1. Video conferencing software and data protection
As the Corona crisis escalated, many companies had to act and quickly commit to using a video conferencing tool. You can quickly read the general terms and conditions or accept them “blindly”. There is also a lot of time for studying the data protection measures of the respective provider and for comparison with the GDPR.video conference solution
SMD video conference solution in Pakistan these results in unclear privacy regulations, security vulnerabilities, and hacked videoconferencing. It didn’t take long for the first privacy issues to become apparent. Two examples from the last few weeks:
Layard SMD screen Zoom vulnerabilities
At Zoom, there were negative headlines about data security. There was a suspicion that Zoom secretly passed on user data to Facebook. In addition, there were some security vulnerabilities that allowed strangers to participate in ongoing zoom conferences or flood them with advertisements.
Zoom has reacted very openly here, both ending the data transfer to Facebook and defusing the security vulnerabilities, for example by introducing a password function and better encryption for the meetings.
Microsoft has trouble with data protection authorities
There is also trouble at Microsoft. The Berlin data protection officer criticized the solutions Skype and Microsoft Teams, but also other providers, as sensitive under data protection law. Microsoft objected to the data protections’ statement, saying it had “misunderstood statements” and “incorrect ratings.” Microsoft has since written to the Berlin data protectors asking them not to make such statements.
Although compliance with the GDPR may not be a top priority from the point of view of companies in the age of Corona, the use of online tools does not have a legal vacuum. To avoid trouble with data protectors, employees, or business partners, you should take some time to select or review your conference solution.
2. Check: What to look out for when choosing your videoconferencing solution
In addition to different tariffs and technical possibilities, the tools on the market also offer different prerequisites and settings for data protection. It is important for the selection that you observe certain data protection points.
Ⅰ. My provider is based in the EU or has an adequate level of data protection
EU providers are secure
from a data protection perspective In the EU there is a uniform level of data protection. Therefore, services are more secure from a data protection point of view. If you have a choice between different tools, it is better to choose a service from the EU.
Suppliers from third countries (USA & Co.)
If you choose a service from a third country (all in other EU countries), you should ensure that it complies with appropriate data protection rules. But how do you recognize that?
a. Adequacy decision of the EU Commission
For some countries, the EU Commission has found that the level of data protection there is “adequate” (i.e. comparable to the EU). These include Andorra, Argentina, the Faroe Islands, Guernsey, Japan, Israel partly, Canada, New Zealand and Switzerland.
b. Standard Contractual Clauses (SCC)
According to these standard contractual clauses, the respective provider undertakes to safeguard European data protection.
c. EU-US Privacy Shield
The EU-US Privacy Shield can no longer be used as a legal basis. The ECJ has overturned the agreement.
Ⅱ. I set the privacy settings as securely as possible
Privacy settings vary by tool. There are many settings in the respective systems that you should take a closer look at. In the first place, transmissions should be encrypted only. The recordings and any chat logs should also be deleted after the meeting ends. If possible, tracking of participants should also be stopped.
Iii. I have signed an order processing contract with the provider
Providers are generally considered to be processors. Therefore, you must enter into an AV contract with them.
Iv. If there is a works council, I have involved the works council
If you have a works council, then agreements can be made with it if login data is processed by the online conference tool and/or the participation of the employees can be “monitored”. According to Section 87 (1) No. 6 of the Berge, this is mandatory.
1. Video conferencing software and data protection
As the Corona crisis escalated, many companies had to act and quickly commit to using a video conferencing tool. You can quickly read the general terms and conditions or accept them “blindly”. There is also a lot of time for studying the data protection measures of the respective provider and for comparison with the GDPR.
1. Video conferencing software and data protection
As the Corona crisis escalated, many companies had to act and quickly commit to using a video conferencing tool. You can quickly read the general terms and conditions or accept them “blindly”. There is also a lot of time for studying the data protection measures of the respective provider and for comparison with the GDPR. video conference solution
1. Video conferencing software and data protection
As the Corona crisis escalated, many companies had to act and quickly commit to using a video conferencing tool. You can quickly read the general terms and conditions or accept them “blindly”. There is also a lot of time for studying the data protection measures of the respective provider and for comparison with the GDPR.
1. Video conferencing software and data protection
As the Corona crisis escalated, many companies had to act and quickly commit to using a video conferencing tool. You can quickly read the general terms and conditions or accept them “blindly”. There is also a lot of time for studying the data protection measures of the respective provider and for comparison with the GDPR. video conference solution