Chief Compliance, Ethics and Privacy Officer

4 Ways Zoom Works to Protect User Privacy

4 Ways Zoom Works to Protect User Privacy

At Zoom, we take our users’ privacy extremely seriously. To help safeguard our users’ information, we’ve taken important steps designed to optimize our platform’s security, increase data protection, and ensure compliance.

Here are four key ways we work to protect your privacy:

1. Enhanced encryption options 

Zoom has made many updates designed to better protect user privacy, starting with important changes to our encryption strategy. On May 30th, 2020, we upgraded to 256-bit AES-GCM encryption as our new standard for real-time content and media, which applies to data in transit across Zoom Meetings and Chat, Zoom Video Webinars, meetings occurring via Zoom Rooms, and Zoom Phone

On top of this enhanced encryption, Zoom now offers an optional end-to-end encryption (E2EE) feature, which uses the same powerful GCM encryption that supports any data in transit across standard Zoom Meetings, with the only difference being where the keys live. With Zoom’s E2EE, the meeting’s host generates encryption keys and uses public key cryptography to distribute them to participants. Zoom’s servers act as oblivious relays, never actually seeing the encryption keys required to decrypt the information.

2. Dedicated privacy features 

We’ve improved existing meeting features that help users manage their meeting privacy and security, including passcodes, Waiting Rooms, limited screen sharing, Report a User, and Suspend Participant Activities. We’ve also released a number of new dedicated privacy features that include:

  • Consent from meeting participants for when a host requests to unmute them 
  • Preventing participants from joining via multiple devices at the same time, or from a different device after being removed from a meeting
  • The ability to require only authenticated users to join meetings 

These features are designed with one goal in mind: safeguard our users’ privacy while delivering the best possible meeting experience. 

3. A continued commitment to compliance 

Zoom is committed to complying with the privacy laws, rules, and regulations that apply to our platform and customers, including the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and California Privacy Rights Act (CPRA). We also want our users to understand their rights, and have introduced tools and processes to both ensure our own compliance and help our customers meet their compliance obligations as well. 

In supporting telemedicine, Zoom has taken steps designed to provide more HIPAA and PIPEDA/PHIPA-compliant features for our customers. Zoom has implemented and maintains numerous privacy and security controls to ensure the safety of identifiable health information in its environment, and encrypts the audio, video, and screen sharing data that’s exchanged using our technology.

In addition to supporting remote learning experiences, Zoom helps educational institutions meet their compliance, including compliance with Family Educational Rights and Privacy Act (FERPA).

4. At-Risk Meeting Notifier tool

Last fall, Zoom introduced an At-Risk Meeting Notifier tool, designed to proactively identify any issues with meeting privacy. The tool scans posts on public social media sites and other public online resources for Zoom Meeting links. 

When the At-Risk Meeting Notifier finds publicly posted meeting information that indicates a given meeting could potentially experience disruption, Zoom notifies the respective account owners and admins by email and shares steps to make meetings private.

Privacy as a top priority

We’re dedicated to providing a seamless and secure experience for our users, empowering them to safely exchange and store valuable information via our platform.

As we continue to evolve our solutions, security and privacy will guide any new updates we make. We’re committed to being a platform users can trust — with their online interactions, information, and business.

To learn more about Zoom’s approach to privacy, explore our Trust Center, a one-stop shop containing our privacy, safety, and security resources.

Don’t forget to share this post