Open in app

Sign in

Write

Sign in

Privacy Communication Lapses

Kārtik Malli
Hasgeek
Published in
3 min readApr 5, 2020

It’s been an eventful week for Zoom, the video conferencing platform that users all over the world have turned to for meetings, work discussions, and lectures, in order to remain functioning despite social distancing methods in place.

Controversy broke out over concerns of the platform’s privacy safeguards, following an article in The Intercept by Micah Lee and Yael Grauer. It quickly became apparent that Zoom’s privacy policy had a disconnect with what their own messaging claimed.

In particular, Zoom’s claim of offering end-to-end encryption on its platform was proven false through testing. This oversight meant that thousands of users who believed that their calls over Zoom were secure were essentially misled by Zoom themselves.

As circumstances radically transform our patterns of work and team organization, teams are now entrusting digital platforms with high volumes of data of direct human interactions — not just files, but now also records of conversations. In addition, teams often also discuss sensitive information over digital platforms.

Users are increasingly concerned if their private data is in safe hands, and platforms now communicate to users what safeguards they have in place to ensure this security. In other words, assurances of privacy have now become part and parcel of marketing, finding place in branding and communications.

This is significantly more important for work teams.

In all this, “encryption” as a term has virtually attained the status of a buzzword. The mere mention of the term in a platform’s messaging is enough to reassure users of its safety.

However, this generally does not offer any further insight into the platform’s actual privacy policy by itself, especially with many of these platforms relying on advertising for revenue.

Accountability is then sidestepped by the companies, leaving the burden of examining their claims to others. In other words, brand communication projects a certain image to users, but the verification of these safeguards is taken up by third parties.

This has also made people approach courts either for privacy or to break encryption to trace people causing harms to society. The issue of Government of India Vs Whatsapp in Indian courts over whatsapp traceability has left enough people in confusion.

There is a clear gap between communications, branding, and practice.

To their credit, Zoom later released an official statement apologizing for the miscommunication, with their CEO offering a technical explanation of how the platform handles data.

With the average user taking brand messaging at face value, many questions arise.

  • How do you know if your data and personal details are safe with a platform?
  • How often do you examine a platform’s privacy messaging to see if it does what it claims?
  • How do you ascertain the strength and extent of a platform’s privacy safeguards?
  • What sort of third party checks should exist to validate these claims?
  • Should be widely used apps like Zoom be subject to peer review and privacy audits by security communities and practitioners?
  • Are companies sufficiently held accountable by the larger community?
  • Does managing functionality and usability on one hand, and adequate privacy on the other often require a tradeoff for you and your team?
  • What is more important to you, features or privacy safeguards?
  • How can companies communicate how user data is handled more responsibility?
Data Privacy
Data Security

--

--

Kārtik Malli
Hasgeek

Written by Kārtik Malli

89 Followers
Writer for

Perpetually on the lookout for good seafood. I like languages, books, music, and history too.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams