December 22, 2024

Jitsi Meet ditches anonymity—here’s why

0

 

A popular secure video-conferencing app has just ditched the main feature making it for a long time the go-to for activists, journalists, and whoever looking for extra privacy: its users’ anonymity.

Completely free to use, Jitsi Meet is an encrypted and open-source platform available for both web and mobile. Jitsi has increasingly become a privacy-first alternative to Zoom, Google Meet, or Microsoft Teams for allowing people to use the service without an account. Until now, at least.

From August 24, 2023, users need to use a Gmail, Facebook, or GitHub account to create a meeting room on meet.jit.si. And, while the new authentication requirement isn’t extended to the invitees, people are now worried about how this change will affect Jitsi’s overall level of privacy and security.

Jitsi Meet’s new authentication requirements

“When we started the service back in 2013, our goal was to offer a meeting experience with as little friction and as much privacy as possible,” Jitsi noted in a blog post, describing Meet as a means to allow users to converse freely “without fear of expressing their views and opinions.”

“Our commitment to both goals remains as strong as ever but anonymity is no longer going to be one of the tools we use to achieve them.” 

A rise in the number of reports concerning violations of its terms of service is allegedly the reason why the team finally decided to make the change. Despite not specifying the types of violation, the provider ensured that these were not “about some people merely saying things that others disliked.”

We reached out to the company for further comments on this, but at the time of writing, we are still waiting for a response. Looking online, though, we found a couple of worrying reports: a user was lamenting about rooms playing videos of underage individuals, while another reported a third party joining the call without authorization.

Nevertheless, some users expressed their disappointment with the new authentication requirement.

Jitsi’s official instance now requires you to authenticate with Facebook, Google, or Microsoft to host a call from r/privacy

Yet, Jitsi confirmed that encryption will keep securing all users’ communications from data breaches and/or other snooping activities.

At the same time, according to the update of its privacy policy, the developer firm (8×8) may now “process and store third-party account credentials to authenticate meet.jit.si users” while using this information to “investigate fraud or abuse on the meet.jit.si service.”

Talking about additional ways to ensure users privacy, Jitsi said: “We are still very much committed to holding user privacy in the highest regard and we still have no tools that would allow us to compromise the privacy of the actual audio or video content of a meeting, nor do we intend to create any.”

The provider also invites whoever feels uncomfortable using an account to access the service to check the tutorial to host their own secure deployment of Jitsi Meet. 

While Facebook, Google, and GitHub are the only accounts available to set up new meetings, the Jitsi team said the list may be extended to other services in the future.