The Revenue Commissioners sent out warnings requesting staff to use Skype for Business rather than Zoom to protect taxpayers’ information.
Since the beginning of the pandemic, the use of Zoom has been widely discussed. While it has been an extremely convenient tool to connect people in times of social restrictions and maintain collaborative environments for offices that have gone remote, there are many privacy aspects to consider.
Today (20 July), The Journal reported that employees in the Revenue Commission were warned against using Zoom due to concerns that taxpayer information could be scraped and harvested.
Revenue employees were instead directed to only use Skype for Business, as Zoom was not “a product endorsed or supported by Revenue” for conferencing. The internal advisory said that privacy is not top of Zoom’s agenda, citing recent controversy around sharing data with Facebook.
Speaking to Siliconrepublic.com, a spokesperson for the Revenue Commission said the internal operational guidance was issued following queries from staff regarding the possibility of using alternative software, including Zoom, for audio and video conferencing. “This guidance was issued having regard to Revenue’s legal duty to protect the confidentiality of taxpayer information,” they said.
Following the surge in use of the video conferencing app, security issues quickly emerged for Zoom, with ‘Zoombombing’ wreaking havoc within weeks of the coronavirus pandemic. Shortly after that, the company rolled out a major update in an attempt to beef up security for users by default.
In June of this year, Zoom said that it would bring end-to-end encryption to all customers, after the CEO drew criticism for initially only offering this level of security to paid accounts.
However, Revenue Commissioners are still concerned, with the advisory to staff stating that Zoom continues to share “information with advertising agencies and in their terms and conditions you agree they have a right to access and share all data and material that is transferred through their platform”.
Smart speakers also a concern
This is not the first time during the pandemic that Revenue has issued such a warning to staff. At the end of April, Revenue Commissioners urged staff working remotely not to discuss work matters near smart speakers, following a recommendation from the OECD’s Forum on Tax Administration.
This came shortly after Bloomberg reported that UK law firm Mishcon de Reya LLP issued advice to staff to mute or shut off listening devices such as Amazon’s Alexa or Google’s voice assistant when they talk about client matters at home.
In a similar vein, The Telegraph recently reported that civil servants in the UK have been warned against taking part in meetings unless smart speakers are switched off in the rooms.
Revenue’s spokesperson added: “The guidance provided to staff reflects adherence to our overall governance framework and mitigates the corporate risks associated with large-scale remote working.”
In response to the Revenue’s warning, a Zoom spokesperson stated that the company “does not sell user information to anyone, and, in particular, does not share user information with advertisers or social media companies.
“Our terms of service do not require users to consent to sharing their user information and data in order to use our platform.”
Updated, 12.05pm, 21 July 2020: This article was updated to include a response from a Zoom spokesperson.