<-- Go Back

Privacy Risks of Working From Home

  • Should we care about privacy during coronavirus pandemic?
  • Why is privacy a big deal during this crunch?
  • Let’s understand WHY privacy may be a big enchilada.
  • The coronavirus pandemic has led to a situation where the offices are packed up and social distancing is proposed by the government. Nations including India, South Africa, and the UK have announced 21 days of lockdown. But because of the web era and progress in technology, anyone can carry out their regular work from the comfort of their couch. Working from home is a luxury but this luxury comes with its downsides. Not only can remote workers have their privacy put in danger, engaging from home could end in breaching company security too.

    Many organizations(govt. & non-govt.) have allowed work from home. Most of the meetings and interactions are held using tools like Microsoft Teams, Slack, Zoom, Hangouts, Citrix, etc. But are these apps safe? Greater privacy risks and employer surveillance is awaiting us.

    Rajappan: Breaking the limits

    It's surprising that my payment app Paytm doesn’t work if Zoom is installed on my phone. Unless such screen recording apps are uninstalled Paytm won’t work. But how does my payment app know that I even have zoom installed? And who asked them to audit my device. By the way thanks for your concern Paytm. I did some reconnaissance and found this blog which explains the policy of the app.

    Most of the developers have used Slack at some point of work. You may have noticed that free slack workspaces only allow visibility to 10k messages. A paid plan enables the user to see messages past the limit. But slack messages which we can’t access are still there in the servers. There’s Slarck which allows the user(usually the admin)to keep a replica of the team chats. Slack should give free account control over retention.

    In slack, the admin controls the workspace and has the authority to make policies that may even allow the boss to see your personal slack conversations. Here’show. Paying attention to your workspace setting can assist you to figure out the admin’s intention.

    When you gossip within the office and your boss overhears you there’s still an opportunity of escaping by making some excuse but when your boss has the screenshot of your gossips none of the justifications are gonna save you.

    So why put your job and your privacy in danger. Don’t use the meeting app for private conversations.

    Most of the apps like zoom have policies that only tracks if the window is open. Zoom allows admins to ascertain detailed views on users using Zoom, with detailed real-time dashboards. If a user records any calls via Zoom, admins can access the contents of that recorded call. For any meeting that has occurred or is in-process, Zoom allows administrators to determine the OS, IP address, location data, and device information of each participant. Attendee attention tracking tracks attention while someone is sharing a screen. Using End-To-End Encryption for Chat would be a wise choice. Hangouts users may expose their private email addresses to others within the firm. Although Google says it doesn’t sell your data, they do share, monetize, and exploit it. Find how.

    Employee monitoring can go overboard and instead of being a tool that needs to increase productivity and efficiency companies means to locate their employees not only during work hours but even during off-hours. A number of the privacy endangering features are taking screenshots of employees’ screens at like every 10 minutes, video recordings during off-hours, tracking Geo-location, and maintaining communication logs. Giving unnecessary permissions like access to sensors or call logs can invite unnecessary privacy risks. Don’t Become a COVID-19 Identity Exploit Victim.

    Singapore is doing a reasonably good job of employing a Bluetooth mesh network to performcontact tracing. Data is stored on-device and only is often activated when contact tracing is important. No location data is collected.

    What are the open-source alternatives ?