Last week I wrote a blog about some of the steps you need to take if you have started using technologies you haven’t used before to assist in working remotely. One of the steps discussed was looking at the privacy policies posted by each technology on its website to make sure you are comfortable with its practices before you start using it. One of the technologies we discussed in that blog was Zoom, a free (and paid) application that is used for video and audio conferencing. This week, several articles have been written about Zoom and its privacy practices:
- The New York Times writes that the New York Attorney General is looking into Zoom’s privacy practices. According to the New York Times, Zoom has received a letter from the New York AG’s office “asking what, if any, new security measures the company has put in place to handle increased traffic on its network’ because the AG’s office is “concerned that Zoom’s existing security practices might not be sufficient to adapt to the recent and sudden surge in both the volume and sensitivity of data being passed through its network”. The New York Times article can be found here. (Registration may be required.)
- The Intercept reported that Zoom “computer audio” meetings aren’t end-to-end encrypted as advertised. With end-to-end encryption Zoom “computer audio” meetings couldn’t be accessed by Zoom employees because they don’t have the encryption keys. It turns out, however, according to The Intercept, that Zoom meetings are transport encrypted which can be accessed by Zoom employees. The Intercept article can be found here.
- Business Insider writes that a class action lawsuit has been filed against Zoom in California based on Zoom’s practice of sharing personal information with Facebook and not stating in its privacy policy that it did so. The Business Insider article can be found here.