Wednesday, April 15, 2020

Video Conferencing and Data Security


Zoom, the video conferencing app that has become wildly popular during the coronavirus crisis admitted that it had “mistakenly” routed some user data through China.”

This news in the Financial Times of 4 April 2020 said that Zoom “had ‘mistakenly’ allowed the calls to flow through its two Chinese data centres since February as part of its efforts to cope with increased traffic, as millions of users flocked to use its technology to host business meetings and social catch-ups during the lockdown.

“The company said it had since fixed the flaw, adding that the error occurred only “under extremely limited circumstances” and that government customers were not affected”.

As Zoom is based in California’s Silicon Valley, the government it refers to is the US government.

But, what is wrong if its user data had flowed through two Chinese data centres?

Simple. It creates strong suspicions, and fears, that Beijing could be spying on all that data. The Chinese privacy laws could demand that those companies with data centres in China should necessarily share data with the Chinese government when required.

These same security concerns are among the top reasons why Huawei is unable to roll out its 5G plan, globally, as quickly as it wants; especially in the USA.

China’s Huawei is the world's No. 1 telecom supplier and No. 2 phone manufacturer. But the latest news is that Huawei is not allowed to roll out its 5G Plan in the UK too.

One of the biggest concerns for the future is ‘data security’ today. And unless companies make appropriate strategies to protect their consumers’ data, we will be diving into a big-brotherly world where individuals would have to fear the abuse and misuse of their privacy.

We have heard of how Facebook and Cambridge Analytica together misused individual users’ privacy.  We have heard of how Apple’s iCloud data-breach put up thousands of intimate and private pictures of celebrities out in the public domain. We have heard of how some governments’ data centres - of millions of utility accounts of citizens - were hacked by cybercriminals who put up some of the personal user data online. We have heard of the Wiki Leaks!

Take an interesting case from India. It is being alleged that India’s defence minister had recently used Zoom Conferencing tools to discuss with the Chief of Defence Staff, a few days ago.

India and China are both nuclear powers, and neighbours, who do not see eye to eye on some national borders which are disputed.

So, with Citizen Lab, a Canada-based independent research organisation, finding out that Chinese servers are being used to distribute encryption and decryption keys for video links on Zoom, there are new apprehensions on India’s defence security too.

In today’s COVID 19 global scenario, there is a huge surge in demand for video conferencing tools.

Zoom’s usage alone went up 20 times! It had announced on 1 April 2020 that “as of the end of December last year, the maximum number of daily meeting participants, both free and paid, conducted on Zoom was approximately 10 million. In March this year, we reached more than 200 million daily meeting participants, both free and paid” ( for their statement click here).

Apart from Zoom, there are several other videoconferencing tools like Microsoft Teams, Microsoft Skype, Google Hangouts, Cisco Webex Meetings and GoToMeeting which have all seen an enormous surge in usage in just the last three months.

They are being used not only for office meetings but also for holding online webinars and conferences as well as for virtual get-togethers of family and friends.

As various files and pictures - some private and confidential - get shared over the Internet, what is the guarantee that they are safe from the criminals and competitors?

We must hold accountable all the software companies to ensuring that our privacy and our user data is well protected.

A common argument they might give is that some of their services are free.

But they get good revenues from advertising.

And it does not give them any right to be careless when they sharing our data with third parties; or when protecting our data from being criminal-hacker.

Data Ethics and Data Legislation will become growing fields in the future.