Six data protection and privacy authorities have published an open letter to video teleconferencing companies pointing out their obligations to comply with the law and handle people’s information responsibly.
As the coronavirus pandemic has led to a sharp uptake in use of video conferencing, risks associated with collection and use of personal data have increased.
The letter, published on the Office of the Australian Information Commissioner’s website, is intended for all video conferencing companies (VTC), and has been sent directly to Microsoft, Cisco, Zoom, House Party and Google.
The aim is to help the companies address key privacy risks, and better protect people’s personal information.
The letter highlights five principles: effective security updated as new risks and threats emerge; privacy-by-design and default, not added as an afterthought; know your audience, ensuring platforms are used as intended; transparency and fairness about what information is collected, how it is used and who it is shared with; and incorporating end-user control.
The signatories are the Office of the Australian Information Commissioner, the Office of the Privacy Commissioner of Canada, the Gibraltar Regulatory Authority, the Privacy Commissioner for Personal Data in Hong Kong (China), the Federal Data Protection and Information Commissioner of Switzerland and the Information Commissioner’s Office of the UK.
They state: “We recognise that VTC companies offer a valuable service allowing us all to stay connected regardless of where we are in the world, something that is especially important in the midst of the current Covid-19 pandemic. But ease of staying in touch must not come at the expense of people’s data protection and privacy rights.”