EU officials are being told to avoid the Zoom conferencing platform over privacy and security concerns — but some still use it anyway.
Use of Zoom has skyrocketed as people have turned to technology to stay in touch during the coronavirus lockdown. But the San Jose, California-based company now faces a growing backlash, after a wave of damaging reports of data leaks, undisclosed data-sharing and unwanted service interruptions.
U.S. senators have been warned in an internal memo that Zoom poses a high risk to privacy and security, while companies like Google and SpaceX have banned their staff from using the technology.
Now Brussels is following suit, at least on paper.
“Zoom is not an approved corporate IT solution for use by Commissions services,” a spokesperson for the EUs executive body said. Internal guidelines tell staff to avoid using the platform for work.
“I dont think it is fair to put the burden of verifying and enforcing compliance with European data protection rules on the shoulders of the users” — Sophie in t Veld, MEP
Instead, Commission staff have been advised to use Skype for Business for internal meetings and WebEx for external ones.
At the European Parliament it is a similar story. A spokesperson said that Zoom was an example of “external softwares not certified as complying with data protection” in internal guidelines. Committee sessions under lockdown have mostly taken place on Interactio, a platform geared toward multilingual meetings.
But in practice many European officials continue to use Zoom despite privacy concerns because “other tools just work less well,” according to MEP Sophie in t Veld.
She said that a meeting scheduled to take place using the Parliaments system Tuesday morning ended up taking place on Zoom. “I am currently waiting for a session with the official EP system to start. Official start of the meeting: 10h….waiting since half an hour….,” she said in an email.
In t Veld has been at the forefront of calls for clearer guidance on using digital services and products. “I dont think it is fair to put the burden of verifying and enforcing compliance with European data protection rules on the shoulders of the users … There is no competition between safe cars and unsafe cars. The authorities will make sure they all meet the standards. The same should apply to digital products and services,” she said.
In a recent interview with POLITICO, the Parliaments vice president responsible for information technologies, Marcel Kolaja, highlighted similar concerns.
“If its a platform established in the country where the company has the obligation to provide data to the government or intelligence agencies — and where it can also be given a gag order so that they cannot even tell anyone that this is happening — this is a risk. Everyone who shares anything via that platform needs to understand this,” he said.
A Zoom spokesperson said the company takes user security extremely seriously.
“A large number of global institutions, ranging from the worlds largest financial services companies, to leading telecommunications providers, government agencies, universities, healthcare and telemedicine practices, have done exhaustive security reviews of our user, network and datacenter layers and confidently selected Zoom for complete deployment. Zoom is in communication with governments around the world and is focused on providing the information they need to make informed decisions about their policies.”
While EU institutions seem to be coalescing around a consensus on Zoom, overarching guidance is lacking.
“Every EU institution is independently choosing its system and needs to ensure thatRead More – Source