House Party? Please shut the door.

There’s been a stream of articles recently pointing out the privacy and security issues with video conferencing products such as Zoom and Houseparty. Zoombombing and other concerns over how our data is being harvested and used are everywhere.

At the risk of sounding frivolous: why all the fuss? We’ve been communicating with digital Apps face to face and in text for over 20 years. How long will it take to work out, the time taken to set up these tools will determine how secure they are? Each of us has a personal responsibility to ensure we’re comfortable with the level of security configured in Apps we use before we use them. Unless, of course, we rely on the nanny state to prop us up and abdicate responsibility for managing our lives to do-gooders in security and privacy, now calling for greater accountability from the product vendors.

In today’s Sun-Herald (Sydney), the paper carries quotes from two privacy and security commissioners calling for more regulation and greater transparency from video conferencing vendors. That’s entirely the wrong way to solve this problem. To believe product vendors don’t consider security seriously is dumb: how could they convince any of their millions of users to jump onto the platform if it wasn’t somewhat secure?

The real problem is ignorance or indifference of the users. People using the communications platforms occasionally, or for the first time, don’t consider how they should be configured or set up to protect them.

All of the platforms available to us have security and privacy settings. Some better than others for sure, but they are nonetheless there for users to configure.

Business users have an advantage in they’ll be given guidance or have their software delivered pre-configured. Products like Microsoft Teams or Google’s Meet provide a level of privacy and security built-in, and are, to a large extent, adequate for keeping out unwanted visitors. Teams, for example, saw a 500% increase in usage in China since the beginning of Coronavirus outbreak.

Domestic and small business users are more vulnerable and less likely to have enterprise-grade solutions, preferring free products like Zoom or Houseparty. These products have security and privacy settings, but it’s down to individual users to set these up. Unless they seek out ‘Settings, Privacy, and Security’ changes are the virtual back-door of the application will be left wide open, allowing unwanted guests to wander in at will. Think of these products as the IKEA products of the IT world. You’d never buy a bed from IKEA, take home the flatpack and sleep on it – you’ve got a assemble it first.

So shouldn’t we be educating users rather than beating-up the vendors? And why aren’t the authorities using their efforts to inform end-users better?

During this period of lockdown, video meeting applications like Zoom and Teams are a vital way to maintain connections and conduct business. Rather than constrain, hound and distract the providers of these great products, the authorities would be better off channeling their efforts to educate and inform users. Like they do at IKEA – give them the instructions to build the bed, don’t ask the bed builder to come round to your house and do it for you!