A brown hat with the text "LDH consulting services" next to it.

Tip of the Hat

06 June 2020

More Zoom Updates and Free Webinar About Remote Work and Data Privacy


Welcome to this week’s Tip of the Hat!

Zoom has had one of those weeks. Since we last wrote about Zoom’s privacy issues last week, the number of additional privacy issues has skyrocketed. It’s gotten to the point where there are news articles just trying to keep track of all these updates. Even those articles are struggling to keep up. On March 31, TechCrunch published an article that listed the known privacy issues at that time, including the misleading advertising of true end-to-end encryption for voice chats, but the article came out a day before an article about zero-day bugs found by an ex-NSA hacker that could allow access to passwords and webcam/mic control if someone had physical access to the computer. Then the next day we learned that Zoom leaked LinkedIn data to other users. Additional reports suggest that Zoom is a very good target for intelligence gathering and interceptions for various governments.

Like we said – it’s hard to keep up with all the updates! Security expert Bruce Schneier’s writeup on Zoom is the most up to date list at the time of this writing.

The best option, in this case, is not to use Zoom, right? Unfortunately, it's not that clear cut. A conversation on Twitter about Zoom brought up the point that Zoom fairs better than other web conferencing software in terms of screen reader access. While Zoom might be a hot mess when it comes to privacy, it still provides access to those who otherwise wouldn't have it with other options. Workplaces complying with privacy and accessibility regulations find themselves in a tightrope act with trying to protect employee and patron privacy while at the same time provide tools that their staff can use. Zoom announced that they are addressing the privacy and security issues, which if the company follows through on their promise would solve the issue in the short term. The longer-term issue remains, however, with web conferencing software that have better privacy practices are not accessible for users, including for library workers.

For now, the best you can do is to lock down your Zoom meetings as much as possible and to review user and administration settings to ensure that all privacy and security settings are enabled. Some universities have created publicly accessible guides to more secure Zoom meetings, such as this guide from the University of Washington, as well as FAQs on privacy and security, that can help you formulate messaging to library staff about using Zoom.

Webinar on remote work and data privacy, April 9th

LDH Consulting Services is proud to sponsor this week’s LITA webinar “A Crash Course in Protecting Library Data While Working From Home”. This free webinar will provide strategies and actions in protecting patron privacy for library workers working from home, as well as some of the longer-term implications to patron privacy with libraries moving all essential operations and patron services online for the foreseeable future. Attendees will have the opportunity to share what they are doing to protect data privacy while working from home. Register today!


A note about LDH services during this time

As with other small businesses in the US, business at LDH has been impacted by COVID-19. While we are unable to offer in-person trainings at this time (social distancing!), we do offer a number of online services:
  • Customized online training on privacy topics including:
    • privacy in the patron data lifecycle
    • operationalizing privacy policies, procedures, and practices
    • vendor privacy management
    • privacy assessments
  • Reviews of existing privacy policies and procedures at your organization, identifying possible patron privacy risks, and exploring ways to mitigate those risks.
  • Informational legal regulation reviews/scans of current privacy regulations that could affect your organization or your vendors. In short, while I'm not a lawyer, I can help you talk to your lawyer about library privacy.
Please let me know if you have any questions, or would like to discuss other ways in which LDH can meet your privacy needs during this time.
Have a question or topic that you want us to write about? Email us at newsletter@ldhconsultingservices.com!