At first glance it was just a funny prank by a radio DJ, but Australian radio host Hamish Blake’s “Zoombombing” antics are another glaring example of the dangers inherent in remote conferencing technology.
The Melbourne-based comedian has ridden the COVID-19 zeitgeist with his series of stunts called “Zoom For One More” in which he gatecrashed video conferences to surprise businesses with his strategy suggestions.
Last week, he persuaded Mexican fast-food chain Guzman y Gomez to offer a new deal on its burritos after he barged in on a marketing call, an arrival which was met with laughter and applause. He has also crashed a wedding reception and a meeting of air force officers, who were reportedly not impressed.
While this might be entertaining, the security issues Zoom and other conferencing platforms have had during the COVID-19 pandemic are actually not very funny.
It is a serious weakness in the technology's security which has been exposed by the massive uptake in services during the pandemic as remote communication has become so necessary.
When the world goes online
Everyone is moving online. Catholic priests in Melbourne are having their regular pre-Easter meeting through Zoom, funerals are live streaming, musicians are performing on Facebook and Instagram, while school students around the country are in Zoom classrooms.
In the world of telemedicine, the concept—which had stalled in recent years—has made ten years of progress in a few weeks and will never look back.
While radio listeners have been giggling to Hamish Blakes’ antics, however, Australia’s Privacy Commissioner Angelene Falk warned about “new risks” to privacy from remote communications.
Providers, she says, need to be transparent about how they manage personal information and set their defaults.
In Australia, video conferencing providers are covered by the Privacy Act, which requires them to be transparent on how they handle personal information. The Act requires them to have user friendly controls, with privacy and security in-built by default.
“My office is considering any privacy impacts arising with the increased use of these technologies and whether any regulatory action is required,” Falk told the Australian media last week.
“Organizations that shift to using new mediums for doing business need to replicate, as far as possible, privacy and security measures that would apply in their regular environment.”
Zoom-ing in the fallout
As part of the local fallout, the Australian Defence Force and the Queensland Police Service has banned officers from using Zoom because it has “not passed stringent privacy assessments and presents a real risk to our data security and privacy.”
Instead, staff can use Microsoft Teams and Skype for Business, which are assessed as being more secure.
“While there are other popular technology options available such as Zoom, these have not passed stringent privacy assessments and present a real risk,” says Deputy Commissioner Doug Smith.
“As such, there is no troubleshooting and technical support which can be provided to members who use this technology.”
The experience also presents as an important case study for the new implementation of technology.
Here we have a surge in demand for a solution which works well enough to be used but has significant issues around privacy and security.
The technology is too immature for its moment of need, and yet many people will be ploughing on regardless, continuing with video conferencing even though their meetings are vulnerable and thinking ‘it will never happen to me.’
There are strong indications that the move to remote working will be a trend to survive the pandemic, both for reasons of cost and convenience.
U.S. workplace consultants Global Workplace Analytics estimate that a typical half-time telecommuter saves an employer USD 18,000 a year in increased productivity, lower real estate costs, reduced absenteeism and better disaster readiness.
The consultants estimate that once the pandemic is over, up to 30% of all workers will continue to work remotely multiple times each week. This is a major paradigm shift and a great opportunity for technology providers who get it right.
The Counter punch
Zoom has its defenders, of course, with some saying the privacy features can be made available and that the issue is with an unfriendly user interface and poorly understood default settings.
There is no doubt that Zoom has been severely stress tested by the pandemic as its user numbers have increased from ten million to 200 million per day, so perhaps it is unsurprising that the flaws have been exposed.
The company needs to ensure that what should be a huge growth opportunity is not overshadowed by the security issue, because if that happens then opportunity could slip through its fingers just when it could be grasped.
If that happens, then Zoom will be remembered for all the wrong reasons as a solution which wasn’t ready for its big moment when it arrived.
Instead of being a unicorn, the risk is that the company will be the goat.
Photo credit: iStockphoto/mlharing