Privacy protection in the age of WFH
Way back when, in the 20th century, phone companies all over America ran ads with the theme “Reach out and touch someone.” After weeks of COVID-19, and new privacy protection risks, and social distancing, many of us are probably longing for the days when we could physically reach out and touch someone with a hug, a handshake, or a pat on the back. Instead, millions of Americans are using Zoom or other videoconferencing tools to connect with co-workers, teachers, healthcare providers, friends, and family. In fact, Zoom reported more than 200 million daily users in March—up from a max of 10 million daily users at the end of December 2019.
It’s true, videoconferencing has been a blessing for many people. But one trend we can always seem to count on: Where people go online, crime tends to follow. So, it’s no surprise that hackers and scammers are utilizing Zoom to create havoc: invading our privacy, stealing our information, and exposing us—and our children—to malicious content.
One nasty tactic is called “Zoombombing,” joining events uninvited and using hateful or inappropriate language and images to disrupt the meeting. According to NPR, Zoombombers have intruded on an Alcoholics Anonymous meeting in New York, Sunday school in Texas, online classes at the University of Southern California, and a city meeting in Kalamazoo, Michigan. Even the U.S. Congress has been targeted. Teachers transitioning to teaching students online have been particularly affected by this trend.
What’s worse, researchers found a Zoom bug that could be abused to steal Windows passwords and two bugs (since fixed) that could be used to take over a Zoom user’s Mac, including tapping into the webcam and microphone. There have also been concerns about Zoom’s privacy policies, which gave it broad rights over users’ personal data, and its encryption, which was apparently weaker than advertised.
For better or worse, though, Zoom is easy to use, and that makes it the videoconferencing platform of choice for many people. So, here are some tips to help you protect your privacy while hosting a Zoom meeting.
- Require a password to enter your meetings. (You can find a tutorial on setting up Zoom meetings here.)
- Try not to use the personal meeting ID. Instead, allow Zoom to generate a random ID for each meeting.
- Don’t announce videoconferencing meetings on social media or other public outlets.
- Use the Waiting Room option to screen participants and admit them manually.
- During the meeting, watch the list of meeting participants in the Zoom window and kick out unauthorized users.
For those attending Zoom meetings, follow these best practices to protect yourself:
- On a desktop computer, attend Zoom meetings via your browser. You don’t need the Zoom app to attend meetings from a desktop, and that way bad actors can’t exploit bugs in the app to steal personal information or take over your computer.
- Be careful when clicking on meeting invite links in email. If you have any doubts about the invite or the sender, just copy the ID (a number sequence) from the invitation and enter it in the Zoom browser window or application to join.
- Be careful about what you say—or what participants can see—in a Zoom meeting. Depending on the participants, you could be virtually letting strangers into your home.
With any luck, the coronavirus will be tamed before too long, and we’ll be able to enjoy each other’s company in person. In the meantime, videoconferencing has become an indispensable part of daily life for distance learning, remote working, and keeping in touch with friends and family far away. So, go ahead: Zoom out and touch someone. Just be safe and be sure you know who’s “touching” you back.
About IDX
We're your proven partner in digital privacy protection with our evolving suite of privacy and identity products.