Williams Mullen
Back to Insights and Events
04.03.2020 Legal News

Protecting Your Sensitive Information While Using Virtual Meeting Platforms

By: Kevin D. Pomfret

Over the last several weeks, virtual meetings have become the new normal for many businesses. Improvements in the technology now mean that virtual meetings have a similar look and feel as in-person meetings. However, there is a much greater risk to valuable information (personal and confidential) in a virtual meeting environment. Some of these risks are associated with the data that are collected and disclosed by the provider of the virtual meeting platform itself. Others arise from inadvertent disclosures or access to virtual meeting rooms by uninvited third parties. Therefore, it is important for organizations to have policies in place that address the need for enhanced cybersecurity and data protection.

Since Zoom seems to be one of the most popular virtual meeting tools, this alert will discuss how to address these risks on its platform. However, many of these same risks are also associated with other virtual meeting platforms. As a result, it is important to review user instructions, Terms and Conditions and Privacy Policies in order to identify and implement similar protective measures for other virtual meeting services.

Potential Risk

Measures to Mitigate Risk
  1. Uninvited third-party joining meeting and seeing confidential information.
  • Use feature that automatically generates a meeting ID number rather than personal ID.
  • Require users to access meeting with password.
  • Close meeting after all invited participants have joined.
  1. Participants showing confidential or inappropriate content.

Change settings so only meeting host is allowed to share screens.
  1. Video/audio recording of content without consent.

Provide participants notice of intent to record and obtain consent.
  1. Disruptive or unruly participants.

Give host the right to mute participants.
  1. Virtual meeting access to your content.

Only use platforms with terms and conditions that limit use of user’s content.

It is also important to note that the risk profile associated with virtual meeting platforms is changing rapidly, as criminals and nation states are continually looking for new ways to exploit both technology and human weaknesses. As a result, it is important for organizations to keep current on these risks and mitigation measures. In addition, regulatory and contractual notification (as discussed here) and reporting obligations for data breaches apply to virtual meetings, so policies and procedures should be put in place to address such contingencies.

 

Please note: This alert contains general, condensed summaries of actual legal matters, statutes and opinions for information purposes. It is not meant to be and should not be construed as legal advice. Readers with particular needs on specific issues should retain the services of competent counsel. 

Please click here for additional legal updates from Williams Mullen regarding COVID-19. 

Related People

Kevin D. Pomfret Williams Mullen Headshot
Kevin D. Pomfret
Partner
EMAIL
T. 703.760.5204

Related Services