How is Zoom Coping with Increased Scrutiny Over Security Risks?

claudiu-hegedus-u8o8mQ-ZWlE-unsplash.jpg

Working from home has never been easier with the help of videoconferencing apps; their popularity has seen an exponential increase across the world as a result of the pandemic. It is estimated that zoom has had an increase of 21% in active monthly users. However, these increasing numbers have meant its data security and privacy measures have been questioned by many including New York’s Attorney General – Letitia James. She asked Zoom if they had reviewed their security measures as they had been slow to address issues in the past. Its vulnerability to hackers has also been demonstrated by “Zoombombing”, this is where attackers can join meetings uninvited. 

What are the security flaws being experienced by users? 

In the past, Zoom has seen a vulnerability that allowed attackers to remove meeting attendees, spoof messages in chats from other users, and even hijack shared screens! Some even saw Mac users forced into calls without their knowledge. However, the main concern for many users is the lack of end-to-end encryption; this facility would have meant that no-one other than the participants can see a meeting. The lack of this means that it could be possible to collect data from a meeting and decipher anything that was said by attendees. This has left some users worried about discussing sensitive and confidential information over the platform. From a legal point of view this could be concerning as it means client confidentiality and a solicitor’s duty of care may be breached. 

Zoom has also been criticised for a feature called “attendee tracking” which, when enabled, has allowed the host of a zoom call to check if participants are clicking away from the main zoom window during a call. 

What is Zoom doing about this? 

A company spokesperson told the BBC that they are takings “users’ privacy, security and trust extremely seriously.” And that they are working around-the-clock to ensure hospitals, university, schools and other businesses across the world are well connected. 

The latest has been that Zoom is in an ongoing mission to tackle the security concerns implementing a 90-day plan to overhaul its security woes. They aim to have an upgraded encryption in their 5.0 version of Zoom; this means there might be better protection of data. In addition to this, they will allow paid users to select which of its data centres can handle the users’ data after it came out that some of Zoom’s Chinese servers were handling calls from outside of China. 

By Jai Anilkumar

The Corporate Law JournalComment