“Can you hear me now?"
Conference calling has always been around, however no one is ever confident whether it is working as intended. All-time favorite questions for conference calls are still “Can you see my screen?” or “Can you hear me now?,” which usually results in a very quick answer from the audience because it’s obvious (to them, at least.) However, if the question was about whether “unauthorized” people could see and hear what you’re sharing and saying, what would you say? Could you confidently answer that question? What if it was not just one meeting currently in session, but multiple previous meetings that were recorded and shared across a company?
Privacy and Security are important features of video conferencing even though you can’t “see” them. At the risk of oversimplification, Privacy is focused more on keeping the user’s identifiable information anonymous to everyone at the service except for a select few. Security is focused more on the service preventing unauthorized access of data, which may include user data. These two aspects are crucial for video conferencing because they help create a sense of openness where we can freely talk about our work, our teams, and ourselves without having to worry about it being exposed to eyes and ears they were not meant for.
However, Privacy & Security often come at the expense of ease-of-use. One of the big issues that has come up for Zoom has been its lack of end-to-end encryption, which it claimed it supported but was later found to be Transport Layer Security. This meant that things were only encrypted in transit and Zoom could access your info when it arrived at its servers. Zoom complied with its customers’ requests for End-to-End Encryption, but at the loss of the ability to dial-in from phones and the added need to give Zoom some personal information, especially for the free tier. As Zoom may no longer know who is in the calls, it needs a minimum amount of identification such as a phone number. Microsoft Teams has built a robust Secure Real-time Transport Protocol for video, audio, and desktop sharing but the encryption (and corresponding keys) are owned entirely by Microsoft, which means a loss of control for its customers.
Some prefer ownership to be shared with the community rather than a commercial organization. Jitsi Meet is an open source application that’s moving towards end-to-end encryption and its building blocks are created by a vibrant community that’s more interested in personal and communal reputation than monetary gains. It requires a different company mindset to nurture an open-source culture for its products and for users to feel protected.
More immersive technologies, such as Oculus VR, make communication more effortless by revealing more of our body language, a useful cue for when to reveal certain information to others. With this enhanced communication, however, comes a few unique security concerns. Virtual reality headsets can collect biometric data that some fear could be used for nefarious purposes, such as denying a person auto insurance if data indicates they have a slow reaction time. Additionally, Oculus has future plans to require a Facebook account in order to use the headset, forcing users to tether their data to a company reputable for unconscionable data mining. Sales of Oculus headsets have been halted in Germany because of these very privacy concerns. Cameras on the outside of the headset used to map a person’s movement can also map the interior of their homes.
These examples show how difficult these payoffs and tradeoffs are, especially when there are a plethora of video conferencing tools to choose from as many companies join this gold rush.
Unfortunately, in areas of Privacy & Security, the weakest link is usually not the network, application, device, or data storage - it’s usually people. Privacy features such as waiting rooms, renaming, and password protection were made available but people did not use them. Thankfully, Zoom has now moved towards Smart Defaults, which turns those security features on by default and are easily accessible from the application. This means that the user is protected by default but still has control over those discrete features, which is a nice balance of payoff and tradeoff. Compare this to Microsoft Teams where a simple name change requires a request from your administrator. It could be argued that it’s more secure, but it comes at the cost of less control for the user and additional, unnecessary tasks for an administrator.
All these Privacy & Security features exist to protect us during video conferencing so that we can be more open about what we’re discussing and sharing. Whether it’s a doctor’s teleconference call or a work meeting, we believe this openness helps us to connect with one another.
- Part 1 Video Conferencing, What exactly is missing?
- Part 2: Communication
- Part 3: Confidence (Current)
- Part 4: Collaboration (Coming Soon)
- Part 5: Connection (Coming Soon)
We are interested in diving deep into ways to best connect while remote during this pivotal time. If you work in video or any form of digital communication, we would jump at the opportunity to help.
Links & Resources
This multi-part report was generated from ~100 hours of desk research, insights, and design by Sean Jalleh, Maggie Feuchter, and Vivian Lee. Directed by Nathan Kendrick and Audrey Crane.
As always, we're here to help
DesignMap is in the fortunate position to be of help to companies during this challenging time. We are working overtime with our current clients to build nimble-yet-steady capabilities. DesignMap is always available. It is our most sincere hope that as many companies as possible—small and large—are able to weather these choppy waters.
- Project-based Teams with User Research, UX and UI Design disciplines.
- Staff Augmentation, highly trained and experienced designers who work side-by-side integrated in your team.
- Coaching and Advisement, the Partners have 20 years of industry experience.
- UX Training and Workshops, designed for the multi-discipline team we have content tailored to executives, product managers, designers, and engineers.
We're working with clients like Atlassian, Asana, and RingCentral with these services designed for business continuity.
—Audrey, Chuck, Greg, and Nathan
