Jnk (Diskussion | Beiträge) |
|||
(7 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
Zeile 4: | Zeile 4: | ||
|translated title=Zoom - Security and privacy | |translated title=Zoom - Security and privacy | ||
}} | }} | ||
− | The Zoom video conferencing solution provides different options from the developer (Zoom) and operator ( | + | The Zoom video conferencing solution provides different options from the developer (Zoom) and operator (Deutsche Telekom) to increase data protection and security in conferences. The ZIM sets some of the options centrally for all conferences, which can then no longer be changed. For other options, the ZIM has recommendations, but you can still customize them yourself. |
We recommend the following settings regarding | We recommend the following settings regarding | ||
+ | |||
+ | == Terms of use and privacy policy == | ||
+ | * Zoom-Meeting is a software from the US company Zoom Video Communications, Inc. | ||
+ | * Paderborn University has procured Zoom licenses from a German provider whose data processing systems are hosted in Europe and has concluded the necessary data processing contracts in accordance with data protection law. | ||
+ | * If the use of Zoom is required, the university campus license (Zoom X) must be used. | ||
+ | * No confidential or sensitive personal data (e.g. personal data) may be transmitted via Zoom without end-to-end encryption (E2EE). End-to-end encryption must be activated, especially in committees when advising on applications and appointments. | ||
+ | * Avoid recording video conferences - even if it is technically easy to do so. All participants have a "right to their own image" as well as to their own verbal statements. Recordings may only be made if you as the lecturer only record yourself, i.e. all cameras and microphones of the participants are switched off, or if all participants have explicitly consented to the recording and the associated purpose. | ||
+ | |||
+ | {| width="70%" style="background-color:yellow; border-style:dashed; border-width:3px; border-color:red; padding: 4px; " | ||
+ | | '''Note (as of December 2023):''' The privacy policy is no longer up to date and is currently being revised. | ||
+ | |} | ||
+ | |||
+ | * The '''"Zoom C4V Terms of Use"''' apply to use | ||
+ | *: https://imt.uni-paderborn.de/fileadmin/imt/datenschutz/Zoom_C4V/Zoom_C4V_Nutzungshinweise.pdf | ||
+ | * and the '''"Zoom C4V Privacy Policy"'''' | ||
+ | *: https://imt.uni-paderborn.de/fileadmin/imt/datenschutz/Zoom_C4V/Datenschutzerklaerung_Zoom_C4V.pdf | ||
+ | * In addition, the data protection declarations of '''"Connect4Video GmbH"''' apply | ||
+ | *: https://imt.uni-paderborn.de/fileadmin/imt/datenschutz/Zoom_C4V/Datenschutzerklaerung_InPfl_DSGVO_EM24_1.2.pdf | ||
+ | * as well as the '''"Terms of Use"''' and the '''"Privacy and Cookies Policy"'''' of Zoom Video Communications, Inc. | ||
+ | *: https://zoom.us/docs/de-de/privacy-and-legal.html | ||
+ | |||
== Data protection and confidentiality of meetings == | == Data protection and confidentiality of meetings == | ||
Zeile 36: | Zeile 57: | ||
<ol> | <ol> | ||
− | <li> ''' | + | <li> '''Assign a password for your conference''' (currently enabled as default, customizable planned to be mandatory as of 04/01/2021, exception personal meetings). Password-protect your meeting and no one can join your meeting without knowing the password. The password will be sent with the invitation. Additionally, use the option '''Embed the password in the meeting link''' (default): The meeting password is encrypted and inserted into the conference link so that participants can join with just one click without having to enter the password. |
− | ''' | + | <br> |
+ | '''Note on passwords:''' Choose a new password for each meeting to prevent access by third parties. Zoom always suggests a new random password for each meeting. Do not distribute the link and password of your meeting publicly, only by (official) mail or other secure communication. (e.g., via PANDA). | ||
<br clear=all> | <br clear=all> | ||
− | [[Datei:Zoom-Datenschutz-05.png|links|mini|ohne|350px| | + | [[Datei:Zoom-Datenschutz-05.png|links|mini|ohne|350px|Account: Passcode-Settings]] |
− | <div class="tleft" style="clear:none"> [[Datei:Zoom-Datenschutz-06.png|links|mini|ohne|350px| | + | <div class="tleft" style="clear:none"> [[Datei:Zoom-Datenschutz-06.png|links|mini|ohne|350px|Account: Passcode in Link]] </div> |
<br clear=all> | <br clear=all> | ||
− | + | '''Activate a waiting room''' (currently enabled as default, changeable). With a waiting room, you control who joins your conference. You have to accept every person manually. A waiting room is impractical for large events. | |
− | [[Datei:Zoom-Datenschutz-07.png|center|mini|ohne|350px| | + | [[Datei:Zoom-Datenschutz-07.png|center|mini|ohne|350px|Account: Waiting room settings]] |
− | <li> | + | <li> Regardless of a waiting room '''check the participant list regularly in your conference. ''' Unauthorized participants can be removed. In addition, you can also mute all participants via the participant window if there are disturbances. |
− | [[Datei:Zoom-Datenschutz-08.png|center|mini|ohne| | + | [[Datei:Zoom-Datenschutz-08.png|center|mini|ohne|Conference: Partiticipant list]] |
− | <li> ''' | + | <li> '''Access only for users with campus license''' of the University of Paderborn (currently deactivated, changeable). With this function only users of the University Paderborn can enter. This can be helpful for large courses but requires that all participants are registered with their university email addresses on the Zoom portal. |
− | [[Datei:Zoom-Datenschutz-09.png|center|mini|ohne|350px| | + | [[Datei:Zoom-Datenschutz-09.png|center|mini|ohne|350px|Account: Eligible participants]] |
− | <li> ''' | + | <li> '''Screen sharing by participants''' (currently allowed, changeable). If you disable this option, you can prevent other participants from simply sharing their content. The default setting allows you as host to interrupt the screen sharing of participants. |
− | [[Datei:Zoom-Datenschutz-10.png|center|mini|ohne|350px| | + | [[Datei:Zoom-Datenschutz-10.png|center|mini|ohne|350px|Account: Screen sharing]] |
− | <li> ''' | + | <li> '''Annotate/comment screen shares''' (default: initially enabled after sharing, so possible) |
− | [[Datei:Zoom-Datenschutz-11.png|center|mini|ohne|350px| | + | [[Datei:Zoom-Datenschutz-11.png|center|mini|ohne|350px|Account: Annotations]] |
− | <li> ''' | + | <li> '''Lock meeting:''' Locking a meeting allows you to prevent other people from entering the meeting during a meeting. This is especially useful when there are only a limited number of participants and everyone has already joined. |
− | </ol> | + | </ol> |
− | <br> | + | <br> Hosts have access to most of these functions via the "Security" button at least before, but sometimes also during a meeting. |
− | + | [[Datei:Zoom-Datenschutz-12.png|center|mini|ohne|350px|Conference: Security settings]] | |
− | [[Datei:Zoom-Datenschutz-12.png|center|mini|ohne|350px| | ||
− | == Adjustments made by the | + | == Adjustments made by the ZIM== |
To ensure that your personal data is protected in the best possible way, we have configured Zoom in all functional areas so that only a minmal data is transmitted and stored. | To ensure that your personal data is protected in the best possible way, we have configured Zoom in all functional areas so that only a minmal data is transmitted and stored. | ||
=== Participation in meetings === | === Participation in meetings === | ||
− | * All meetings start with participant video turned off. Participants must turn their video actively on. ( | + | * All meetings start with participant video turned off. Participants must turn their video actively on. (since 01.05.2021) |
− | |||
* Display of e-mail addresses via watermark is prevented. | * Display of e-mail addresses via watermark is prevented. | ||
* The use of audio watermarks is also prevented. | * The use of audio watermarks is also prevented. | ||
− | * A password will be set by default for all meetings, ( | + | * A password will be set by default for all meetings, (since 01.05.2021) also for participation by phone. |
+ | * The Waiting Room is enabled for all meetings. | ||
* Feedbacks to Zoom at the end of a conference are disabled (since 21. 02. 2021). | * Feedbacks to Zoom at the end of a conference are disabled (since 21. 02. 2021). | ||
* Remote control via screen sharing is always enabled, sharing must be confirmed. | * Remote control via screen sharing is always enabled, sharing must be confirmed. | ||
− | * Remote support is disabled but can be overridden by any host. * Camera remote control is disabled but can be overridden by the host. | + | * Remote support is disabled but can be overridden by any host. |
− | * Notification to the host in case of access of participants before the host are deactivated (since 21. 02. 2021). | + | * Camera remote control is disabled but can be overridden by the host. |
− | * Automatic notification of participants in the event of cancellation of a conference is disabled (since 21. 02. 2021). | + | * Notification to the host in case of access of participants before the host are deactivated (since 21.02.2021). |
+ | * Automatic notification of participants in the event of cancellation of a conference is disabled (since 21.02.2021). | ||
=== Technical settings === | === Technical settings === | ||
Zeile 77: | Zeile 99: | ||
* Encryption of all data exchange between the Zoom cloud and the Zoom client and in the browser (transport encryption). | * Encryption of all data exchange between the Zoom cloud and the Zoom client and in the browser (transport encryption). | ||
* If there are only two people in a meeting, a peer-to-peer connection is established. | * If there are only two people in a meeting, a peer-to-peer connection is established. | ||
− | * Deletion of personal data from Zoom's dashboard and reports after the shortest period of time (30 days) (since 21 | + | * Deletion of personal data from Zoom's dashboard and reports after the shortest period of time (30 days) (since 21.02.2021). |
− | * Login to Zoom portal / conferences with Google Facebook or Apple ID is prohibited ( | + | * Login to Zoom portal / conferences with Google Facebook or Apple ID is prohibited (since 01.05.2021) |
− | * Encryption of chats ( | + | * Encryption of chats (since 01.05.2021) |
− | * | + | * Encryption method must be chosen for every meeting. |
− | |||
=== Data exchange with other services === | === Data exchange with other services === | ||
− | * Data exchange with Office 365 is disabled. | + | * Data exchange with Office 365 is disabled. |
− | * CDN usage is disabled. | + | * CDN usage is disabled. |
=== Storage of conference content === | === Storage of conference content === |
Aktuelle Version vom 1. September 2024, 10:19 Uhr
The Zoom video conferencing solution provides different options from the developer (Zoom) and operator (Deutsche Telekom) to increase data protection and security in conferences. The ZIM sets some of the options centrally for all conferences, which can then no longer be changed. For other options, the ZIM has recommendations, but you can still customize them yourself.
We recommend the following settings regarding
Terms of use and privacy policy[Bearbeiten | Quelltext bearbeiten]
- Zoom-Meeting is a software from the US company Zoom Video Communications, Inc.
- Paderborn University has procured Zoom licenses from a German provider whose data processing systems are hosted in Europe and has concluded the necessary data processing contracts in accordance with data protection law.
- If the use of Zoom is required, the university campus license (Zoom X) must be used.
- No confidential or sensitive personal data (e.g. personal data) may be transmitted via Zoom without end-to-end encryption (E2EE). End-to-end encryption must be activated, especially in committees when advising on applications and appointments.
- Avoid recording video conferences - even if it is technically easy to do so. All participants have a "right to their own image" as well as to their own verbal statements. Recordings may only be made if you as the lecturer only record yourself, i.e. all cameras and microphones of the participants are switched off, or if all participants have explicitly consented to the recording and the associated purpose.
Note (as of December 2023): The privacy policy is no longer up to date and is currently being revised. |
- The "Zoom C4V Terms of Use" apply to use
- and the "Zoom C4V Privacy Policy"'
- In addition, the data protection declarations of "Connect4Video GmbH" apply
- as well as the "Terms of Use" and the "Privacy and Cookies Policy"' of Zoom Video Communications, Inc.
Data protection and confidentiality of meetings[Bearbeiten | Quelltext bearbeiten]
- Use Zoom only, if no other more privacy friendly service is available. (e. g. BigBlueButton, Jitsi)
- If possibly, only use Zoom in the browser (currently not globally enabled because the client offers more features). The client needs to be downloaded and installed locally. It is more convenient and offers more functionality than the browser. However, it needs to be installed and thus has access to your computer and data.
- Enable end-to-end encryption (currently disabled, can be enabled per host as default setting or per conference) for conferences with confidential or sensitive content e. g. in committee meetings. Here is a guide and notes on the limitations of end-to-end encryption. Link
- Store recordings (if permitted) only locally if possible. You can make them online available by using e.g. Sciebo. Don't use cloud recording!
- Save chat: The chat allows participants to make comments or discuss together during the conference. They can also send you a message or exchange messages with each other, visible to everyone, or privately. As host, you can save chats, but this is not allowed for attendees.
- Virtual Background: To protect your privacy, you can activate the virtual background in the settings or directly in the meeting in the video settings. This way, your surroundings are not visible to the other participants. Zoom offers a few backgrounds. You can upload also your own backgrounds. At [1] you will find backgrounds with university motifs.
Prevent disturbances[Bearbeiten | Quelltext bearbeiten]
- Assign a password for your conference (currently enabled as default, customizable planned to be mandatory as of 04/01/2021, exception personal meetings). Password-protect your meeting and no one can join your meeting without knowing the password. The password will be sent with the invitation. Additionally, use the option Embed the password in the meeting link (default): The meeting password is encrypted and inserted into the conference link so that participants can join with just one click without having to enter the password.
Note on passwords: Choose a new password for each meeting to prevent access by third parties. Zoom always suggests a new random password for each meeting. Do not distribute the link and password of your meeting publicly, only by (official) mail or other secure communication. (e.g., via PANDA).
Activate a waiting room (currently enabled as default, changeable). With a waiting room, you control who joins your conference. You have to accept every person manually. A waiting room is impractical for large events. - Regardless of a waiting room check the participant list regularly in your conference. Unauthorized participants can be removed. In addition, you can also mute all participants via the participant window if there are disturbances.
- Access only for users with campus license of the University of Paderborn (currently deactivated, changeable). With this function only users of the University Paderborn can enter. This can be helpful for large courses but requires that all participants are registered with their university email addresses on the Zoom portal.
- Screen sharing by participants (currently allowed, changeable). If you disable this option, you can prevent other participants from simply sharing their content. The default setting allows you as host to interrupt the screen sharing of participants.
- Annotate/comment screen shares (default: initially enabled after sharing, so possible)
- Lock meeting: Locking a meeting allows you to prevent other people from entering the meeting during a meeting. This is especially useful when there are only a limited number of participants and everyone has already joined.
Hosts have access to most of these functions via the "Security" button at least before, but sometimes also during a meeting.
Adjustments made by the ZIM[Bearbeiten | Quelltext bearbeiten]
To ensure that your personal data is protected in the best possible way, we have configured Zoom in all functional areas so that only a minmal data is transmitted and stored.
Participation in meetings[Bearbeiten | Quelltext bearbeiten]
- All meetings start with participant video turned off. Participants must turn their video actively on. (since 01.05.2021)
- Display of e-mail addresses via watermark is prevented.
- The use of audio watermarks is also prevented.
- A password will be set by default for all meetings, (since 01.05.2021) also for participation by phone.
- The Waiting Room is enabled for all meetings.
- Feedbacks to Zoom at the end of a conference are disabled (since 21. 02. 2021).
- Remote control via screen sharing is always enabled, sharing must be confirmed.
- Remote support is disabled but can be overridden by any host.
- Camera remote control is disabled but can be overridden by the host.
- Notification to the host in case of access of participants before the host are deactivated (since 21.02.2021).
- Automatic notification of participants in the event of cancellation of a conference is disabled (since 21.02.2021).
Technical settings[Bearbeiten | Quelltext bearbeiten]
- Used data centers are restricted to USA and Europe
- Encryption of all data exchange between the Zoom cloud and the Zoom client and in the browser (transport encryption).
- If there are only two people in a meeting, a peer-to-peer connection is established.
- Deletion of personal data from Zoom's dashboard and reports after the shortest period of time (30 days) (since 21.02.2021).
- Login to Zoom portal / conferences with Google Facebook or Apple ID is prohibited (since 01.05.2021)
- Encryption of chats (since 01.05.2021)
- Encryption method must be chosen for every meeting.
Data exchange with other services[Bearbeiten | Quelltext bearbeiten]
- Data exchange with Office 365 is disabled.
- CDN usage is disabled.
Storage of conference content[Bearbeiten | Quelltext bearbeiten]
- Storage of chat communication is not possible for participants (since 21. 02. 2021)
- Automatic storage of the chat communication for the host is not possible, it must be done actively.
- Automatic storage of whiteboard content is not possible.
- Storage of conferences in the Zoom Cloud is only allowed in data centers in Germany (since 21. 02. 2021).
- Storage of chats in the Zoom Cloud is only possible for default duration (7 days) (since 21. 02. 2021).
- Local recording of meetings and recordings in the cloud are possible.
- Automatic recording at the start of the conference is generally disabled.
- Participants must give their consent to the recording of a conference.
- Audio notifications will be made when the conference recording is started or restarted (also listenable on the phone) (since 21. 02. 2021)
Additional information[Bearbeiten | Quelltext bearbeiten]
- Zoom - Overview of all Zoom articles