Data protection authorities around the world have urged video conferencing providers like Zoom and Microsoft to review their privacy, security and data protection policies.

Following the increased number of people using video conferencing during the COVID-19 pandemic, six data regulators, including the Office of the Information Commissioner (ICO), have set out several principles these companies should focus on.

Since countries have been confined, people have turned to Zoom and Microsoft Teams, Google Hangouts and Skype, among others, to maintain normalcy and stay connected in their personal and professional lives.

These companies have been urged to urgently examine security, privacy by design and by default, the audiences that use their services, the transparency of these companies over data incidents, and the control that end users retain.

“We recognize that ride-hailing companies provide a valuable service for all of us to stay connected wherever we are in the world,” the open letter said. It has been co-signed by regulators from the UK, Canada, Hong Kong, Switzerland, Australia and Gibraltar.

“But the ease of staying in touch should not come at the expense of data protection and individual privacy rights. The principles in this open letter define some of the key areas to focus on to ensure that your VTC offering not only complies with data protection and privacy laws around the world, but also helps build the trust of your business base. ‘users.

Zoom, in particular, has been at the center of a string of high-profile security breaches since it rose to prominence when the lockdown began several months ago. These problems have even led a handful of organizations and national governments to ban the use of the platform for video communications.

The company reportedly argues that it is on track to address these security and privacy gaps, taking several steps, including rolling out end-to-end encryption and adding server routing controls.

Nonetheless, the six data authorities want companies like Zoom to respond by September 30 to show how they take into account the principles set out in the design and delivery of their services.

On the security front, the authorities say they have observed some worrying reports of security breaches that have led to unauthorized access to personal data. Particular attention must therefore be paid to security measures, as suppliers are constantly informed of new security risks and threats.

One measure they can implement is to require users to regularly update their platforms to the latest version and to review the way information is handled by third parties, including in countries abroad.

Privacy by design, on the other hand, should be implemented by defaulting to the most privacy-friendly settings for users, effectively erring on the side of caution. Some examples include clearly announcing new callers and muting incoming video and audio streams.

The fact that videoconferencing has become much more prevalent also means that there are many examples of groups and individuals using services that were not originally designed for them. This can create new risks, say regulators. A perfect example of this is the use of Zoom for distance education, which gave birth to the phenomenon of “Zoombombing”.

An ICO spokesperson said: “We expect to receive responses to the open letter from the five ride-hailing companies to which it was sent directly. We invite ride-hailing companies to demonstrate and explain how they are taking steps to deliver more privacy-focused ride-hailing solutions and meet global privacy expectations. If concerns persist, the signatories will engage with VTC companies to support them in their understanding and implementation of the principles of the letter. The primary purpose of signatories is to ensure that the personal data of their respective citizens is treated securely and in accordance with the laws they regulate. The principles set out should promote the safe handling of personal data and, when we receive evidence that this is not the case, we can use it to inform our regulatory decision-making. “

An ICO spokesperson said: “We expect to receive responses to the open letter from the five ride-hailing companies to which it was sent directly. We invite ride-hailing companies to demonstrate and explain how they are taking steps to deliver more privacy-focused ride-hailing solutions and meet global privacy expectations. If concerns persist, the signatories will engage with VTC companies to support them in their understanding and implementation of the principles of the letter. The primary purpose of signatories is to ensure that the personal data of their respective citizens is treated securely and in accordance with the laws they regulate. The principles set out should promote the safe handling of personal data and, when we receive evidence that this is not the case, we can use it to inform our regulatory decision-making. “

“We expect to receive responses to the open letter from the five VTC companies to which it was sent directly. We invite ride-hailing companies to demonstrate and explain how they are taking steps to deliver more privacy-focused ride-hailing solutions and comply with global privacy expectations, ”said an ICO spokesperson. IT pro.

“If concerns persist, the signatories will engage with the VTC companies to support them in their understanding and implementation of the principles of the letter. Signatories all have an overarching goal to ensure that the personal data of their respective citizens are treated securely and in accordance with the laws they regulate.

“The principles set out should promote the safe handling of personal data and, when we receive evidence that this is not the case, we can use it to inform our regulatory decision-making. “

Featured Resources

The ultimate law enforcement guide to going mobile

Best Practices for Implementing a Mobile Device Program

Free download

The Business Value of Red Hat OpenShift

Platform Cost Savings, ROI, and Red Hat OpenShift Challenges and Opportunities

Free download

Managing security and risk throughout the IT supply chain: a practical approach

Best Practices for IT Supply Chain Security

Free download

Impact of digital monitoring and dispatching services on edge computing and data centers

Seven Trends Redefining Remote Monitoring and Field Service Dispatch Service Requirements

Free download


Source link

Previous

This Bot hunts software bugs for the Pentagon

Next

COVID-19: Motorists must follow security procedures at Abu Dhabi checkpoints

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also