March 31, 2020
care should be taken to ensure that the provider neither evaluates metadata (who communicated with whom and when) nor evaluates the content data of the communication for its own purposes or passes it on to third parties.There are options:
There are numerous solutions based on open source software (e.g. Nextcloud Talk, Jitsi Meet, RocketChat or Matrix) that can be used in accordance with data protection principles.They warn that it’s been shown that especially mobile apps sometimes reach out to their makers, or even third parties (like Zoom which was recently shown to share user data with Facebook, irrespective of the user having a Facebook account) and this is a risk a Data Protection Officer needs to be aware off. You are, as organization, responsible for where the data of your users ends up and pushing them to a solution with terrible terms of service is legally risky. There is a number of other tips including on the use of video chat, and we recommend German readers the entire recommendation.