4 minute read
What are the risks of virtual meetings?
“Shall we jump on a Zoom?” “You’re on mute.” “Can you see me?” These are all things we have all heard a lot more during the last year.
But as professional solicitors who are used to meeting clients all the time, like everyone else, we have had to quickly adapt to the changing times.
Advertisement
The risks of virtual
Zoom and Microsoft Teams have allowed us to continue to meet clients and attend networking events, albeit virtually. However, have you truly considered the risks that this could bring to you and your business? Do you know what privacy settings there are in Zoom? Have you considered what could happen if something you say on Teams was recorded and used against you, or released into the public domain?
Furthermore, I’m pretty sure that most people would rather avoid becoming the next viral sensation. I certainly would not relish attending a virtual trial and having to make representations to a Judge that I am definitely ‘not a cat!’
Avoid Zoombombers
If Zoom is your preferred video conferencing software, then setting up a meeting is simple. You ask other parties to dial in to your meeting using a randomly generated ID number between 9 and 11 digits long. Zoom’s default settings don’t make you generate or set a password for someone to gain entry to the meeting. This has resulted in cases of ‘Zoombombing’, where uninvited participants enter your meeting by guessing an active meeting ID.
Some reports suggest that meeting IDs are in fact susceptible to brute force attacks and there have been many reported cases of Zoombombing in the UK and the USA. Businesses need to consider whether they are potentially allowing privacy and confidentiality breaches to occur by arranging Zoom meetings without a password. After all, how sure can you be that without a password, the only participants will be you and those whom you have invited?
Protect your privacy
My advice would be to password protect your meetings. This way you will keep the password private between you and attendees. I would also advise you to enable the private meeting setting, use a waiting room allowing you to check the participants into the meeting and disable screen sharing for participants to avoid any potentially embarrassing situations.
To keep the information shared in your virtual meeting confidential, you might also want to consider the following:
- Ensure that anyone who is planning on sharing their screen hides other information and disables any reminders or applications that may appear on their screen for the duration of your meeting.
- Make sure to request that participants do not record or screenshot any part of the meeting (unless they have been authorised to do so) and even consider requiring the participants of your meeting to sign a confidentiality agreement beforehand. I would urge you to really considering this one. Jackie Weaver may have had the authority to chair a meeting without the chairman present (I still can’t tell whether she did or not), but who had the authority to share a recording of that meeting? The answer is probably simple. All participants had the authority to share it because there was no agreement on the point beforehand.
Watch out for breaches and leaks!
If you are in the unfortunate situation where someone has recorded your meeting and confidential information has now been leaked to the public domain, or perhaps someone is threatening to use that recording against you as evidence, you may wish to consider whether there has been a breach of confidence, a breach of privacy or even a breach of the Data Protection Act or GDPR.
If you ensure participants of your meeting have signed, or agreed to a confidentiality agreement, it could then potentially be successfully argued that by leaking the recording or the information to the public domain could give rise to a breach of confidence. Simply put - to establish a breach of confidence the information leaked must be confidential in nature, imparted in circumstances where confidence would be expected and disclosed in a way that is detrimental to the person imparting the information.
Under the Data Protection Act and the GDPR, personal data includes ‘any information relating to an identified or identifiable natural person.’ This means that depending on the nature of the recording, it could be considered personal data and covered by the Data Protection Act and the GDPR.
Evidence in legal proceedings
You should always bear in mind that recordings obtained without someone’s consent can be used as evidence in legal proceeding. However, under Civil Procedure Rule 32.1(2) the Court may use its power under this rule to exclude evidence that would otherwise be admissible. This means it is possible to make representations to the Court that a recording of you in your virtual meeting, where you specifically requested no one records the meeting and, even, potentially the fact that a confidentiality agreement was in place, could help to protect you from this eventuality.
Top tips for virtual meeting safety and security
- Ensure you know the privacy settings of Zoom, Teams, or anything you use and make sure you know how to use them.
- Inform the participants at the beginning of the meeting that the information discussed within the meeting is confidential and should be treated as such.
- Consider using Confidentiality Agreements and asking meeting participants to read and confirm or sign the Agreement beforehand.
- Specifically request that your participants do not record the meeting, unless you have given them express permission to do so.
- If you are going to release information from a virtual meeting, make sure you have the authority to do so.
And finally, and perhaps most importantly… don’t be a cat!
