Zoom’s privacy changes prevent data from leaving Europe
Zoom has changed its privacy approach to prevent its data from leaving the EEA (European Economic Area).
In May 2021, the Dutch government and regulator, SURF, investigated Zoom’s approach to privacy and discovered nine high risks to individuals’ privacy. As an organization representing over 100 education and research institutions in the Netherlands, SURF could not recommend Zoom to its members.
Jet de Ranitz, CEO of SURFnoted:
“Privacy is very important for education. Zoom was able to provide good solutions in smooth cooperation with us and that is worth a lot. »
“I am incredibly proud of the team who worked hard to achieve these results. It can inspire other parties to work together in the same way. »
- EEA restriction: Zoom data will remain inside the EEA. Although not a legal requirement, data protection authorities in the EEA have an increasingly negative view of data leaving the EEA. Keeping the data within the EEA will avoid such problems in the future.
- Data Processor: Zoom has changed its status from data controller to data processor, so it will take much less responsibility for data on its platform, and users will have more control over their data.
- Commitments: Zoom is committed to making future changes and following recommendations from SURF and the Dutch government.
How will the changes affect users?
- Performance issues: There is a concern that some features will have reduced performance due to data not being permitted outside of the EEA. The extent of the performance loss is not yet known as Zoom’s solution is still under construction.
- Data Preferences: The updates are already in place and Zoom users don’t have to do anything. However, they will have more control over their data preferences and SURF has published guidance for its institutions to navigate these options.
Glory Francke, senior privacy attorney at Zoomtold UC Today, “The rate at which privacy legislation is changing and emerging, it’s clear that privacy by design is in the early stages of the software development life cycle.”
“It’s not just about compliance anymore, it’s a business necessity and a way to stay at the forefront of the ever-changing compliance landscape. It’s a smart business move, and it’s something Zoom is well aware of.