July 14, 2020

Volume X, Number 196

July 14, 2020

Subscribe to Latest Legal News and Analysis

July 13, 2020

Subscribe to Latest Legal News and Analysis

Not so Zoomy: Use of Videoconferencing Technology "Zoom" is on the Rise, but Privacy and Data Security Inadequacies Users Should Tread Carefully

As the world grinds to a halt following the perpetuation of COVID-19, more and more businesses have turned to remote work arrangements. This has led to a sharp rise in the use of videoconferencing technology Zoom. However, as the Australian Financial Review notes, flawed data security and privacy practices mean that the use of Zoom could be disastrous for corporate and personal privacy.

Concerns surrounding the use of Zoom arose earlier this year, with critical security vulnerabilities enabling hackers to predict Meeting ID’s and therefore join active meetings, and also allowing any website to forcibly join a user to a Zoom call with their video camera activated and without the user’s permission. Whilst a number of these errors were patched up, as the article notes, Zoom refused to disable the ability for hackers to forcibly join to a call anyone visiting a malicious site, raising security red flags and undermining public confidence in Zoom’s attitude towards data security. A strange response given that part of its attraction had been a perceived stronger approach to security.

The article further exposes shortcomings in Zoom’s privacy practices, noting as an example that calling into a Zoom meeting via telephone only reveals a simple message that the meeting is being recorded, without indicating by whom, to where, or whether the recording is audio, textual or both, further failing to share any terms and conditions or end user agreement with the relevant caller. Additionally, Zoom’s privacy policy indicates that, if a Zoom meeting host decides to record a meeting and store it on Zoom’s system, that person is responsible for obtaining any necessary consent from the individuals prior to recording a meeting, therefore placing no responsibility on Zoom to obtain consent prior to collecting the relevant information.

From a compliance perspective organisations need to consider if they are failing in their own privacy obligations if they are not addressing how their employees utilise platforms like this.

Copyright 2020 K & L GatesNational Law Review, Volume X, Number 86


About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

Warwick Andersen Technology Lawyer KL Gates

Mr. Andersen is a senior corporate lawyer with a focus on commercial, technology and sourcing projects. He has advised on large scale outsourcing projects, technology agreements for both vendors and customers, corporate support, privacy and telecommunications regulatory work. He has acted for government departments, large listed companies, telecommunications companies and technology suppliers.

Rob Pulham Corporate Attorney K&L Gates
Special Counsel

Rob Pulham is an experienced corporate advisory and transactional lawyer with an active technology and privacy practice representing companies in the energy, manufacturing, mining, retail, health and financial services sectors, as well as government and not for profit organisations. He has extensive experience advising customers and vendors in the technology industry, with particular focus on software licensing, data privacy and protection, and systems integration projects. In his role as a senior corporate lawyer, Mr. Pulham reviews organisational policies and practices...

Max Evans Lawyer technology matters, Software as a Service Agreements SaaS Sydney

Mr. Evans is a corporate and transactional lawyer with a focus on information technology and outsourcing. He provides assistance on a broad range of technology matters, including Software as a Service Agreements (SaaS), terms and conditions for software products and platforms as well as software procurement and outsourcing projects. Mr. Evans also provides assistance with technology and privacy aspects of mergers and acquisitions transactions.

Professional Background

Prior to joining K&L Gates, Mr. Evans worked in the insolvency and bankruptcy practice of...