It has been brought to our attention that Folkestone & Hythe District Council have trialed Zoom – a video conferencing with real-time messaging and content platform – on a couple of occasions last week (30/03/20 – 03/04/20). One of these trials involved up to a dozen people. We understand Hythe Town Council and Sandgate Parish Council are also intent on using Zoom for their virtual meetings.
Some Cllrs have found the use of Zoom easier and simpler as councillors can click on a link and should be able to use it. However, simplicity over security is a deep concern and in the words of Arvind Narayanan, an associate computer science professor at Princeton University. “Let’s make this simple,” he said. “Zoom is malware.”
Kent County Council is, we understand, using Microsoft Teams and Folkestone Town Council are trialing Microsoft Teams which has built-in security, compliance, and management capabilities.
Back to Zoom. The week beginning Monday 30th March, FHDC trialed Zoom twice, the FBI announced it was investigating increased cases of video hijacking, also known as “Zoom-bombing”. This has lead security researchers to call Zoom “a privacy disaster” and “fundamentally corrupt” as allegations of the company mishandling user data snowball.
Zoom does NOT have end-to-end encryption, a system that secures communication so that it can only be read by the users involved. Zoom confirmed in a blogpost on Wednesday (1st April) that end-to-end encryption was not currently possible on the platform and apologized for the “confusion” it caused by “incorrectly” suggesting the opposite.
Security flaws affecting Zoom have been reported throughout 2019 and as recently as this week (30/03/20 – 03/04/20). In 2019, it was revealed Zoom had quietly installed a hidden web server on user devices that could allow the user to be added to a call without their permission. And a bug discovered this week would enable hackers to take over a Zoom user’s Mac, including tapping into the webcam and hacking the microphone.
Zoom has what is known as an “attention tracking” feature. This allows a host to see if a user clicks away from a Zoom window for 30 seconds or more.
Workers using Zoom to attend virtual meetings while working from home could sue their employers if they object to how the web conference tool uses their personal information. Which means of course “There is a big risk an employee could ask for compensation.”
This feature would allow Council officers to check if Cllrs are really tuned into a work meeting or busy keeping their eye on community hub information.
What with all the known flows with Zoom it begs the question why our District, Town or Parish Councils wish to use it.
We believe it would be better for all councils to use Wire, which offers Video and audio conference calls. Of course there are other alternatives. Meanwhile we believe all councils should use one piece of software to make intergations simpler, if it be Microsoft Teams, just like KCC and Folkestone Town Council are using then so be it.
The Shepwayvox Team
Dissent is NOT a Crime