Staffnet

Suche

Legal information regarding Zoom

ETH Zürich is using Zoom to support the switch to online teaching, learning, cooperation, and communication in the wake of COVID-19. Here, we would like to outline some details regarding the recording of communication and privacy topics.

Recordings

What meetings should be recorded?

According to the rectorate, all online meetings relevant for students' exams (lectures, exercises) should be recorded . As for other meetings, the host decides on whether to record the communication. He or she shall consult with his or her videoconference participants beforehand.

What are the implications of recording for participants?

Zoom shows a consent form before the start of a recording. Participants have to agree to their meeting being recorded.
Alternatively, if you don’t want to participate live in the meeting, you can – as an exception - request to review the recording. Contact your host for details. If attendance of a course is mandatory, participants unwilling to be recorded shall deactivate their camera and their microphone and not post in chat. Or consult with your lecturer.
By agreeing to a meeting being recorded, you also agree to the recording possibly being shared by the host. While the respective URL is initially aimed at participants only, the URL itself as well as a recorded session can be shared outside that group ex post (unless protected by a registration) just like any video can be copied and distributed.

What does a Zoom Cloud recording include?

The standard setting is "Record active speaker with shared screen.". If nobody shares the screen, only the video of the active speaker is recorded. Otherwise the shared screen (possibly with contributions of participant) is also recorded. Audio is always included. Hosts can create copies of the chat.

What happens to recordings?

Recordings are being kept for two years according to ITS Multimedia Services video policy. The owner of a recording will be informed before deletion of their videos. Lecture recordings can be transferred to the video portal for longer storage, given a signed agreement for publication.

 

Data privacy

Legal framework

ETH Zürich has signed the "Global Data Processing Addendum" with Zoom which guarantees Zoom adheres to accepted European Data Protection Standards (externe SeiteSwiss-U.S. and externe SeiteEU-U.S. Privacy Shield Framework and Principles). Data storage happens outside ETH Zürich in data centers mainly in Europe (90%), some in the US, and Australia. Other locations might store data, too, depending on the residence of your host.

Licensed accounts need to accept the externe Seiteterms and conditions of Zoom in order to register. Please note that participants that have not registered do not need to accept these terms and conditions.

What data is collected by Zoom?

Cf. the Zoom privacy statement:
externe Seitehttps://ethz.zoom.us/privacy (English)
externe Seitehttps://zoom.us/de-de/privacy.html (German)    

What about the controversial attendee attention tracking feature?

The externe Seiteattendee attention tracking feature is disabled by default by ETH Zürich. Individual hosts cannot enable this feature.

(Meta-)Data at ETH Zürich

Metadata listed below are visible to ETH administrators (limited number of ITS employees):

For each meeting:
• Host's account name (name, mail address)
• Meeting ID
• Meeting title/description
• Meeting times
• Information on active/inactive encryption
• Information regarding recording feature
• Number of participants
• Used content (audio, video, screensharing)
• Data center used

Metadata for meeting participants
• Name
• Local and public IP number and place (city) therefore
• Operating system, client version information
• Connection information (bandwidth etc.)
• Information on microphone and camera used (when active)
• Bitrate, lag, jitter, and package loss regarding audio, video, and sreensharing
• Start/end time

Metadata is available to Zoom administrators for support and monitoring mainly. Data will be stored for a year.

Further information

  • The "externe SeiteDatenschutzbeauftragter des Kantons Zürich (Privacy commissioner of the canton Zurich)”, who is usually opinion leader among the Swiss privacy commissioners, has approved Zoom as applicable during the Corona crisis.
  • ETH Zurich is aware that security and privacy topics are broadly discussed with regard to Zoom these days. However, we are of the opinion that enough safety measures have been implemented and as such, this tool is appropriate to enable various online communication among ETH staff and students and thus to keep up ETH’s daily business in these special times.These require special measures
  • Due to the quick evolution of the crises, ETH needed a solution that was easy to use, scalable for several thousand users, robust and, most importantly, available within very few days in order to enable lecturers and students to attend online lectures. Without such solution, teaching would have come to a halt over the past few weeks.

ETH will keep an eye on operation, flaws and success of this solution. We will decide on further use as necessary, e.g. under changed conditions.

 

JavaScript wurde auf Ihrem Browser deaktiviert