ICO issues video conferencing guidance

The ICO has issued guidance for using video conferencing software. This sets out the data privacy issues organisations should consider. The ICO suggests the guidance could be shared with staff.

Key recommendations

The guidance’s recommendations include:

• Utilise any app in-built security settings - for example add meeting IDs and passwords to meetings, restrict access to those who need to attend and control who can share their screen. Staff should be aware of how to use these features 
• Be aware of phishing risks - online ‘live chat feature’ can potentially spread phishing messages. Staff should be vigilant and not click on links or attachments they do not recognise and were not expecting 
• Check your organisation’s policies - if organisations have preferred technologies or tools, these should adhere to their own security requirements 
• Keep software up to date - use effective security measures, such as installing software and security updates. If web-browsers are used to access video conferencing services, these should also be kept up to date   
• Review software choices - while a specific tool or app may have been used to quickly adjust increased remote working when lockdown was imposed, the ICO recommends re-visiting the decisions once organisations have the time and resources

Comment

COVID-19 rapidly increased video conferencing use, with lockdown imposing increased working from home. Organisations needed to adapt quickly, with many meetings moved online. However, as the guidance notes, the data privacy issues must not be overlooked and need to be reviewed as we adjust to the new ways of working.