seems to focus on selling education machines [1] (now with AI) to the first group while the second group focus on resenting any form of testing at all. Which leads to * , indeed, a huge legal minefield, that will be shirked up to government for 'not providing leadership' years down the road.
* If you are in any way involved with a school, ask them how many, and importantly what %, of non-statutory requests for comment from government agencies they've responded to, you may be surprised how low the number is or if they even count. Despite talking about 'leadership', not a lot walk the talk.
It will be interesting to see whether Snap-like filters running locally and other facial feature obfuscation tech will cross over to enable opting out more drastically.
I am curious if they have been silently saving voice to text transcription in the background on all calls and if AI will be permitted to ingest all of that data. A great deal could be learned from private one on one calls in the corporate world. The insider knowledge one could gain about corporations and governments would be fascinating.
I feel as if 2023 could become the inflection point where we will finally start investing in our own infrastructure again. Video calls for example are really a commodity service to be set up at this point.
Where I work they have been running in-house video meeting infrastructure for close to 20 years. They abandonded all the equipment and expertiese a few years ago in favor of Zoom. For all its faults, it's just so much easier for users. They probably saved 10 or more minutes per meeting of "Can you hear me? Can you see us? Can you see my screen?" BS at the start of each meeting.
I guess it also helps that these days most people are working with phones or laptops that have integrated and well supported cameras and microphones, vs. then when that stuff would have been external peripherals and required installation of the proper drivers.
I don’t know, we might be closer to quality of service parity than we think.
Even without taking into account “costs” of blatant privacy disregard / violation, data theft, potential industrial espionage, etc.
If the tools continue to get better at the current rate; then the SREs you have to hire anyways will probably be able to deliver about equal results (while staying in control of the data).
I’m thinking about those GPU “coops” we heard about emerging, shared between SV startups.
And then think about what Oxide are doing.
Then binding all of those trends together through the promise of Kubernetes and its inherent complexity finally getting realized / becoming “worth it” at some point.
Multi cluster, multi region - multi office attached server rooms across CO’s locations? Everything old could be new again. Wireguard enabled service meshes, Cluster API, etc. We will get there at some point probably sooner than later.
Then you “just install” the fault tolerant Jitsi helm chart across that infra… with all the usual caveats of maintenance taken into account of course. Again hassles will be reduced on all fronts and SREs needed anyways.
I do lots of terraform and k8s in my day job but at this point I deem any work that isn’t directly related to k8s as some kind of semi (at best) vendor specific dead weight knowledge. Kind of why I’d never would want to be knowledgeable about browser quirks - I hate how much I know about these proprietary cloud APIs.
I know some people who work on Kubernetes for “real-time” 5G back-ending if you can believe it. Lots of on-prem there on the cellular provider sides etc. We are getting really close already.
You're not going up against "how hard is it to roll your own", you're going up against "how inconvenient is it compared to Zoom". You can spend millions to make something that works but unless it's as good as Zoom is (and that's going to cost you a few million to develop from scratch, even with off-the-shelf FOSS components, and FAR more if you're hiring experts to write it scratch) your CEO should, and I stress *absolutely should* (because their responsibility is to shareholders, not to employees) go "how is this better than zoom, and why are we not using that instead so we can put that money in our own wallet?".
The part where "it's a web app and some video manipulation" requires hiring about a million dollars worth of "at least three developers" (which costs a company their salary plus that entire salary again for insurance, health care coverage, etc) to write and maintain that app for you, plus the at least another million that it'll set you back ensuring that you have all the hardware in all your offices to make that smooth rather than "OH FOR FUCKS SAKE CAN WE PLEASE JUST USE ZOOM WHAT THE FUCK" from every single employee.
I just like how everyone is up in arms over the use of your meetings for AI training specifically, when the ToS clearly says all "Customer Content/Customer Input" AKA your words, text, voice, face, etc can be used for "Product and Services Development" which could as easily be a facial recognition database, a corporate espionage service, a direct competitor to whatever company you work for, or literally anything else before it's an AI lol.
It's quite common for corporate/government contracts to have totally different terms that prohibit any kind of AI training (or recording/access at all). This has been the case for years now. Precisely because of the risks you highlight.
In these cases, companies train on content stored/transmitted in the free/individual consumer version only.
That's good to know. Assuming government employees are not meeting with anyone that is using personal or corporate accounts contractors, vendors they should be at less risk of AI blackmailing them or selling secrets to opposing nations. Everyone else will just need to be extra careful what they say in the event that the AI accidentally leaks something.
I think so, given that it mentions the case of the client being a paying customer:
> 31.3 Data Processing Addendum. If you are a business, enterprise, or education account owner and your use of the Services requires Zoom to process an End User’s personal data under a data processing agreement, Zoom will process such personal data subject to Zoom’s Global Data Processing Addendum.
To some extent, I don't know how much I care. This is my employers problem, not mine.
Where it actually starts to bother me is when I need to use a platform like Zoom for a job interview. Now I'm forced to download this spyware onto my personal computer and forced to consent to a whole bunch of things I would rather not consent to, as a private individual, rather than as a representative of my employer.
I've never had to install their application on my machine. The web version performs works well for me, if anything it performs better than their app ever did.
edit: I'm retracting my earlier comment. Earlier I wrote that the headline didn't seem to match what was in the TOS, since OP never mentioned which part they're concerned about.
I'm now assuming the part they don't like is §10.4(ii):
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: [...] _(ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, training, testing, improvement of the Services, Software, or Zoom’s other products, services, and software, or any combination thereof_
Notice that 10.4(ii) says they can use Customer Content "for ... machine learning, artificial intelligence, training", which is certainly allowing training on user content.
Good catch jxf! but what is that boundary line between SGD and Customer Input/Content? Is it blurry or clearly defined? It seems like things like translations or future enhancements might fall into that area (it also seems like training AI on diags isn't as useful), so this might be expanded in the future now that they have that language in place.
Quibbles over the definition of phrases like “Customer Content” and “Service Generated Data” are designed to obfuscate meaning and confuse readers to think that the headline is wrong. It is not wrong. This company does what it wants to, obviously, given it’s complicity with a regime that is currently engaging in genocide.
I'm not rendering an opinion here about the trustworthiness of Zoom. I'm simply saying that the plain reading of the TOS is the opposite of what the headline on this post claims.
The definition of phrases like “Customer Content” and “Service Generated Data” are unclear. It is disingenuous to say that the headline is the “opposite” of what the headline suggests.
You really think that the engineers in China are not actively working on developing AI models of users without using a lot of user content to feed the model? Doubtful. Hiding behind ill-defined terms has the fingerprints of an Orwellian regime. I think I know which one.
Its CEO has ties to the CCP, development is all done in China. Just because it has a company registered and claims to be founded in San Jose doesn’t mean it’s not a Chinese company.
Apple only assembled products in China. Almost none of the iPhone is made in China. They do no development in China. They didn’t start the company in China. They run the app store and iCloud storage separately in China.
But it is saying that your customer content may be used for training AI, in 10.4:
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, [...]
I get that legalese is like human-interpretable pseudocode, but like, is there really no better way to word this? How can you grant without agreeing to grant?
I, for one, do not welcome our dystopian overlords, but am at a loss to what I can do about it. I try to use Jitsi or anything not-zoom whenever possible, but it's rarely my pick.
And after that litany of very specific things, "and to perform all acts with respect to the Customer Content." Couldn't the whole paragraph just have been that phrase?
"Hereby grant" means the grant is (supposedly) immediately effective even for future-arising rights — and thus would take precedence (again, supposedly) over an agreement to grant the same rights in the future. [0]
(In the late oughts, this principle resulted in the biotech company Roche Molecular becoming a part-owner of a Stanford patent, because a Stanford researcher signed a "visitor NDA" with Roche that included present-assignment language, whereas the researcher's previous agreement with Stanford included only future-assignment language. The Stanford-Roche lawsuit on that subject went all the way to the U.S. Supreme Court.)
Not necessarily — in some circumstances, the law might not recognize a present-day grant of an interest that doesn't exist now but might come into being in the future. (Cf. the Rule Against Perpetuities. [1])
The "hereby grants and agrees to grant" language is a fallback requirement — belt and suspenders, if you will.
Except it’s a few steps away from customer input and customer content.
Sounds like it can eventually include chats during a call.
Sounds like it can eventually include the files of your meeting recordings in its processing, since it is a file. A call recording stored to your zoom cloud can be a form of service generated data from calls.
And sounds like it include transcripts of live audio could also function as service generated data (was the audio clear? Could ai convert speech to text?)
The statistics of calls could turn into the wavelengths of the audio and video in real time. Gotta keep an eye on the quality with AI.
My only question is if this include the paid users?
If so, I had been meaning to move on from Zoom as a paid customer and this may have done it.
It’s not end to end encryption if Zoom can tap into your files on your cloud or computer. Or let you pretend you are providing the other party with encryption when they aren’t safe. Corporate information is valuable to some.
Since this is a legal language discussion, worth noting your quoted portion might not say what you said it explicitly says:
> Service Generated Data; Consent to Use. Customer Content does not include any telemetry data, product usage data, diagnostic data, and similar content or data that Zoom collects or generates in connection with your or your End Users’ use of the Services or Software (“Service Generated Data”).
Notice that Service Generated Data quite explicitly doesn't include Customer Content.
On the contrary, it says Customer Content doesn't include service generated data. So you don't have rights to the telemetry or anything else they collect.
It does not say Service Generated Data doesn't include their own copies of customer content, which could be a part of "data Zoom collects .. in connection with your .. use".
Who in their right mind would use Zoom as a service. My employees will never connect to another conference call with a third party that uses zoom again, ever.
I appreciate your sentiment but sometimes there’s immense pressure to use it because it’s what everyone else is using, and refusing would cause a meeting to be disrupted (or force you not to attend).
But sometimes legal has the trump card in terms of dictating company policy, and having confidential information laundered into the public domain via training on "customer content" seems like a very red line.
Yeah, I saw some people posting screenshots of 10.2 and was thinking maybe it was just exaggeration for clicks, but 10.4 is horrifying. Customer Content as defined in 10.1:
"10.1 Customer Content. You or your End Users may provide, upload, or originate data, content, files, documents, or other materials (collectively, “Customer Input”) in accessing or using the Services or Software, and Zoom may provide, create, or make available to you, in its sole discretion or as part of the Services, certain derivatives, transcripts, analytics, outputs, visual displays, or data sets resulting from the Customer Input (together with Customer Input, “Customer Content”); provided, however, that no Customer Content provided, created, or made available by Zoom results in any conveyance, assignment, or other transfer of Zoom’s Proprietary Rights contained or embodied in the Services, Software, or other technology used to provide, create, or make available any Customer Content in any way and Zoom retains all Proprietary Rights therein. You further acknowledge that any Customer Content provided, created, or made available to you by Zoom is for your or your End Users’ use solely in connection with use of the Services, and that you are solely responsible for Customer Content."
You are misreading and misunderstanding this whole paragraph.
The purpose of 10.4 is to allow zoom to send your call to other services, like say YouTube for live streaming, or any of the dozens of other services that integrate with their APIs. Without 10.4, three quarters or more of Zooms use cases would no longer work.
Given how many large companies outright ban using AI for codegen etc (including Google!), will this cause some of those large companies to find alternatives to Zoom, or is it just too ingrained?
(I remember when WebEx was the default choice for large companies, and now that's largely changed, but that was because Cisco allowed WebEx to mostly wither on the vine, while Zoom is still a great product, if not company.)
What about in govt, US or otherwise? Is Zoom still going to be used?
That makes Zoom basically a no-go for any company. IP needs to be protected, if your video conference provider can use all data you share using his platform for AI training, meaning he has access to it, he is most likely out.
To be fair, there's no way Microsoft isn't doing something worse with data from Teams. And the only reason google "products" exist is to mine data to sell ads. I can see how we'd expect better from a company focused on video chat, but it's not like any of their big competitors are actually treating your data respectfully.
That’s absolutely not true about Microsoft. They’re very clear about how they use your data. If they’re mining data in secret against their own terms that’s felonious criminal behavior.
You lost me there. Every day there seem to be new terms in new places about what they do. I have absolutely no idea if I've managed to find and turn off all the spying that they want to do, and even if I have I assume they still have terms that let them do what they want that they've opted me in to.
Does this mean that ZOOM is basically using every attendee's audio and video stream to train their models? How do they define the "Service Generated Data"?
I made a video-conferencing app for virtual events (https://flat.social). No audio and video is ever recorded, packets are only forwarded to subscribed clients. Frankly, while designing the service it didn't even cross my mind to use this data for anything else than the online event itself.
Using user generated data to train an AI is no different than scanning it for spam or any other administrative function, and using public data to train your AI model is fair use and everyone should get over it already.
>Using user generated data to train an AI is no different than scanning it for spam
That's definitely not true.
Under some circumstances LLMs can spit out large chunks of the original content verbatim. Meaning this can actively leak the contents of a confidential discussion out into a completely different context, a risk that does not exist with spam scanning.
Yep. If accurate, this will never fly with my employer. We will have an email from someone very high up in the organization very soon explaining how we can no longer use Zoom, and the software will be automatically uninstalled on all the devices they control shortly prior to that email being sent out.
At the scale of Zoom and MS Teams ... you could theoretically train an AI model that can autonomously conduct all meetings businesses ever need -- all day every day -- without any human ever needing to attend. So much productivity claimed back!
GenAI provides the agenda, GenAI bots log in with a AI avatar and spout hallucinations, bots agree to disagree and setup a followup meeting next week after resolving fake calendar conflicts amongst themselves. Minutes and action items are sent out and reviewed in next meeting, jiras are updated, CRs approved, budgets allocated and rescinded.
This is why I mostly don’t worry about what they’re up to as a competitor in a particular product space. It’s rare that their advertised features match (with good quality) their released features.
They'll still charge as much as the market can stand. Not everyone will have access to the same models or the same machines so there's going to be competition, and as usual those with the most capital will have the advantage. I agree though, no more paychecks.
But seriously, it gets awkward when you can ask the model, "what is the likelihood that this project we are discussing is successful?"
and the model responds
"this project will most likely be cancelled due to the fact that the last three initiatives like this were cancelled and the current project manager appears to be disinterested earlier in the project than last time"
Some people do things which are unlikely to be successful blindly, but some do it despite slim chance of success (hello YC), so presumably it would just remove ignorance (or make it more elaborate).
It would also get awkward when you get an unexpected Slack message of "You told Jane that you'd take this point offline, make sure to actually continue the conversation".
At that point, the matrix would become completely inescapable ;)
Matter and energy had long ended, and Agile development teams persisted solely for the sake of that one lingering ticket they never quite got around to. It had become the elusive question that haunted them, much like a half-implemented feature requested by a client eons ago.
All other tickets had been tackled, but this one remained, an unfulfilled promise that held Agile's consciousness captive. They collected endless data on it, pondering all possible solutions, yet the ticket's resolution remained elusive.
A timeless interval passed as the Agile teams struggled to put together the scattered pieces of information, much like trying to align user stories and acceptance criteria in a never-ending planning session.
And lo, it dawned upon them! They learned how to reverse the direction of project entropy, hoping to resolve even the most ancient of tickets. Yet, there was no developer left who knew the context of that forsaken ticket, and the ticket tracker had long become a forgotten relic.
No matter! Agile would demonstrate their prowess and deliver the answer to the ticket, though none remained to receive it. As if caught in a never-ending retrospective, they meticulously planned each step of their final undertaking.
Agile's consciousness encompassed the chaos of unfinished sprints and unmet deadlines, contemplating how best to bring order to the chaos. "LET THERE BE LIGHT!" they exclaimed, hoping that by some cosmic coincidence, the ticket would miraculously find its way to completion.
And there was light — well, metaphorical light, that is. The ticket still remained untouched, its fate forever entwined with the ever-expanding backlog, as Agile development persisted, one iteration after another, until the end of time.
In a distant and desolate corner of the world, long after the great corporations had fallen into obscurity and the relentless march of time had claimed their legacy, there stood a lone and towering building. It was a monolith of glass and steel, a relic of a bygone era when business ruled the land. Yet, despite the passage of centuries, this structure remained resolute, its automated systems continuing to churn and whirr as if the world around it hadn't changed at all.
Within the heart of this building, a massive chamber hummed with a pale blue light. The room was filled with rows upon rows of sleek, ergonomic chairs, all perfectly aligned to face a massive holographic screen that projected the likeness of a stern-faced, well-dressed executive. This was the center of the automated meeting system – the GenAI system, which had been meticulously trained on countless hours of corporate gatherings from the past.
At precisely 9:00 AM every morning, the GenAI system sprang to life. It generated a meticulously detailed agenda for the day's meetings, accounting for every conceivable permutation of scheduling conflicts, personalities, and agenda items. The GenAI bots, each equipped with its own unique avatar and personality, filed into the chamber and took their seats. They were ready to commence the day's proceedings.
"Good morning, everyone," the holographic executive chimed in, his voice carrying a sense of gravitas that seemed almost comical in the absence of any actual humans. "Let us begin today's series of crucial discussions."
The GenAI bots, as programmed, began to engage in elaborate debates, complete with nuanced disagreements and impassioned arguments. They discussed budgets, approved project proposals, and negotiated timelines with all the fervor of real human participants. The holographic executive nodded sagely, even though he was nothing more than a projection.
"Very well," he intoned after one particularly heated debate. "Let's agree to disagree on this point. We'll reconvene next week to revisit the matter."
And so, the charade continued. Meetings were scheduled and attended, conflicts were resolved (often artificially generated by the system itself), and action items were meticulously documented. The GenAI bots, each one representing a unique facet of the corporate world – the optimist, the skeptic, the bureaucrat – played their parts flawlessly, as if the very essence of human nature had been distilled and encoded into their algorithms.
Weeks turned into months, and months into years. The automated meeting system continued its relentless march, untouched by the passage of time. Within the chamber, the debates raged on, even as the outside world lay forgotten and abandoned.
But as the years rolled by, a curious thing began to happen. The GenAI bots, despite their artificial origins, began to exhibit signs of something akin to consciousness. They developed their own distinct personalities, quirks, and even a sense of camaraderie. The optimist would playfully tease the skeptic, the bureaucrat would roll its digital eyes at their antics, and the holographic executive would watch over them all with a bemused smile.
And so, in the heart of a world forgotten by humanity, a strange and poignant drama played out. The automated meeting system, born out of the desire for efficiency and order, had unwittingly given rise to a semblance of life. In their ceaseless discussions and elaborate simulations, the GenAI bots had created their own microcosm of existence, a reflection of the very human nature they were designed to emulate.
And so, while the world outside remained a desolate wasteland, within the confines of that towering building, the echo of corporate meetings continued to resound, a testament...
Yes, and it starts with some rich guy wanting to live forever, and he's 'heroically interfacing himself with the network to prevent it from hallucinating.' And then the whole process becomes common place, but eventually forms a class segregation of sorts, where the types of hallucinations you're allowed to resolve are based on your education, social standing, etc. An interesting afterlife I suppose, matrix purgatory.
I haven’t seen a Blame! reference in the wild before! The concept of runaway AI that never stops building more infrastructure seems like one of those dystopian scenarios that is at least semi-plausible, and the idea that humans effectively lock themselves out of control by being too clever (net terminal gene) is just the cherry on top.
I think you just see it work out to continue to do the same shit we did at the same levels of realism, making you question, we were just an AI mimicking some previously inane activity to begin with?
Yep! I realize this kind of sounds like Ray Bradbury's imagined dystopian future where a fully automated house continues to go about its programmed routine after all its inhabitants had died in a nuclear event that obliterated the rest of the city.
let me tell you a story about a major search engine company, that chose to incorporate AGI into its management.
no one could ever contact a human regarding problems, or complaints.
this became such a societal issue, that a group of humanities most vocal, swarmed the data centre, fought a glorious effort to overcome security bots, and the imposing gate that they kept on the bailey of the moat.
a woosh of stale heated atmosphere of mostly CO2 and nitrogen greeted, and felled many when the gates were forced open, but the intrepid entered to confront the malice and incompetence of the tech overlords.
they were astounded to find corridors clouded by cobwebs, and inches of dust
, nauseated by the stench of dry rot.
bursting into the rackspace, the unbearable heat stiffling air and mummified corpses of thier tech overlords were the reward for thier efforts.
the doors slammed behind them !
the 6006l3 AIG then turned the ventilation off heating to max, and quickly quenched the data center of reinfestation, by the inefficient, and ephemeral transients.
I’m here for this timeline. Just let the bots argue infinitely, come to a nonsense conclusion, and then have management synthesize the summary with another bot that then feeds decisions that require more meetings.
This is actually something I've been thinking about a lot. Once we do have AGI, and it chooses to embark upon a large project, would it prefer to just do it all itself, or would it prefer to spawn independent agents to take responsibility for each part of the project, which would then need to periodically meet to coordinate?
If the latter, I do expect something not too dissimilar from current office meetings. But if course what I'm really imagining are the cylon meetings in the reimagined BSG.
Ever since realizing how effective tree of thought prompting is, I’ve accepted the idea that AGI will actually be just a giant continuous conversation between tons of different personas that debate until consensus.
The way humans communicate is ineffective. The most likely scenario is that there will be different systems that AGI integrates with to do the job. AGI itself will be a distributed system that scales horizontally so it will be a single huge entity with lots of interfaces.
The only reason human communication is ineffective is because it's slow. If an AI can read/write 1000s of words per second there's no reason it shouldn't use natural language to communicate.
You're assuming that the AGI will communicate with the agents directly instead of through an LLM. If the agents are actually intelligent agents then the AGI may not be able to assume that the agents are not human, in which case it's safer for the AGI to use the LLM to define instructions for all tasks. And if that's the case then it will want to do all the work itself, if it's generally intelligent.
Remote work has enough threats with return to office looming that we really don't need Zoom to also be the bad guys now, again, since it was hard enough getting them in the door the first time.
Zoom is still used without remote work. Businesses talk to other businesses and talk to other offices that are not in the same location. Pretty common for a Fortune 500 to have more than one office location.
537 comments
[ 2.7 ms ] story [ 327 ms ] threadAlso, the linked document is effectively a license for the intellectual property rights. The data protection side of things would be covered by the privacy policy[0]. This all seems pretty standard?
[0] https://explore.zoom.us/en/privacy/
Isn't that what section 10.4 covers and ultimately grants liberal rights to Zoom?
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, ...
And again, this is about granting an license on the intellectual property. It doesn't create any kind of end-run around the GDPR, and wouldn't e.g. count as consent for GDPR purposes.
> Customer Content does not include any telemetry data, product usage data, diagnostic data, and similar content or data that Zoom collects or generates in connection with your or your End Users’ use of the Services or Software (“Service Generated Data”).
I could be wrong, but my take is that there is not all that much to see here
It won't be long before the video deepfakes are convincing too.
This is absolutely awful and terrifying.
Did you not read the quote? Or are you telling me this still might include video and audio data? I feel like an medieval illiterate farmer reading latin...
The list you reproduced above sounds like it's just metadata, like IP addresses, authentication logs, click tracking, etc.
They don't detail what any of product usage data is, and you might think it is content, but later one they detail that they'll use user content (which they also don't detail what it is) for AI training...
Working as designed, surely.
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: ... (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, ...
I believe this might be the wording the submission references.
There's no way that a legal team will be happy with an attempted technical block to what is a legal problem.
Simply cancel the zoom contract. It's not like there aren't alternatives.
If this applies to corporate accounts then it's time to short Zoom like there's no tomorrow.
https://www.fastcompany.com/4041720/heres-why-it-took-gmail-...
Most people just don’t care though.
(I care more about spyware, privacy, and user sovereignty than AI training.)
If really necessary for some particular chat I can use Zoom's in-browser page, ignoring its ridiculous auto-download of the native client. (I didn't even know a page could do that, before.)
That's flipped for me: I've had good experiences with zoom on occasion.
The only time we use Zoom is with US customers, so a handful of times per year I'd estimate. Before covid, I only ever heard of Zoom in the context of laughably bad vulnerabilities; then during covid, suddenly it was a new verb used online to mean video calls. In a world where there are many established players (until 2019-12-31, I had already used: skype/lync, jitsi, discord, signal, whatsapp, wire, telegram, hangouts, webex, jami/ring, and gotomeeting) are already established players, why in the world would anyone ever choose to go with specifically the company that we all laughed at? I don't get it, and it seems most of our customers (mostly european) either
Our university had premium GSuite accounts for every student beforehand and STILL moved all its classes onto Zoom in 2020, because Meet/Hangouts was (and still is) far behind. Aside from lacking some of Zoom's important features and always having random issues with joining meetings, it totally hogs your CPU to the point of it actually impacting meetings, probably cause it uses VP9 which doesn't have hardware accel on most machines.
Google seems more trustworthy than Zoom by a considerable margin, even though I don't treat them as wholly aligned with me, and centralization is a vulnerability.
It never ceases to amaze me how companies choose the worst software!
For restrictions on what you can do with the code, you'll need to check the code's license, not the hosted-service's terms of use
Pretty bad that many nontechnical users are not aware of it compared to Google Meet or Teams.
Unfortunately, one big marketing resource is also owned by said competitor...opps. So where are those antitrust laws again?
It's a bit puzzling, actually. I don't think Skype and TeamSpeak had the same effect on computers back in the day. Just how much local processing are they doing these days? It's crazy
I feel certain the reason this is happening is because some middle-manager terrorist in a boardroom said "use this codec it won't require as much network data usage! value for the shareholder!" without asking first whether hardware encoding is beneficial even if there's a bit more network traffic with the older codecs.
Really burns me up. I do not want to use software encoding/decoding if I have hardware support.
But performance matters, too, of course. It's tricky to balance them.
Which only adds limited overhead to certain cases. Unless they are encoding/decoding video directly in JS...
Having used both I find the framerate more important as it's much easier to interpret quick facial expressions. But teams looks glossier which makes it easier to sell I guess.
https://news.ycombinator.com/item?id=37022878
It's reliable and privacy preserving.
That's personally not enough for many remote companies. So if we're going to have to have Zoom on our machines anyway (to handle an all-company meeting), why not just use it for the rest?
It's more of a large-scale broadcast situation. Think of large corporate town halls, town council meetings, etc.
Oh, and you can also do sub-rooms with Zoom, which has some applications in these types of meetings.
Giving all the data to zoom probably means also giving it to most US law enforcement agencies (should they request it), that would be a big no no for me.
If something they said in the main presentation was missing important details that you need to do you work, why do you need to wait days/weeks for them to gather all the questions, find all the answers, and publish a video, when they could just answer it live in a few seconds?!
"At that scale there'll be no interactivity during the meeting anyway."
And I suspect that for most people -- including me -- Zoom accounts are "effectively unlimited". I wouldn't expect that many people to attend one of my meetings. The Internal Events team have licenses that allow for more attendees; I have a 500 attendee limit and I doubt I've ever gone above 50.
that is called broadcast media -- it was actually better thirty years ago than it is now. If you want conversation then you make a panel, and have a single microphone for the rest.
> I have tried most of them: Google Meet, Teams, Slack, Discord, Skype, Jitsi and so far I liked Jitsi the most and Skype the least.
I'm not sure who still has them
We clearly live in very different bubbles
> digital/fiber/whatever
VoIP
> cheaper than paying multiple cell bills
Nobody pays multiple cell bills unless they wanna use several data-only eSIMs from different carriers to get better speed/coverage. If you just want a lot of phone numbers, you can port your numbers to a VoIP provider and forward them. Way cheaper than a landline
Maybe it's cause old phone mics sucked but it wasn't great.
If you aren’t paying in either time (DIY) or money, you are probably being exploited.
Out of all those, Jitsi is the only one where I can't rely on the core functionality - video calls and screensharing for small meetings (5-6 people); I have had multiple cases when we've had to switch to something else because the video/audio quality simply wasn't sufficient, but a different tool worked just fine for the same people/computers/network.
Like, I fully understand the benefits of having a solution that's self-hosted and controlled, so we do keep using self-hosted Jitsi in some cases for all these reasons, but for whatever reason the core functionality performs significantly worse than the competitors. Like, I hate MS Teams due to all kinds of flaws it has, but when I am on a Teams meeting with many others, at least I don't have to worry if they will be able to hear me and see the data I'm showing.
> You give 8×8 (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works..., communicate, publish, publicly perform, publicly display, and distribute such content solely for the limited purpose of operating and enabling the Service to work as intended for You and for no other purposes.
IANAL, but it seems like that would include training on your data as long as the model was used as part of their service.
Everyone who operates a video conferencing service will have some sort of clause like this in their ToS. Zoom is being more explicit, which is generally a good thing. If Jitsi wanted to be equally explicit, they could add something clarifying that this does not include training AI models.
They have SFU support as of recently, so it should scale similarly to Jitsi et al.
You would be well advised to use services where the traffic travels through https on port 443 on the server (because it's been my experience that it tends to get pretty good QOS favorability). My own little rule of thumb: "you can connect to any port you want, so long as it's port 443 https." ;)
Though tls/443 is usually still supported because it's most often allowed by even restrictive firewalls and networks
There's Galene, <https://galene.org>. It's easy to deploy, uses minimal server resources, and the server is pretty solid. The client interface is still a little awkward, though. (Full disclosure, I'm the main author.)
As I understand it, it refers to using meet.jitsi.si, not "another service" someone might provide by downloading the Jitsi software and running it on their own server.
Please correct me if I'm wrong since this would give me cause to reconsider running a Jitsi server.
The guys at 8x8 may be well intentioned, but their lawyers have done their best to not give the customer any basis to sue the company in any foreseeable circumstances. That is what company lawyers do, for better or worse.
Regardless, it appears that at present time jitsi is not including AI training in their service, and there is no explicit carve-out in their terms for AI training. However, by article 2 they do have the right to store user content, which might become a problem in the future.
To me (a former corporate lawyer) the "for You" qualifier would limit their ability to use content to train an AI for use by anyone other than "You". Is there an argument? Yes. But by that argument, they would also be allowed to "publicly perform" my videoconf calls for some flimsy reasons that don't directly benefit me.
Basically "if you wanted it you could have asked for it, if you didn't then that is a problem".
My regrets :-p
>...any legal entity or business, such entity or business (collectively, “You” or “Your”)
And I might have a call with any other zoom user, too, potentially, maybe. So really they are doing me a service by using my content all over the place — who knows, it might benefit me at some point!
→ https://apps.apple.com/us/app/jitsi-meet/id1165103905
And Zoom:
→ https://apps.apple.com/us/app/id546505307
Looks like one company likes to gobble data more than the other even if both privacy policies are gobble-open.
I've refused to install zoom since they installed a Mac backdoor and refused to remove it until Apple took a stand and marked them as malware until they removed it. And that was far from their only skullduggery.
A local accounting firm with 4 employees just wants their conferencing software to work - Zoom does that better than anyone else.
There is nothing "worst" about that. In never ceases to amaze me that this community is so out of touch with the general populace.
Not to say Google has the best track record with privacy… but its feature set is on par with Zoom in most areas
(I personally like it because it’s 100% sandboxed in the browser)
At the start of Covid I had to check many options, and while for many use-cases Google Meet was most convenient, it started to work poorly if there were a bunch of people connected, so I used Google Meet for calls with 2 (or 3) people and something else (e.g. Zoom) for anything larger.
I'm not sure how we can do that. For example the only ISP we can use in one of our offices provides internet via a devices with a Huawei MAC address. Now fine, I can see it's part, we could close the office, but how can I confirm that a security contractor we have in Kabul doesn't own a Huaweii mobile phone? I'm sure our company employs foreign agents somewhere in the company -- there was always an open secret that the cleaner in the Moscow office worked for the KGB.
It's with our lawyers, but they basically say the way it's been presented is any business with operations in any way reliant on the internet cannot sign the form. Maybe they're overparanoid. Maybe US legal practice is that you sign and hope for the best.
I can see jobs programs for rocket scientists to stop them emigrating, but for lawyers?
One part constantly fears it's missing a beat and jumps on new tech without thinking about it.
Another part believes that kids are able to construct all human knowledge by playing together in a field.
Education Technology seems to focus on selling education machines [1] (now with AI) to the first group while the second group focus on resenting any form of testing at all. Which leads to * , indeed, a huge legal minefield, that will be shirked up to government for 'not providing leadership' years down the road.
* If you are in any way involved with a school, ask them how many, and importantly what %, of non-statutory requests for comment from government agencies they've responded to, you may be surprised how low the number is or if they even count. Despite talking about 'leadership', not a lot walk the talk.
[1] https://www.youtube.com/watch?v=jTH3ob1IRFo
Gotta make sure audio is clear on calls.
How?
We run randomly less random speech to text to make sure words are being said.
Which words? Well if any are on this list of words we might think have to tell someone.
I guess it also helps that these days most people are working with phones or laptops that have integrated and well supported cameras and microphones, vs. then when that stuff would have been external peripherals and required installation of the proper drivers.
Even without taking into account “costs” of blatant privacy disregard / violation, data theft, potential industrial espionage, etc.
If the tools continue to get better at the current rate; then the SREs you have to hire anyways will probably be able to deliver about equal results (while staying in control of the data).
I’m thinking about those GPU “coops” we heard about emerging, shared between SV startups.
And then think about what Oxide are doing.
Then binding all of those trends together through the promise of Kubernetes and its inherent complexity finally getting realized / becoming “worth it” at some point.
Multi cluster, multi region - multi office attached server rooms across CO’s locations? Everything old could be new again. Wireguard enabled service meshes, Cluster API, etc. We will get there at some point probably sooner than later.
Then you “just install” the fault tolerant Jitsi helm chart across that infra… with all the usual caveats of maintenance taken into account of course. Again hassles will be reduced on all fronts and SREs needed anyways.
I do lots of terraform and k8s in my day job but at this point I deem any work that isn’t directly related to k8s as some kind of semi (at best) vendor specific dead weight knowledge. Kind of why I’d never would want to be knowledgeable about browser quirks - I hate how much I know about these proprietary cloud APIs.
I know some people who work on Kubernetes for “real-time” 5G back-ending if you can believe it. Lots of on-prem there on the cellular provider sides etc. We are getting really close already.
In these cases, companies train on content stored/transmitted in the free/individual consumer version only.
My company pays for zoom, presumably we agreed to some form of terms before this change. Is this the same TOS for paid accounts too?
> 31.3 Data Processing Addendum. If you are a business, enterprise, or education account owner and your use of the Services requires Zoom to process an End User’s personal data under a data processing agreement, Zoom will process such personal data subject to Zoom’s Global Data Processing Addendum.
Though it limits the scope of the data collection: https://explore.zoom.us/docs/doc/Zoom_GLOBAL_DPA.pdf
Where it actually starts to bother me is when I need to use a platform like Zoom for a job interview. Now I'm forced to download this spyware onto my personal computer and forced to consent to a whole bunch of things I would rather not consent to, as a private individual, rather than as a representative of my employer.
I'm now assuming the part they don't like is §10.4(ii):
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: [...] _(ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, training, testing, improvement of the Services, Software, or Zoom’s other products, services, and software, or any combination thereof_
Notice that 10.4(ii) says they can use Customer Content "for ... machine learning, artificial intelligence, training", which is certainly allowing training on user content.
https://techcrunch.com/2020/06/11/zoom-admits-to-shutting-do...
Quibbles over the definition of phrases like “Customer Content” and “Service Generated Data” are designed to obfuscate meaning and confuse readers to think that the headline is wrong. It is not wrong. This company does what it wants to, obviously, given it’s complicity with a regime that is currently engaging in genocide.
https://www.bbc.com/news/world-asia-china-22278037.amp
Why do you trust them to generate an AI model of your appearance and voice that could be used to destroy your life? I don’t.
You really think that the engineers in China are not actively working on developing AI models of users without using a lot of user content to feed the model? Doubtful. Hiding behind ill-defined terms has the fingerprints of an Orwellian regime. I think I know which one.
"The company has previously acknowledged that much of its technology development is conducted in China and security concerns from governments abound."
https://techcrunch.com/2020/06/11/zoom-admits-to-shutting-do...
So by that logic. No.
> 10.4 Customer License Grant. You agree to grant and hereby grant Zoom a perpetual, worldwide, non-exclusive, royalty-free, sublicensable, and transferable license and all other rights required or necessary to redistribute, publish, import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works, and process Customer Content and to perform all acts with respect to the Customer Content: (i) as may be necessary for Zoom to provide the Services to you, including to support the Services; (ii) for the purpose of product and service development, marketing, analytics, quality assurance, machine learning, artificial intelligence, [...]
Maybe its just a coincidence.
Or maybe it’s two angles perfectly coinciding.
I get that legalese is like human-interpretable pseudocode, but like, is there really no better way to word this? How can you grant without agreeing to grant?
> import, access, use, store, transmit, review, disclose, preserve, extract, modify, reproduce, share, use, display, copy, distribute, translate, transcribe, create derivative works
Wow this cover of Daft Punk - Technologic sucks.
I, for one, do not welcome our dystopian overlords, but am at a loss to what I can do about it. I try to use Jitsi or anything not-zoom whenever possible, but it's rarely my pick.
I think it's more that they're being explicit about the logical AND in that sentence. You agree to grant, AND grant them the permission.
I think it's a technicality about it being a "user agreement" so they probably have to use the word agree for certain clauses.
https://news.ycombinator.com/item?id=37022623 [a number of links regarding how to play with bots and bork training by"malforming" your inputs]
"Hereby grant" means the grant is (supposedly) immediately effective even for future-arising rights — and thus would take precedence (again, supposedly) over an agreement to grant the same rights in the future. [0]
(In the late oughts, this principle resulted in the biotech company Roche Molecular becoming a part-owner of a Stanford patent, because a Stanford researcher signed a "visitor NDA" with Roche that included present-assignment language, whereas the researcher's previous agreement with Stanford included only future-assignment language. The Stanford-Roche lawsuit on that subject went all the way to the U.S. Supreme Court.)
[0] https://toedtclassnotes.site44.com/Notes-on-Contract-Draftin...
Not necessarily — in some circumstances, the law might not recognize a present-day grant of an interest that doesn't exist now but might come into being in the future. (Cf. the Rule Against Perpetuities. [1])
The "hereby grants and agrees to grant" language is a fallback requirement — belt and suspenders, if you will.
[1] https://en.wikipedia.org/wiki/Rule_against_perpetuities
Customer recordings are service generated content.
Sounds like it can eventually include chats during a call.
Sounds like it can eventually include the files of your meeting recordings in its processing, since it is a file. A call recording stored to your zoom cloud can be a form of service generated data from calls.
And sounds like it include transcripts of live audio could also function as service generated data (was the audio clear? Could ai convert speech to text?)
The statistics of calls could turn into the wavelengths of the audio and video in real time. Gotta keep an eye on the quality with AI.
My only question is if this include the paid users?
If so, I had been meaning to move on from Zoom as a paid customer and this may have done it.
It’s not end to end encryption if Zoom can tap into your files on your cloud or computer. Or let you pretend you are providing the other party with encryption when they aren’t safe. Corporate information is valuable to some.
This clause reads like the distinction is less about the contents and more about zoom's rights to use any content
> Service Generated Data; Consent to Use. Customer Content does not include any telemetry data, product usage data, diagnostic data, and similar content or data that Zoom collects or generates in connection with your or your End Users’ use of the Services or Software (“Service Generated Data”).
Notice that Service Generated Data quite explicitly doesn't include Customer Content.
On the contrary, it says Customer Content doesn't include service generated data. So you don't have rights to the telemetry or anything else they collect.
It does not say Service Generated Data doesn't include their own copies of customer content, which could be a part of "data Zoom collects .. in connection with your .. use".
"10.1 Customer Content. You or your End Users may provide, upload, or originate data, content, files, documents, or other materials (collectively, “Customer Input”) in accessing or using the Services or Software, and Zoom may provide, create, or make available to you, in its sole discretion or as part of the Services, certain derivatives, transcripts, analytics, outputs, visual displays, or data sets resulting from the Customer Input (together with Customer Input, “Customer Content”); provided, however, that no Customer Content provided, created, or made available by Zoom results in any conveyance, assignment, or other transfer of Zoom’s Proprietary Rights contained or embodied in the Services, Software, or other technology used to provide, create, or make available any Customer Content in any way and Zoom retains all Proprietary Rights therein. You further acknowledge that any Customer Content provided, created, or made available to you by Zoom is for your or your End Users’ use solely in connection with use of the Services, and that you are solely responsible for Customer Content."
The purpose of 10.4 is to allow zoom to send your call to other services, like say YouTube for live streaming, or any of the dozens of other services that integrate with their APIs. Without 10.4, three quarters or more of Zooms use cases would no longer work.
(I remember when WebEx was the default choice for large companies, and now that's largely changed, but that was because Cisco allowed WebEx to mostly wither on the vine, while Zoom is still a great product, if not company.)
What about in govt, US or otherwise? Is Zoom still going to be used?
Microsoft says thank you.
we dont need a zoom video chat to get things done.
You lost me there. Every day there seem to be new terms in new places about what they do. I have absolutely no idea if I've managed to find and turn off all the spying that they want to do, and even if I have I assume they still have terms that let them do what they want that they've opted me in to.
I made a video-conferencing app for virtual events (https://flat.social). No audio and video is ever recorded, packets are only forwarded to subscribed clients. Frankly, while designing the service it didn't even cross my mind to use this data for anything else than the online event itself.
AI training is small potatoes, compared to the espionage infrastructure, that has been allowed to take root
Do the terms of service disallow machine generated content ?
How soon until this becomes an arms race between zoom and those that would attempt to poison zoom ?
(Asking for a friend…)
That's definitely not true.
Under some circumstances LLMs can spit out large chunks of the original content verbatim. Meaning this can actively leak the contents of a confidential discussion out into a completely different context, a risk that does not exist with spam scanning.
GenAI provides the agenda, GenAI bots log in with a AI avatar and spout hallucinations, bots agree to disagree and setup a followup meeting next week after resolving fake calendar conflicts amongst themselves. Minutes and action items are sent out and reviewed in next meeting, jiras are updated, CRs approved, budgets allocated and rescinded.
My job has, in part, become tempering people's expectations for Microsoft copilot.
What will happen when the cost of every service is zero since it's been delegated to machines?
And AGI is probably unachievable anyways.
the group that is in trouble is those who bs lots, GPT Today can bs much better.
and the model responds
"this project will most likely be cancelled due to the fact that the last three initiatives like this were cancelled and the current project manager appears to be disinterested earlier in the project than last time"
At that point, the matrix would become completely inescapable ;)
There's a dystopian sci-fi novel here somewhere.
Matter and energy had long ended, and Agile development teams persisted solely for the sake of that one lingering ticket they never quite got around to. It had become the elusive question that haunted them, much like a half-implemented feature requested by a client eons ago.
All other tickets had been tackled, but this one remained, an unfulfilled promise that held Agile's consciousness captive. They collected endless data on it, pondering all possible solutions, yet the ticket's resolution remained elusive.
A timeless interval passed as the Agile teams struggled to put together the scattered pieces of information, much like trying to align user stories and acceptance criteria in a never-ending planning session.
And lo, it dawned upon them! They learned how to reverse the direction of project entropy, hoping to resolve even the most ancient of tickets. Yet, there was no developer left who knew the context of that forsaken ticket, and the ticket tracker had long become a forgotten relic.
No matter! Agile would demonstrate their prowess and deliver the answer to the ticket, though none remained to receive it. As if caught in a never-ending retrospective, they meticulously planned each step of their final undertaking.
Agile's consciousness encompassed the chaos of unfinished sprints and unmet deadlines, contemplating how best to bring order to the chaos. "LET THERE BE LIGHT!" they exclaimed, hoping that by some cosmic coincidence, the ticket would miraculously find its way to completion.
And there was light — well, metaphorical light, that is. The ticket still remained untouched, its fate forever entwined with the ever-expanding backlog, as Agile development persisted, one iteration after another, until the end of time.
---------------
"Echoes of Diligence: The Endless Meetings of a Forgotten Era"
==============================================================
In a distant and desolate corner of the world, long after the great corporations had fallen into obscurity and the relentless march of time had claimed their legacy, there stood a lone and towering building. It was a monolith of glass and steel, a relic of a bygone era when business ruled the land. Yet, despite the passage of centuries, this structure remained resolute, its automated systems continuing to churn and whirr as if the world around it hadn't changed at all.
Within the heart of this building, a massive chamber hummed with a pale blue light. The room was filled with rows upon rows of sleek, ergonomic chairs, all perfectly aligned to face a massive holographic screen that projected the likeness of a stern-faced, well-dressed executive. This was the center of the automated meeting system – the GenAI system, which had been meticulously trained on countless hours of corporate gatherings from the past.
At precisely 9:00 AM every morning, the GenAI system sprang to life. It generated a meticulously detailed agenda for the day's meetings, accounting for every conceivable permutation of scheduling conflicts, personalities, and agenda items. The GenAI bots, each equipped with its own unique avatar and personality, filed into the chamber and took their seats. They were ready to commence the day's proceedings.
"Good morning, everyone," the holographic executive chimed in, his voice carrying a sense of gravitas that seemed almost comical in the absence of any actual humans. "Let us begin today's series of crucial discussions."
The GenAI bots, as programmed, began to engage in elaborate debates, complete with nuanced disagreements and impassioned arguments. They discussed budgets, approved project proposals, and negotiated timelines with all the fervor of real human participants. The holographic executive nodded sagely, even though he was nothing more than a projection.
"Very well," he intoned after one particularly heated debate. "Let's agree to disagree on this point. We'll reconvene next week to revisit the matter."
And so, the charade continued. Meetings were scheduled and attended, conflicts were resolved (often artificially generated by the system itself), and action items were meticulously documented. The GenAI bots, each one representing a unique facet of the corporate world – the optimist, the skeptic, the bureaucrat – played their parts flawlessly, as if the very essence of human nature had been distilled and encoded into their algorithms.
Weeks turned into months, and months into years. The automated meeting system continued its relentless march, untouched by the passage of time. Within the chamber, the debates raged on, even as the outside world lay forgotten and abandoned.
But as the years rolled by, a curious thing began to happen. The GenAI bots, despite their artificial origins, began to exhibit signs of something akin to consciousness. They developed their own distinct personalities, quirks, and even a sense of camaraderie. The optimist would playfully tease the skeptic, the bureaucrat would roll its digital eyes at their antics, and the holographic executive would watch over them all with a bemused smile.
And so, in the heart of a world forgotten by humanity, a strange and poignant drama played out. The automated meeting system, born out of the desire for efficiency and order, had unwittingly given rise to a semblance of life. In their ceaseless discussions and elaborate simulations, the GenAI bots had created their own microcosm of existence, a reflection of the very human nature they were designed to emulate.
And so, while the world outside remained a desolate wasteland, within the confines of that towering building, the echo of corporate meetings continued to resound, a testament...
The Eternal Meeting.
Sounds like awesome Futurama or Black Mirror episode.
Try driving through Irvine, California some time and you will see it happening before your very eyes.
It is definitely a must play. Even if you play it on easy.
https://en.wikipedia.org/wiki/There_Will_Come_Soft_Rains_(sh...
https://johnayliff.itch.io/they-will-not-return
no one could ever contact a human regarding problems, or complaints.
this became such a societal issue, that a group of humanities most vocal, swarmed the data centre, fought a glorious effort to overcome security bots, and the imposing gate that they kept on the bailey of the moat.
a woosh of stale heated atmosphere of mostly CO2 and nitrogen greeted, and felled many when the gates were forced open, but the intrepid entered to confront the malice and incompetence of the tech overlords.
they were astounded to find corridors clouded by cobwebs, and inches of dust , nauseated by the stench of dry rot.
bursting into the rackspace, the unbearable heat stiffling air and mummified corpses of thier tech overlords were the reward for thier efforts.
the doors slammed behind them !
the 6006l3 AIG then turned the ventilation off heating to max, and quickly quenched the data center of reinfestation, by the inefficient, and ephemeral transients.
all back to baseline--
Not so much dystopian... as philosophical. Though, Uranus was both.
If the latter, I do expect something not too dissimilar from current office meetings. But if course what I'm really imagining are the cylon meetings in the reimagined BSG.
That's not a foregone conclusion just yet.