April 6, 2020

April 06, 2020

Subscribe to Latest Legal News and Analysis

April 05, 2020

Subscribe to Latest Legal News and Analysis

April 03, 2020

Subscribe to Latest Legal News and Analysis

Not so Zoomy: Use of Videoconferencing Technology "Zoom" is on the Rise, but Privacy and Data Security Inadequacies Users Should Tread Carefully

As the world grinds to a halt following the perpetuation of COVID-19, more and more businesses have turned to remote work arrangements. This has led to a sharp rise in the use of videoconferencing technology Zoom. However, as the Australian Financial Review notes, flawed data security and privacy practices mean that the use of Zoom could be disastrous for corporate and personal privacy.

Concerns surrounding the use of Zoom arose earlier this year, with critical security vulnerabilities enabling hackers to predict Meeting ID’s and therefore join active meetings, and also allowing any website to forcibly join a user to a Zoom call with their video camera activated and without the user’s permission. Whilst a number of these errors were patched up, as the article notes, Zoom refused to disable the ability for hackers to forcibly join to a call anyone visiting a malicious site, raising security red flags and undermining public confidence in Zoom’s attitude towards data security. A strange response given that part of its attraction had been a perceived stronger approach to security.

The article further exposes shortcomings in Zoom’s privacy practices, noting as an example that calling into a Zoom meeting via telephone only reveals a simple message that the meeting is being recorded, without indicating by whom, to where, or whether the recording is audio, textual or both, further failing to share any terms and conditions or end user agreement with the relevant caller. Additionally, Zoom’s privacy policy indicates that, if a Zoom meeting host decides to record a meeting and store it on Zoom’s system, that person is responsible for obtaining any necessary consent from the individuals prior to recording a meeting, therefore placing no responsibility on Zoom to obtain consent prior to collecting the relevant information.

From a compliance perspective organisations need to consider if they are failing in their own privacy obligations if they are not addressing how their employees utilise platforms like this.

Copyright 2020 K & L Gates

TRENDING LEGAL ANALYSIS


About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm
Partner

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

+61.3.9640.4261
Warwick Andersen Technology Lawyer KL Gates
Attorney

Mr. Andersen is a senior corporate lawyer with a focus on commercial, technology and sourcing projects. He has advised on large scale outsourcing projects, technology agreements for both vendors and customers, corporate support, privacy and telecommunications regulatory work. He has acted for government departments, large listed companies, telecommunications companies and technology suppliers.

+61-2-9513-2508
Rob Pulham Corporate Attorney K&L Gates
Special Counsel

Rob Pulham is an experienced corporate advisory and transactional lawyer with an active technology and privacy practice representing companies in the energy, manufacturing, mining, retail, health and financial services sectors, as well as government and not for profit organisations. He has extensive experience advising customers and vendors in the technology industry, with particular focus on software licensing, data privacy and protection, and systems integration projects. In his role as a senior corporate lawyer, Mr. Pulham reviews organisational policies and practices...

61-3-9640-4414
Max Evans Lawyer technology matters, Software as a Service Agreements SaaS Sydney
Lawyer

Mr. Evans is a corporate and transactional lawyer with a focus on information technology and outsourcing. He provides assistance on a broad range of technology matters, including Software as a Service Agreements (SaaS), terms and conditions for software products and platforms as well as software procurement and outsourcing projects. Mr. Evans also provides assistance with technology and privacy aspects of mergers and acquisitions transactions.

Professional Background

Prior to joining K&L Gates, Mr. Evans worked in the insolvency and bankruptcy practice of...

61-2-9513-2318