Date:21 July 2020
Data Protection Authorities Issue Co-signatory Letter to
Voice Out Global Privacy Expectations of Video Teleconference Providers
The Privacy Commissioner for Personal Data, Hong Kong, Mr Stephen Kai-yi WONG (PCPD), together with five Data Protection and Privacy Authorities from different jurisdictions, today published an open letter to video teleconferencing companies reminding them of their obligations to comply with the law and handle people’s personal data responsibly.
The COVID-19 pandemic has resulted in a sharp uptake in the use of video teleconferencing software, increasing risks around the collection and use of personal data. The open letter provides video teleconferencing companies with principles to help them identify and address some of the key privacy risks, and better protect people’s personal data. Awareness of security risks, adoption of “Privacy by Design” and “Privacy by Default”, understanding of audience, transparency and fairness, as well as end-user control are some of the key principles being advocated.
Noting the frequent use of video teleconferencing tools during the pandemic and the associated privacy risks, the PCPD has since April issued guidance to users of video teleconferencing software, with particular regard to schools and parents. Video teleconferencing companies have been encouraged to adopt “Privacy by Design” and “Privacy by Default” in their products
The open letter is signed by six authorities brought together through the Global Privacy Assembly (GPA)’s International Enforcement Cooperation Working Group (IECWG): the Office of the Australian Information Commissioner, the Office of the Privacy Commissioner of Canada, the Gibraltar Regulatory Authority, the PCPD, the Switzerland Federal Data Protection and Information Commissioner and the UK Information Commissioner’s Office. The letter is for all video conferencing companies, but has also been sent directly to Microsoft, Cisco, Zoom, House Party and Google.
GPA, formerly known as International Conference of Data Protection and Privacy Commissioners, is a global forum for more than 130 data protection and privacy authorities seeking to provide leadership at international level in data protection and privacy. As a member of the IECWG of the GPA, the PCPD advocates cross-jurisdictional cooperation among data protection authorities and helps drive cross-jurisdictional enforcement collaboration. The PCPD is also a co-chair of GPA’s Permanent Working Group on Ethics and Data Protection in AI, advocating data ethical stewardship based on respect, mutual benefits and fairness to enterprises and organisations.
The open letter can be downloaded here