School Districts, Including New York City’s, Start Banning Zoom Because of Online Security Issues

(The Washington Post) -

Some school districts around the country have started to ban the use of Zoom for online learning from home during the coronavirus crisis because of growing concerns about security, and others are reassessing how and whether to use the teleconferencing platform.

Days after the FBI issued a warning to the public about the “hijacking” of online classrooms and teleconferences, the New York City Department of Education, which runs the largest school district in the country, said teachers should no longer use Zoom and should instead work through Microsoft Teams.

Other school districts, too, have banned Zoom or are trying to beef up security around its use. Clark County Public Schools in Nevada said in a statement that it had decided to “disable access to Zoom out of an abundance of caution due to instances of hacking that created unsafe environments for teachers and students,” but that it was looking at options to that might allow it to resume access.

Asked about the school districts that are banning its platform, Zoom said in a statement:

“We are deeply upset to hear about the incidents involving this type of attack and we strongly condemn such behavior. Starting on March 20th, we have been actively educating users on how they can protect their meetings and help prevent incidents of harassment through features like waiting rooms, passwords, muting controls and limiting screen sharing. We have also been offering trainings, tutorials, and webinars to help users understand their own account features and how to best use the platform. We are listening to our community of users to help us evolve our approach – for example, we recently changed the default settings for education users to enable waiting rooms by default and ensure teachers by default are the only ones who can share content in class. Finally, we encourage users to report any incidents of this kind directly to https://support.zoom.us/hc/en-us/requests/new so we can take appropriate action.”

The FBI issued a warning to the public earlier this week about the “hijacking” of online classrooms and teleconferences after it received reports of disturbances by people shouting racist and threatening language and displaying hate messages. It said saboteurs were hacking into online meetings in a phenomenon now called “Zoom-bombing,” because Zoom has become the most popular teleconferencing choice for K-12 schools and colleges and universities during the pandemic.

Concerns about online security have been rising as most of the nation has moved to online education, with school buildings closed to try to stem the spread of a novel coronavirus that has stopped public life around the world. Schools have rushed to put together online lessons and programs, sometimes without strict security filters. There have been numerous reports of intruders disrupting classes and school meeting, from elementary school to higher education.

For example, University of Florida President W. Kent Fuchs reported an intrusion of a student government meeting by someone who displayed racist messages, swastikas, and death threats.

Teachers in New York City were just sent updated guidance from the city’s education department on video conferencing, which said that after reviewing requests by students, teachers and service providers to credential Zoom for use, security and privacy issues on the Zoom platform were raised. “Based on the DOE’s review of these documented concerns, the DOE will no longer permit the use of Zoom at this time,” the document says.

In Los Angeles, some elementary-school teachers have already stopped using Zoom because of intruders, the Los Angeles Times reported.

In the Edmonds School District in Washington state, officials have taken steps to tighten security around the use of Zoom and other online platforms. Lynwood Today reported that teachers have been told to offer Zoom meeting information only in nonpublic forums, such as email, and participants to a Zoom meeting will not have to turn on video once they are in the meeting and not before.

On social media, some people are posting videos of classes they have hacked, and putting out calls for students to provide information on when classes are being held and how to log in. The Washington Post reported this week that thousands of personal Zoom videos have been left viewable on the open Web. Space X and NASA have both banned the use of Zoom because of security issues.

Amelia Vance, director of youth and education privacy at the nonprofit Future of Privacy Forum told Washington Post reporter Laura Meckler that there is now a lot of confusion about how to navigate the online world.

“When you have companies like Zoom announce they were going to make their products free in full for educators, a lot of people were very thankful,” she said, and she heard from educators, districts and administrators who asked whether security was “genuinely an issue.”

“First and foremost I’ve been pushing really hard on making sure that educators and administrators are using tools that were made for education,” she said. “There is a very complex legal landscape around student privacy, and products made for consumers generally, for offices, for adults are unlikely to comply with those laws.”

She said she almost feels “a little bad for Zoom on this one because it’s not something unique for them,” she said, noting that Internet trolls are nothing new. She also said that Zoom had originally made it “easy for those abusing the platforms to do so” but now the company appears to be moving to address security issues.