The Sunshine Coast Regional District (SCRD) and the District of Sechelt say they’re satisfied Zoom is secure enough for holding online council and board meetings.
Zoom has become Sechelt’s and the SCRD’s preferred method of conducting public meetings since large public gatherings were ended as a strategy to stop the spread of COVID-19.
The California-based video conferencing company, which according to founder Eric S. Yuan has seen the number of daily participants in meetings using the platform balloon from about 10 million last December to 200 million in March, has also been criticized recently for security issues.
Complaints have included flaws in encryption that could allow unwanted observers to access meetings, sharing user data with third parties such as Facebook, allowing hosts to track computer use of others in a meeting, letting hackers take over users’ webcams and making the platform vulnerable to “zoombombing,” where someone breaks into a meeting and posts unwanted content, yells abuse or threats or tries other ways to disrupt the meeting.
According to a recent BBC report, the U.K. government has faced criticism for using Zoom for cabinet meetings during the COVID crisis.
Some of the security concerns have been public knowledge for more than a year.
In response to Coast Reporter’s questions, both Sechelt and the SCRD said they had already been using Zoom as an online meeting platform before the recent need to use it for things like public council and board meetings.
The District of Sechelt also said it does not use Zoom to conduct confidential or in-camera meetings, which are conducted with “internal, secure software.”
In an emailed statement, the SCRD said it “continues to be satisfied with Zoom services, our related risk exposure, and Zoom’s response towards potential security exploits. SCRD staff continue to monitor and mitigate the ever-evolving IT security landscape including vulnerabilities related to Zoom.”
The District of Sechelt’s statement to Coast Reporter said it “has implemented security measures to ensure our virtual Zoom meetings are as secure as possible.”
Zoom’s Yuan responded to the security issues in a blog post April 2.
“We recognize that we have fallen short of the community’s – and our own – privacy and security expectations. For that, I am deeply sorry,” Yuan wrote.
“We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home,” Yuan continued.
“We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived. These new, mostly consumer use cases have helped us uncover unforeseen issues with our platform.”
Yuan said over the next 90 days the company would be “dedicating the resources needed to better identify, address, and fix issues proactively.”