Privacy Protection of Zoom
Recording Zoom sessions and saving chat history
The session host or participant who has been specifically granted permission to record the session can make the recording. This should be discussed together before starting the recording. Session participants will see an icon on the screen during recording, indicating that recording is in progress.
The session host can save public messages as well as private messages that he or she has received during the session. Chat messages are automatically saved to host if session is recorded. Private messages from other users to each other will not be saved. For more information, see Zoom’s instructions, link.
Attendee Attention Tracking
Attention tracking informs the host if the participant is viewing any other window than Zoom session for more than 30 seconds. By default, attention tracking is off. It must be activated by the host itself through the setting adjusted from browser user interface. All in all, attention tracking does not tell the whole truth: if, for example, the purpose is to seek information on a matter being discussed together, the participants will of course not follow the session window.
iOs apps send some information about a Zoom user to Facebook even if they don’t even have a Facebook account
Older Zoom apps for iOs devices used Facebook developer tools, which provided third-party users with general device information such as app version, language, and time zone. However, user-identifying or session-related information was never been collected or uploaded. After the discovery, an update was released for iOs applications that no longer uses developer tools. More information.
User data storage and login to Zoom
HAMK does not use Zoom’s own servers, but a solution jointly competed by Nordic universities and operated by NORDUnet Denmark. For more information about NORDUnet: link.
All data between participants is transmitted on servers reserved for the use of NORDUnet, located in Denmark and Sweden. All communications in Zoom is encrypted between the server and the participants.
The privacy issues have been carefully taken notice with Zoom, as with the other services we have chosen, already in the tendering process.
HAMK users are instructed to always sign in to Zoom with the Single Sign-On (SSO) option, directing the user directly to use Haka login. Other login methods, such as email login, do not work with HAMK accounts. Attending a session does not require a participant to sign in.
Possible outsiders in the meeting
The host can remove people from the session with the Remove function. Update 9.4: host can now utilize Security button which brings together several useful functionalities.
- Host can lock the meeting
- Manage using of waiting room (the host must allow participants to join the actual meeting)
- Host can control participants’s rights to use chat or share screen.
Also annotation can be disabled. More tips on Zoom’s blog, link.
Hacking a webcam
A vulnerability was discovered in the summer of 2019 for Mac users, which allowed the webcam to be activated without telling the user. When this became known, the issue was fixed with an update in July 2019. Learn more.
Participating an online meeting
Here are a few rules of thumb to keep in mind when participating any online meeting:
- Microphones are kept muted when you are not having the floor.
- It is a good idea to cover the webcam lens with a tape or post it if the device does not have a mechanical flap to cover it. If you accidentally share your video you won’t reveal anything. By default, the video is not shared when joining a Zoom session.
- Remember to protect your privacy when sharing your screen or screen.
- Always use the latest release of the online meeting service.