Natalie’s Commentary: Today, the Department of Justice announced the indictment of a Zoom executive for working with the CCP to censor topics and meetings on its platform even within the US on topics and for individuals the CCP did not want discussed. The text of the indictment is below and shows the dangers for supposedly American companies when working with and in China. This is probably not the only such instance of this and the government should take every step possible to protect these platforms and prevent foreign interference in US communications. Even the Washington Post sees the dangers here.
DOJ Announcement
China-Based Executive at U.S. Telecommunications Company Charged with Disrupting Video Meetings Commemorating Tiananmen Square Massacre
A complaint and arrest warrant were unsealed today in federal court in Brooklyn charging Xinjiang Jin, also known as “Julien Jin,” with conspiracy to commit interstate harassment and unlawful conspiracy to transfer a means of identification. Jin, an employee of a U.S.-based telecommunications company (Company-1) who was based in the People’s Republic of China (PRC), allegedly participated in a scheme to disrupt a series of meetings in May and June 2020 held to commemorate the June 4, 1989 Tiananmen Square massacre in the PRC. The meetings were conducted using a videoconferencing program provided by Company-1, and were organized and hosted by U.S-based individuals, including individuals residing in the Eastern District of New York. Jin is not in U.S. custody.
“No company with significant business interests in China is immune from the coercive power of the Chinese Communist Party,” said Assistant Attorney General for National Security John C. Demers. “The Chinese Communist Party will use those within its reach to sap the tree of liberty, stifling free speech in China, the United States and elsewhere about the Party’s repression of the Chinese people. For companies with operations in China, like that here, this reality may mean executives being coopted to further repressive activity at odds with the values that have allowed that company to flourish here.”
“The FBI remains committed to protecting the exercise of free speech for all Americans. As this complaint alleges, that freedom was directly infringed upon by the pernicious activities of Communist China’s Intelligence Services, in support of a regime that neither reflects nor upholds our democratic values,” said FBI Director Christopher Wray. “Americans should understand that the Chinese Government will not hesitate to exploit companies operating in China to further their international agenda, including repression of free speech.”
“The allegations in the complaint lay bare the Faustian bargain that the PRC government demands of U.S. technology companies doing business within the PRC’s borders, and the insider threat that those companies face from their own employees in the PRC,” said Acting United States Attorney Seth D. DuCharme. “As alleged, Jin worked closely with the PRC government and members of PRC intelligence services to help the PRC government silence the political and religious speech of users of the platform of a U.S. technology company. Jin willingly committed crimes, and sought to mislead others at the company, to help PRC authorities censor and punish U.S. users’ core political speech merely for exercising their rights to free expression. The charges announced today make clear that employees working in the PRC for U.S. technology companies make those companies—and their users—vulnerable to the malign influence of the PRC government. This Office will continue working tirelessly to protect against threats to the free expression of political views and religious beliefs, regardless whether those threats come from inside or outside the United States.”
Mr. DuCharme and Mr. Demers also extended their thanks and appreciation to Company-1 for its cooperation in the government’s ongoing investigation.
According to the complaint, Jin served as Company-1’s primary liaison with PRC law enforcement and intelligence services. In that capacity, he regularly responded to requests from the PRC government for information and to terminate video meetings hosted on Company-1’s video communications platform. Part of Jin’s duties included providing information to the PRC government about Company-1’s users and meetings, and in some cases he provided information – such as Internet Protocol addresses, names and email addresses – of users located outside of the PRC. Jin was also responsible for proactively monitoring Company-1’s video communications platform for what the PRC government considers to be “illegal” meetings to discuss political and religious subjects unacceptable to the Chinese Communist Party (CCP) and the PRC government.
As alleged in the complaint, between January 2019 to the present, Jin and others conspired to use Company-1’s systems in the United States to censor the political and religious speech of individuals located in the United States and around the world at the direction and under the control of officials of the PRC government. Among other actions taken at the direction of the PRC government, Jin and others terminated at least four video meetings hosted on Company-1’s networks commemorating the thirty-first anniversary of the Tiananmen Square massacre, most of which were organized and attended by U.S.-based participants, such as dissidents who had participated in and survived the 1989 protests. Some of the participants who were unable to attend these meetings were Company-1 customers in Queens and Long Island, New York who had purchased subscriptions to Company-1’s services, and therefore entered into service agreements with Company-1 governed by its Terms of Service (TOS).
Jin, officials from the PRC government and others allegedly collaborated to identify meeting participants and to disrupt meetings hosted on Company-1’s U.S. servers, at times creating pretextual reasons to justify their actions to other employees and executives of Company-1, as well as Company-1’s users themselves. In particular, in May and June 2020, Jin and others acted to disrupt meetings held on the Company-1 platform to discuss politically sensitive topics unacceptable to the PRC government by infiltrating the meetings to gather evidence about purported misconduct occurring in those meetings. In fact, there was no misconduct; Jin and his co-conspirators fabricated evidence of TOS violations to provide justification for terminating the meetings, as well as certain participants’ accounts. Jin then tasked a high-ranking employee of Company-1 in the United States to effect the termination of meetings and the suspension and cancellation of user accounts.
As detailed in the complaint, Jin’s co-conspirators created fake email accounts and Company-1 accounts in the names of others, including PRC political dissidents, to fabricate evidence that the hosts of and participants in the meetings to commemorate the Tiananmen Square massacre were supporting terrorist organizations, inciting violence or distributing child pornography. The fabricated evidence falsely asserted that the meetings included discussions of child abuse or exploitation, terrorism, racism or incitements to violence, and sometimes included screenshots of the purported participants’ user profiles featuring, for example, a masked person holding a flag resembling that of the Islamic State terrorist group. Jin used the complaints as evidence to persuade Company-1 executives based in the United States to terminate meetings and suspend or terminate the user accounts of the meeting hosts.
PRC authorities took advantage of information provided by Jin to retaliate against and intimidate participants residing in the PRC, or PRC-based family members of meeting participants. PRC authorities temporarily detained at least one person who planned to speak during a commemoration meeting. In another case, PRC authorities visited family members of a participant in the meetings and directed them to tell the participant to cease speaking out against the PRC government and rather to support socialism and the CCP.
The charges in the complaint are allegations, and the defendant is presumed innocent unless and until proven guilty. If convicted of both charged conspiracies, Jin faces a maximum sentence of ten years in prison.
The investigation into this matter was conducted by the FBI’s Washington Field Office. The government’s case is being handled by the Office’s National Security and Cybercrime Section. Assistant U.S. Attorneys Alexander A. Solomon, Richard M. Tucker, David K. Kessler and Ian C. Richardson are in charge of the prosecution, with assistance from Trial Attorney Scott A. Claffee of the National Security Division’s Counterintelligence and Export Control Section.
Justice Department officials brought criminal charges on Friday against a Zoom executive for allegedly working with President Xi Jinping’s government to shut down calls as well as accounts that ran afoul of stringent censorship requirements, including commemorations of the 1989 massacre of pro-democracy activists in Tiananmen Square. The executive, Xinjiang Jin, was based in China as Zoom’s liaison with that nation’s law enforcement and intelligence services — except here, liaising allegedly included monitoring sensitive discussions of “Hong Kong demonstrations, illegal religions” and more, as well as passing on user data. A number of those affected (fewer than 10, Zoom says in a blog post) were living outside China. Some were dissidents now in the United States.
Zoom has cooperated with the investigation, fired the involved employees and launched an internal probe of its own. The bottom line of its response: Restrictions by which Zoom abides within China shouldn’t result in restrictions on those outside China. Obviously this is true. But it also misses part of point: While the exportation of China’s repression is indeed a worldwide threat no U.S. business should enable, China’s repression within China is also a travesty. Zoom, pointing to its “Government Requests Guide” as a bulwark against state overreach, claims that promoting free expression is part of its mission — and that its task is to balance “compliance with local laws even as Zoom seeks to promote the open exchange of ideas.” Yet all U.S. companies in the Chinese market face a crucial question: Is such an “even as” actually possible?
Different firms have come to different conclusions. Facebook doesn’t exist in China; Google pulled out in 2010 but briefly explored a return in recent years, arguing that it could make the flow of information in the nation at least marginally freer. Apple very much does exist in China, and it justifies its presence by explaining that it protects privacy more carefully than domestic companies. Zoom, similarly, might insist that it allows for connections to the outside world for those behind the Great Firewall who otherwise would go without.
These arguments are rarely convincing: U.S. companies operating in China must make the case that their positive impact on civil liberties is enough to compensate for their complicity in the abuse of those same liberties. That’s a high bar, but at the least it requires these firms standing up for human rights wherever possible — and laying out lines that they refuse to cross. So far, Zoom has shown that it is willing to do a lot to aid the Chinese government, and little to push back against it. That fails the test.
Foreign Spies Are Targeting Americans on Zoom and Other Video Chat Platforms, U.S. Intel Officials Say
As much of the world works from home, an explosion of video conference calls has provided a playground not just for Zoombombers, phishermen and cybercriminals, but also for spies. Everyone from top business executives to government officials and scientists are using conferencing apps to stay in touch during the new coronavirus lockdowns and U.S. counterintelligence agencies have observed the espionage services of Russia, Iran, and North Korea attempting to spy on Americans’ video chats, three U.S. intelligence officials tell TIME.
But the cyberspies that have moved fastest and most aggressively during the pandemic, the intelligence officials say, have been China’s. “More than anyone else, the Chinese are interested in what American companies are doing,” said one of the three. And that, in turn, has some U.S. counterintelligence officials worrying about one video conference platform in particular: Zoom. While the Chinese, Russians, and others are targeting virtually every tool Americans and others are using now that they’re forced to work from home, Zoom is an attractive target, especially for China, the intelligence officials and internet security researchers say.
An Apr. 3 report by The Citizen Lab, a research organization at the University of Toronto, found a number of shortcomings in Zoom’s security, including some that made it particularly vulnerable to China. It found that Zoom’s encryption scheme “has significant weaknesses,” including routing some encryption keys through Chinese servers, and that its ownership structure and reliance on Chinese labor could “make Zoom responsive to pressure from Chinese authorities.”
The U.S. intelligence officials stress there is no evidence that Zoom is cooperating with China or has been compromised by it, only that Zoom’s security measures leave gaps, some of which may make the application less secure than others. All three intelligence officials, who requested anonymity because they are not authorized to discuss ongoing operations with the media, said spies are using multiple applications to search government, corporate, and academic conversations for financial, personal, product development, research, and intellectual property information and leads. Federal experts have warned both government and private officials not to use video conference applications to discuss or exchange sensitive information. In a memo on Thursday, the Senate Sergeant-at-Arms told Senators not to use Zoom, according to one person who received the memo.
Zoom has responded to the particular criticism of its security with multiple public efforts to address the concerns. After initially claiming that its platform provides end-to-end encryption for all its conversations, Zoom later said some encryption was in fact absent from some online messaging tools. “While we never intended to deceive any of our customers, we recognize that there is a discrepancy between the commonly accepted definition of end-to-end encryption and how we were using it,” wrote Oded Gal, the chief product officer for Zoom Video, in an April 1 blog post.
The subsequent investigation by The Citizen Lab found other weaknesses. During a test of a Zoom meeting with two users, one in the United States and one in Canada, the Citizen Lab’s researchers found that the key for conference encryption and decryption was sent to one of the participants from a Zoom server apparently located in Beijing. A scan located a total of five servers in China and 68 in the United States that apparently run the same Zoom server software as the Beijing server, their report says.
Zoom’s headquarters are in San Jose, California and it is listed on the NASDAQ. The company’s main applications have been developed in part by three companies in China that all are named Ruanshi Software, the Citizen Lab study found. Two are owned by Zoom, and one is owned by a company called American Cloud Video Software Technology Co., Ltd. Zoom’s most recent SEC filing says the company employs at least 700 “research and development” employees in China, and job postings for Ruanshi Software in Suzhou, China include positions for C++ coders, Android and iOS app developers, and testing engineers, the Citizen Lab reported.
Zoom says it is not alone in having workers and servers in China, and says it has resolved the issue of encryption keys being routed through a server there. “Zoom is not unique among its U.S. based teleconferencing peers in having a data center and employees in China; Zoom is perhaps just more transparent about it,” the company said in a statement to TIME. “Ruanshi is the Chinese name that Zoom uses to name our subsidiaries in China,” the company said, and “Our engineers are employed through these three subsidiaries and we are fully transparent about it—all of this is disclosed in our filings.” The company added that it “has a number of documented controls and protections in place to protect data and prevent unauthorized access, including from Zoom employees. These controls are strictly enforced across the Company, regardless of jurisdiction.”
In the wake of the Citizen Lab report, Zoom has taken other steps to reassure users about its commitment to security. On April 8, Alex Stamos, former chief security officer at Facebook and Yahoo, posted a note on Medium saying Zoom CEO Eric Yuan had called and “asked if I would be interested in helping Zoom build up its security, privacy and safety capabilities as an outside consultant, and I readily agreed”.
Sens. Amy Klobuchar of Minnesota and Michael Bennet of Colorado and Reps. Frank Pallone of New Jersey, the Chairman of the House Energy and Commerce Committee, and Jan Schakowsky of Illinois have called for the Federal Trade Commission to investigate whether Zoom has taken the measures necessary to protect its users. Multiple state attorneys general already have begun looking into the company, Politico reported. And despite Zoom’s reassurances, some intelligence experts remain concerned about its vulnerabilities. “Zoom’s links to China, regardless of what its CEO promises, create a persistent threat,” former director of the National Security Agency and the Central Intelligence Agency Michael Hayden, tells TIME.
Please send tips, leads, and stories from the frontlines to virus@time.com.
The Coronavirus Brief. Everything you need to know about the global spread of COVID-19
Contact us at letters@time.com.