Zoom's Identity Shift: From Chinese Roots to American Tech Icon

In the era of digital transformation, few stories capture the rapid ascent of technology like that of Zoom Video Communications (“Zoom”). Founded by Eric Yuan in 2011, Zoom became a household name virtually overnight as the world pivoted to remote work and virtual gatherings during the 2020 global pandemic crisis. However, with this meteoric rise came a cloud of confusion: was Zoom a Chinese company, or was it American? This question was not just academic; it had implications for security, privacy, and even national interest in an increasingly digital and interconnected world.

At first glance, the narrative seemed straightforward. Eric Yuan, born in China, brought his entrepreneurial vision to realization after years at Cisco’s WebEx. Yet, the early involvement of Chinese developers and a significant portion of Zoom’s research and development (“R&D”) being based in China sparked concerns, particularly amidst rising geopolitical tensions. Misconceptions flourished, fueled by incidents like Zoom calls being routed through servers in China and intercepted by unauthorized users, which raised alarms about data privacy and national security.

This article delves into the journey of Zoom from its inception to how it navigated the complex waters of international business to assert its identity as a “pure U.S. company.” We’ll explore the company’s foundational years, the controversies it faced, the decisive steps it took to clarify its national identity, and how it emerged as a symbol of American innovation in a globalized tech landscape. Through this lens, we’ll understand not just a company’s evolution but reflect on broader themes of identity, trust, and technology in our modern era.

Founding and Early Days

The story of Zoom begins with Eric Yuan, whose background inevitably colored early perceptions of Zoom. Born and educated in China, Eric Yuan moved to the U.S. in 1997 to join the tech boom. At that time, he spoke very little English, and applied nine times before being granted a visa to the U.S. Upon arriving, he joined WebEx, a web conferencing startup that was later acquired by Cisco in 2007.  Also in 2007, Yuan became a naturalized American citizen.[1] After a decade in the tech giant’s service, Yuan envisioned a platform that could offer simplicity, reliability, and quality in video conferencing. In 2011, he took the leap, founding Zoom in San Jose, California, and incorporating it under Delaware law, setting the stage for what would become a quintessential American tech startup.

Zoom’s early days were marked by a focus on creating a user-friendly video conferencing solution. The company started with a small team, including developers in China due to Yuan’s familiarity with the talent there. According to unverified post on Quora, at one time, Zoom had about 1,136 employees in mainland China to work on the App’s development, which is almost half of Zoom’s entire work force.[2] Initial seed funding came from U.S. venture capitalists (making the company more “American”), with a USD 100 million Series D funding from Sequoia Capital making it’s a unicorn in 2017.[3] Zoom went public in 2019 with one of the most successful IPOs of that year. 

Controversies and Clarifications

As Zoom’s user base exploded in 2020, so did the scrutiny over its operations, particularly concerning privacy and security. This scrutiny was not unfounded but was often intertwined with confusion over the company’s national identity, which largely is a result of the founder’s own Chinese connection, Zoom’s strong development base in China, and continued significant operations in China. 

China Connections

While Zoom is headquartered in the United States and listed on NASDAQ, an investigation report issued by Citizen Lab shows that its mainline Zoom app appears to be developed by three companies in China, all sharing the Chinese name Ruanshi Software (“软视软件”).  Two of the three companies are owned by Zoom.[4] This has caused the Citizen Lab to question whether Zoom is a U.S. company but “with a Chinese heart.”[5]

A review of Zoom’s IPO prospectus and annual reports to date revealed significant China operations.  At all times, Zoom has had a significant R&D team in China, fluctuating between 500 to more than 700 employees, for lower personnel costs. [6]Zoom’s strong China development team forms a sharp contrast with its sales expansion in the country, on which Zoom stated that it used “strategic partners and resellers to sell in international markets, such as China, where [Zoom has] limited or no sales presence.”[7] The number of Zoom’s China subsidiaries increased from three to six from 2019 to 2024, including a variable interest entity that holds the license to sell and service in China. [8]  Based on its most recent annual report, Zoom’s China structure looks like the following:

Zoom’s approach to China operations reflects a common pattern among U.S. tech companies, but with unique characteristics. Zoom’s R&D concentration in China is notably higher than other tech companies such as Microsoft and Apple. Zoom’s shift to a partner-only model also contracts with other U.S. tech giants. For example, Microsoft operates in China through a hybrid model of direct sales and partnerships. 

Zoom’s significant operations in China and its founder’s Chinese identity have caused identity issues for the company when it was trying to navigate the increasingly complex Sino-American trade relationships. In fact, Zoom has continuously disclosed trade tension of a key risk in its annual reports, expressing concerns about its impact on the company’s global operations. 

Regulatory Scrutiny

From FY 2021 Annual Report onward, Zoom continues to disclose regulatory scrutiny from both the Chinese and U.S. authorities. Specifically, Zoom reported that in September 2019, the Chinese government turned off Zoom’s service in China without warning and requested that Zoom take certain steps prior to restoring services, including designating an in-house contact for law enforcement requests and transferring China-based user data housed in the U.S. to a data center in China.

The most widely debated action comes in relation to Zoom’s closing accounts of activist groups based in the U.S. and Hong Kong. In June 2020, Zoom was criticized for suspending the accounts of three human rights activists hosting Zoom calls discussing the 1989 Tiananmen Square incident. Zoom admitted that the accounts were shut down at the request of the Chinese government.[9] The accounts were later re-opened, with the company stating that it would have a new process for handling similar situations.[10]

After the incident, more than a dozen of U.S. lawmakers demanded Zoom to explain its closure of these accounts, including the soon-to-be Secretary of State Marco Rubio.[11] Zoom also faced legal actions. In June and July 2020, Zoom received subpoenas from the Department of Justice’s U.S. Attorney’s Office for the Eastern District of New York (“EDNY”) and the Department of Justice’s U.S. Attorney’s Office for the Northern District of California (“NDCA”). The EDNY and NDCA subpoenas requested information about (among other things) Zoom’s interactions with foreign governments and/or foreign political parties, including the Chinese government, as well as about storage of and access to user data, including the use of servers based overseas. In addition, the EDNY subpoena requested information about the actions Zoom took relating to the Tiananmen commemorations on Zoom. The NDCA subpoena also requested documents and information about any attempted or successful influence by any foreign government in Zoom’s policies and practices as they relate to users in the United States.[12]

On November 19, 2020, the Federal Bureau of Investigation (“FBI”) issued an arrest warrant for Chinese citizen Xinjiang Jin (“Jin”), former Zoom executive based in China, because he was charged to have conspired to commit interstate harassment and unlawfully transfer means of identification in the EDNY.[13] Jin was allegedly the employee for terminating the video meetings at issue and was allegedly fired for violating Zoom policies.[14] Note that the final legal action at EDNY was only targeting Jin, and Zoom was not mentioned in the complaint. This signifies a successful interaction with the enforcing authorities by Zoom.

This incident fueled the narrative that Zoom might not be as “American” as claimed, raising questions about whether the company could be pressured by the Chinese government. Zoom quickly responded by clarifying that this was a misconfiguration and not standard practice, and they took steps to ensure such routing would not occur without explicit user consent.[15] Eric Yuan also stressed again that Zoom is American, not Chinese.[16]

Zoombombing 

One of Zoom’s most pressing issues came in the form of “zoombombing,” where uninvited participants intruded into meetings, often sharing inappropriate content. This phenomenon has spurred suspicion about the company’s ability to protect user communications and whether it rightfully represented itself as adopting a standard “end-to-end encrypted connection,” and had cause FBI to issue a warning.[17] The Citizen Lab report, for example, criticized Zoom for not implementing a true end-to-end encryption but rather only encrypting communications between users and Zoom servers.[18] During a test, the Citizen Lab found that key for conference encryption and decryption was sent to a participant outside of China from a Zoom server located in Beijing, which generated the concern whether the keys would be made available to Chinese authorities.[19]

Zoombombing is also the basis of two class actions against Zoom in the U.S. District Court for the Northern District of California. In the first class action, U.S. plaintiffs alleged that Zoom improperly shared data with third-party software from companies including Facebook and Google, claimed to have end-to-end encryption when it did not, and failed to prevent Zoombombing. In April 2022, a settlement agreement was reached in which Zoom would agree to pay USD 85 million while denying the truth of the allegations.[20] [21] In the second class action, international users made essentially the same allegations.[22]

Zoom was also slapped by the Federal Trade Commission (“FTC”) who alleged that Zoom engaged in a series of deceptive and unfair practices that undermined the security of its users.[23] In January 2021, the FTC finalized its settlement with Zoom, under which Zoom agreed to implement a comprehensive security program, obtain biennial assessment of its security program, and notify the FTC if it experiences a data breach.[24]

Eric Yuan and Zoom’s leadership were quick to address these concerns revealed through legal and enforcement actions. In numerous public statements, including blog posts and interviews, Yuan emphasized Zoom’s American origins and commitment to user privacy.[25] Zoom also clarified its encryption practices, admitting that it had misrepresented the level of security in its marketing materials. They committed to true end-to-end encryption for certain accounts and introduced new features like meeting passwords and waiting rooms to combat Zoombombing, showing a direct response to user feedback and security expert critiques. Also, understanding that part of the issue was user awareness, Zoom embarked on a mission to educate its users, including releasing guides on how to secure meetings and tailor privacy settings for users’ needs.

The controversies around Zoom catalyzed a period of intense scrutiny but also led to significant clarifications and improvements. The narrative of Zoom being a Chinese company was largely dispelled through these efforts, though the damage to its reputation required a concerted effort to repair. This era in Zoom’s history was a testament to the complexities of managing a global tech company’s identity in a world where data privacy and national allegiance are under the microscope.

Transition to a “Pure U.S. Company”

The journey to unequivocally establish Zoom as a U.S. company involved strategic decisions and public actions aimed at clarifying its national identity and operational commitments:

• Operational Changes. In around 2020, Zoom decided to cease direct sales in mainland China, moving to a partner-only model.[26] This step was crucial in distancing the company from direct Chinese regulatory influence, although it didn’t mean Zoom ceased operations there entirely. Instead, this shift was a clear signal of Zoom’s intent to align more closely with U.S. business practices, particularly in light of privacy and security concerns. 

• Corporate Structure. Zoom’s IPO in April 2019 was a significant milestone, not just for the financial boost but for its implications on corporate governance. Being publicly traded on NASDAQ meant Zoom was subject to U.S. financial regulations, transparency requirements, and investor accountability. 

• R&D and Data Centers. While Zoom maintained R&D operations in China, the company made it clear that strategic, high-level decisions and the bulk of its infrastructure were managed from the U.S. Following the data routing controversies, Zoom invested heavily in expanding its data center footprint in the U.S. and other regions outside China. By 2020, Zoom announced plans for new engineering centers in Phoenix and Pittsburgh, emphasizing its commitment to U.S. job creation and innovation.[27]

• Privacy Enhancement. Zoom implemented changes to ensure that data from users outside of China would not be routed through its Chinese infrastructure without explicit consent. This was part of a broader initiative to safeguard user data in accordance with U.S. data protection standards.

• Public Perception Management. The company’s leadership, notably Eric Yuan, engaged in a media blitz to clarify Zoom’s status. Yuan, an American citizen, used these platforms to reaffirm Zoom’s U.S. headquarters in San Jose, California, and its American ethos. They also addressed specific incidents, like the suspension of accounts for activists in Hong Kong, explaining that this was due to compliance with local laws but emphasized that such policies would not apply to U.S. users or those in countries with different legal frameworks.

• Legal and Governmental Engagement. Zoom worked closely with U.S. authorities to clarify its position. This included obtaining certifications like FedRAMP for federal government use[28] and engaging with bodies like the FTC to resolve issues related to past security lapses. These engagements were part of a broader effort to demonstrate adherence to U.S. legal and security standards, further cementing its identity as a U.S. company.

Through these actions, Zoom transitioned from a company with complex, international operations to one that was clearly positioned in the U.S. market, both in terms of identity and operational focus. This transition was not just about changing perceptions but also about operational realignment to ensure that Zoom’s core activities and strategic decisions were aligned with American practices.

Conclusion

Zoom’s journey from being mired in confusion over its national identity to being recognized as a quintessential American tech company is a compelling narrative of strategic repositioning. The company, led by an immigrant entrepreneur, initially faced skepticism due to its Chinese development roots and data routing issues. However, through decisive actions like restructuring its sales operations in China, enhancing data privacy measures, and emphasizing its U.S.-based leadership and governance, Zoom successfully shifted public perception. It managed to convince stakeholders of its American identity, not just through legal domicile but through its actions to respect American standards and practices.

[1] https://en.wikipedia.org/wiki/Eric_Yuan

[2] https://www.quora.com/Is-Zoom-a-Chinese-company

[3] https://en.wikipedia.org/wiki/Zoom_Communications

[4] The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness and security of the Internet. https://web.archive.org/web/20200412023706/https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/

[5] Ibid. 

[6] https://www.sec.gov/Archives/edgar/data/1585521/000119312519107178/d642624ds1a.htm#toc

[7] Ibid. 

[8] https://www.annualreports.com/HostedData/AnnualReportArchive/z/NASDAQ_ZM_2020.pdf

[9] https://web.archive.org/web/20200612041858/https://techcrunch.com/2020/06/11/zoom-admits-to-shutting-down-activist-accounts-at-the-request-of-the-chinese-government/

[10] https://time.com/5855033/zoom-ceo-eric-yuan-time100-talks/

[11] https://www.rfa.org/english/news/china/zoom-06122020183151.html

[12] https://www.sec.gov/ix?doc=/Archives/edgar/data/1585521/000158552122000037/zm-20220131.htm

[13] https://www.fbi.gov/wanted/counterintelligence/xinjiang-jin/@@download.pdf

[14] https://edition.cnn.com/2020/12/18/tech/videoconference-app-chinese-government/index.html

[15] https://timesofindia.indiatimes.com/gadgets-news/we-are-american-not-chinese-says-zoom-ceo/articleshow/75567581.cms

[16] Ibid. 

[17] https://edition.cnn.com/2020/04/02/us/fbi-warning-zoombombing-trnd/index.html

[18] https://web.archive.org/web/20200412023706/https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/

[19] Ibid. 

[20] https://www.latimes.com/california/story/2022-04-22/zoom-settlement

[21] https://www.dacbeachcroft.com/en/What-we-think/zoom-class-actions-go-international#_ftn3

[22] https://www.lexology.com/library/detail.aspx?g=f1cfbf65-389a-4ada-ab3b-fb89226b0c58

[23] https://www.ftc.gov/news-events/news/press-releases/2020/11/ftc-requires-zoom-enhance-its-security-practices-part-settlement

[24] https://www.ftc.gov/news-events/news/press-releases/2021/02/ftc-gives-final-approval-settlement-zoom-over-allegations-company-misled-consumers-about-its-data

[25] https://www.indiatoday.in/technology/news/story/zoom-ceo-says-the-company-is-american-not-chinese-1675109-2020-05-06

[26] https://technode.com/2020/08/03/zoom-will-be-local-version-only-for-chinese-users/

[27] https://www.zoom.com/en/blog/zoom-to-open-rd-centers-in-phoenix-and-pittsburgh/?cms_guid=false&lang=null

[28] https://www.zoom.com/en/trust/legal-compliance/fedramp/?cms_guid=false&lang=null