Zoom’s privacy changes prevent data from leaving Europe

Zoom has changed its privacy approach to prevent its data from leaving the EEA (European Economic Area).

In May 2021, the Dutch government and regulator, SURF, investigated Zoom’s approach to privacy and discovered nine high risks to individuals’ privacy. As an organization representing over 100 education and research institutions in the Netherlands, SURF could not recommend Zoom to its members.

Part of the difficulty for Zoom is that the Dutch government requires privacy by design, but it doesn’t provide a detailed explanation of how to achieve this. Fortunately, SURF has agreed to help resolve issues with its privacy policy to bring it up to its high standards.

Jet de Ranitz, CEO of SURFnoted:

“Privacy is very important for education. Zoom was able to provide good solutions in smooth cooperation with us and that is worth a lot. »

“I am incredibly proud of the team who worked hard to achieve these results. It can inspire other parties to work together in the same way. »

How did Zoom’s privacy policy change?

  • EEA restriction: Zoom data will remain inside the EEA. Although not a legal requirement, data protection authorities in the EEA have an increasingly negative view of data leaving the EEA. Keeping the data within the EEA will avoid such problems in the future.
  • Data Processor: Zoom has changed its status from data controller to data processor, so it will take much less responsibility for data on its platform, and users will have more control over their data.
  • Transparency: The privacy policy has become more transparent for users and companies. You can see all of his latest edits online.
  • Commitments: Zoom is committed to making future changes and following recommendations from SURF and the Dutch government.

How will the changes affect users?

  • Performance issues: There is a concern that some features will have reduced performance due to data not being permitted outside of the EEA. The extent of the performance loss is not yet known as Zoom’s solution is still under construction.
  • Data Preferences: The updates are already in place and Zoom users don’t have to do anything. However, they will have more control over their data preferences and SURF has published guidance for its institutions to navigate these options.

Glory Francke, senior privacy attorney at Zoomtold UC Today, “The rate at which privacy legislation is changing and emerging, it’s clear that privacy by design is in the early stages of the software development life cycle.”

“It’s not just about compliance anymore, it’s a business necessity and a way to stay at the forefront of the ever-changing compliance landscape. It’s a smart business move, and it’s something Zoom is well aware of.

SURF will now be able to recommend Zoom to the organizations it represents. Changes to Zoom’s privacy policy coincided with many new updates to its platform.

Comments are closed.