Germany warns Zoom videoconferencing of privacy law violations

Germany’s Hamburg privacy watchdog warned its government on Monday that the use of Zoom’s on-demand videoconferencing violates the EU’s privacy laws.

Privacy advocates considered that the use of the U.S.-based service will lead to the transmission of EU data to the company’s hometown.

“The transmission of data is said to reach the U.S., which violates the EU’s General Data Protection Regulation (GDPR),” said Ulrich Kühn, Hamburg commissioner for Data Protection and Freedom of Information (Hmb BfDI), in a statement.

The warning statement was firmly aimed at Hamburg’s state government, the Senate Chancellery of the Free and Hanseatic City of Hamburg (FHH).

The watchdog spokesperson explained that the use of the U.S. service violated GDPR considering the July 2020 “Schrems II,” that prevent businesses from carrying out basic data transfers to non-EU countries, and canceled EU-U.S. Privacy Shield arrangement for transatlantic data transfers.

This notice follows a similar initiative that was declared earlier in April by the German Foreign Ministry to restrict the use of the video conferencing service Zoom due to security concerns.

Meanwhile, the company’s spokesperson said its video-meeting service for the city of Hamburg and other German organizations complied with EU privacy laws.

Additionally, Zoom published an explanatory report about data transfers from Europe to the U.S.

According to the published document, Zoom will sign Standard Contractual Clauses (SCCs) with EU customers. Moreover, the company promises to take “additional safeguards” to protect data to an equivalent level as Europe’s data protection laws.

Similarly, Microsoft – which provides Teams, a service similar to Zoom — announced earlier in May a plan to allow EU organizations to store data in its European data centers by the end of 2022.