No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

Could Your Next Video Conference Land You in Prison?

Privacy Concerns and Legal Implications of Audio and Video Conferencing Platforms

by Alan E. Brill
May 21, 2020
in Data Privacy
smartphone with voice recording icon

With the sudden increase in WFH policies, many companies have increased their use of audio and video conferencing tools. But with improved communication and productivity they offer comes increased security concerns. Kroll’s Alan Brill discusses privacy risks and examines the legal issues associated with using these tools.

As IT and information security teams and professionals have been required to act swiftly to ensure their organizations remain operational during COVID-19, there is a potential danger that may be overlooked, not only during the pandemic, but also when a company is operating normally.

One of the problems that had to be solved was how to deal with meetings that could no longer be face-to-face interactions. Sometimes, a phone call is enough, but often, larger group meetings need something with greater capabilities, like a dial-in conference line or a video-conferencing application.

What’s easy to forget is that using any service or application can have legal consequences. While IT professionals are not specialists in applying the law to their technologies, they cannot ignore the problem.

In fact, the person who decides to record an audio or video conference may be committing a crime that could result in arrest and imprisonment.

Let’s look at two potential problems with these audio and video conferencing capabilities.

1. Consent to Being Recorded

Most of the audio and video conference platforms that have experienced explosive growth in use during the pandemic have a feature that permits the recording of meetings with a click of a mouse. This poses a number of problems.

The first problem is around consent. There are state and federal laws in the U.S. and many other countries concerning the unauthorized recording of conversations. A shortcut term for these problems is “wiretapping,” and it is important to know that the concept of unauthorized interception of communications is much broader than what is portrayed on television.

In terms of a simple telephone call, do you have the right to record it? In some states (often referred to as “one-party” states), a call can generally be recorded if one of the parties on the call consents to the recording. In others (“two-party states”), the law says that all parties on a call must consent for a recording to be lawful. California and Florida are examples of two-party states.

In many cases, audio or video meetings may involve participants in different states or even different countries. It is important to know where those on a call or in a meeting are. Some nations have broad prohibitions against communication interception. In some countries, information on a call or video conference may implicate privacy laws like the European Union’s General Data Protection Regulation (GDPR) or the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA.) Violation of state or federal laws can have serious consequences, including both criminal charges and civil litigation.

When it comes to consent, counsel should also be consulted on the question of what constitutes consent. Is it enough to have an icon on the screen of a video conference that says or means “recording?” Should the person running the meeting announce it? Does each person on the line or in the conference have to give affirmative consent? Is staying in the meeting enough? What about people who join a meeting after it has begun and after an opening announcement was made? Could a late joiner claim that they were recorded illegally? Could a disclaimer be placed in the invitation to the meeting (“Joining the meeting represents your consent for the recording.”)? Note that many conference meeting applications provide a means of embedding a disclaimer for recording in the meeting invitation. Some can provide a list of participants who agreed to the recording.

2. The Recording May Be Evidence

The other problem concerns how to get people to think before pressing the “record” button. Aside from the issues that we’ve considered above, remember that any recorded communication may constitute discoverable evidence in any future litigation. Consider that people working in unusual circumstances (like from home, rather than in an office) may make jokes or say things — particularly at the start or end of a meeting — that might not reflect favorably on them or the company if that recording made its way into a court proceeding. To ensure employees are mindful of this, it is important to have guidelines:

  • First, not all meetings should be recorded. Unless there is a good reason to record it, such as a training session or one that needs to be viewed later by those who were not there, don’t record audio or video meetings.
  • When there is a need for a recorded meeting, make sure that the person running it understands counsel’s requirement to ensure that everyone on a conference call or video understands that it is being recorded and where necessary, gives consent in the manner prescribed by counsel.
  • When a meeting is recorded, it should only be recorded by the person calling the meeting. There should be a policy prohibiting others from recording a meeting. Consult counsel about implementing a policy prohibiting employees from recording meetings they attend without authorization from the person running the meeting. (There are software applications that enable a meeting participant to record a meeting they are attending.)
  • Only retain recorded meetings as long necessary. Like other business records, keeping information longer than that information has value makes little sense unless there is a legal or regulatory requirement to retain them.
  • If there is litigation relating to the subject of a recorded call or video meeting, it may be covered by a legal hold and should not be deleted without advice of counsel.

These issues with recorded conferences will be relevant even after things return to more normal circumstances, but now is the time to consider them and to develop the appropriate guidelines in conjunction with the advice of counsel.


Tags: Electronic Communications ComplianceGDPR
Previous Post

Drawing The Line Between Collaboration and Collusion

Next Post

Smarsh Acquires Entreda, Leader in Cybersecurity Risk and Compliance Software for Wealth Management Industry

Alan E. Brill

Alan E. Brill

Alan Brill is a senior managing director with Kroll’s Cyber Risk practice. As the founder of Kroll’s global high-tech investigations practice, Alan has led engagements that range from large-scale reviews of information security and digital forensics investigations for multibillion-dollar corporations to criminal investigations of computer intrusions. He has worked on many of Kroll’s major international projects. Alan serves as both a consulting and testifying expert in major cases where his ability to explain complex technology concepts provides counsel with a valuable litigation resource, and as lead instructor and keynote presenter for the Cyber Terrorism Training Program at the NATO Center of Excellence for Defense Against Terrorism in Ankara, Turkey.  

Related Posts

gdpr

UK Resurrects Data Protection Reforms, EU Court Rules on GDPR in Civil Cases

by Jonathan Armstrong and André Bywater
March 15, 2023

Recent courtroom and legislative action in Europe will likely have ripple effects around the world for companies subject to regulations...

eu flag

Preparing Your Company for the Latest GDPR Data Transfer Developments & Upcoming Deadlines

by Kevin L. Coy
November 30, 2022

An EU court decision and legislative moves in the U.S. and UK make compliance with privacy regulations increasingly difficult. Arnall...

minidata_b

Honey, I Shrunk the Data: How to Keep Customer Info on a Need-to-Know Basis

by Parker Poe
November 30, 2022

It may be tempting to hoard the data you have gathered on your customers, but an increasing number of regulations...

uk ico data access

UK’s Data Protection Regulator Signals Crackdown on Access Request Violations

by Jonathan Armstrong and André Bywater
October 5, 2022

Data privacy laws in the EU and UK established the right of individuals to find out what personal information organizations...

Next Post
businessman connecting puzzle pieces

Smarsh Acquires Entreda, Leader in Cybersecurity Risk and Compliance Software for Wealth Management Industry

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT