Makor computing society releases statement on security for virtual meetings

The Association for Computing Machinery’s US Technology Policy Committee (USTPC) recently released a new Statement on Security and Privacy Principles for Virtual Meetings. Intended to provide practical guidance to platform designers, meeting hosts, and participants, the statement offers eight principles to guide the safer design, deployment and individual use of virtual meeting technology. The new statement builds upon the report, “Virtual Conferences: A Guide to Best Practices,” that was developed by a special task force ACM convened as the COVID-19 pandemic caused ACM, and many other organizations, to replace physical conferences with virtual meetings.

Among other suggestions, the eight principles promoted by USTPC’s Statement urge platforms to:

• continually assess and refine their products to maximize users’ security and privacy;

• use end-to-end encryption;

• provide meeting hosts with a set of at least six tools to maximize meeting security and deal effectively with meeting disruptions (including “Zoombombing” activity);

• empower all users, including those with accessibility challenges, with a broad range of privacy-related information, such as whether the call is being recorded and who else is participating;

• limit information collected about participants to only what’s needed to provide meeting services; and

• safeguard user information from third parties by default unless a user clearly has “opted-in” to such distribution.

Hosts are also encouraged to select and require meeting participants to abide by a code of conduct that, at minimum, sets ground rules for capturing and sharing information disclosed during virtual meetings.

“Just as increased awareness of what makes for good hand-washing hygiene will help keep us all safe and to recover from the physical threat of COVID-19, USTPC hopes that helping to define and raise awareness of what good virtual meeting hygiene means will help reduce the digital threats to which so many of us are now exposed online in inadequately protected virtual meetings,” said USTPC Chair Jim Hendler. “While our new Statement, by itself, cannot eliminate any potential threat to the safety and security of virtual conferences, our aim is to provide some guideposts for those who want to maintain the integrity of these systems,” he added. “As an association for computing professionals, we have the ability and feel a social obligation to draw on the expertise of our members, many of whom develop virtual meeting technologies and maintain the infrastructure that supports them, to provide guidance to all stakeholders who use these technologies.”

Jeanna Matthews, lead author of the Statement and co-chair of the task force whose work underlies it, explained, “We launched an ACM initiative around virtual meetings because conference organizers were reaching out to us saying ‘we need to organize a virtual conference right away, but we don’t know where to start.’ People participating in virtual meetings have a right to expect privacy and security. The eight principles outlined in the statement will raise awareness of some of the challenges in keeping these systems secure, as well as baseline requirements that should be adhered to.”

The eight principles outlined in the Statement on Security and Privacy Principles for Virtual Meetings also are grounded in the ACM Code of Ethics and Professional Conduct. The Code is designed to inspire and guide the ethical conduct of all computing professionals, including current and aspiring practitioners, instructors, students, influencers, and anyone who uses computing technology in an impactful way.

###

ACM’s US Technology Policy Committee (USTPC) serves as the focal point for ACM’s interaction with all branches of the US government, the computing community, and the public on policy matters related to information tech¬nology. The Committee regularly educates and informs Congress, the Administration, and the courts about significant developments in the computing field and how those developments affect public policy in the United States.

ACM, the Association for Computing Machinery, is the world’s largest educational and scientific computing society, uniting computing educators, researchers and professionals to inspire dialogue, share resources and address the field’s challenges. ACM strengthens the computing profession’s collective voice through strong leadership, promotion of the highest standards, and recognition of technical excellence. ACM supports the professional growth of its members by providing opportunities for life-long learning, career development, and professional networking.