With stay-at-home orders in place across the globe, online video communication services have seen a skyrocket in use. In particular, the video platform Zoom is on a tear. The company’s shares are on the rise, and mobile app is currently #1 in the Apple app store. Families and friends use it to connect, and entire school systems rely on it to continue classes online. But with the increased use comes increased scrutiny.
According to the New York Times, the New York Attorney General is now looking into Zoom’s security practices. The letter, sent from the state’s Attorney General’s office, expresses concern “that Zoom’s existing security practices might not be sufficient to adapt to the recent and sudden surge in both the volume and sensitivity of data being passed through its network.” Zoom’s privacy issues have also been noted by Consumer Reports, Forbes and Doc Searles.
Zoom for Telehealth and Legal Counsel
Worries about Zoom’s privacy standards are of particular concern for industries that require confidentiality, such as medicine, therapy, and legal counsel.
Telehealth services have quickly become commonplace as more and more people are staying at home. The company does provide a HIPPA-compliant version of their services. However, the recent compliance waiver for telehealth allows health care providers to opt for the far cheaper but less secure version of the software. Now, many insurers are allowing health care providers to bill for telehealth visits. This has opened up the floodgates for patients to meet with doctors and therapists over Zoom.
Given the concerns over Zoom’s privacy practice, it is an open questions whether doctor patient confidentiality and attorney client privileges can be properly guaranteed. For example, Zoom boosts the use of end-to-end encryption, but recent reports show this is not entirely accurate. While Zoom does use end-to-end encryption in certain settings, video meetings use another form of encryption that does not restrict the company’s ability to access those communications.
And, of course, Zoom alone can’t stop the trolls from invading your zoom meetings, especially those you’ve shared publicly. Even the FBI is warning about zoom bombing. There are ways to limit that, though by being prudent with your Zoom settings.
Zoom Responds, but is it Enough?
In response to mounting concerns, Zoom updated their privacy policy over the weekend, stating that customer content will not be used for advertising and that videos are only retained if users request it. This update is important and it is good to know that the brand of wine we are toasting each other with during our zoom happy hours won’t be sold to a digital marketer. However, in a blog post about the changes, Zoom’s chief legal officer, Aparna Bawa, said that new policy only clarifies what information they collect, and does not change the companies practices. Zoom also removed code from their platform that sent data analytics to Facebook, after reports surfaced last week.
Despite these minor changes, it may not enough to protect user privacy and guarantee confidentiality for industries that require it. Zoom is, indeed, booming and it’s hard to see it receding dramatically in a post-Covid world. Let’s hope it takes all the reasonable steps it should to respect privacy along its ride.