Legal and data protection research writer at TermsFeed.
On this page
- 1. Meeting Recording Laws
- 2. Why Use Meeting Recording Disclaimers?
- 2.1. Understanding What is Being Recorded
- 2.2. How Secure are Recorded Meetings?
- 3. Examples of Meeting Recording Disclaimers
- 3.1. Microsoft Teams Disclaimer
- 3.2. RingCentral Meetings Disclaimer
- 3.3. Cisco Webex Meetings Disclaimer
- 4. Sample Meeting Recording Disclaimer Text
- 4.1. Gateway Regional School District
- 4.1.1. Virtual Live Session Disclaimer
- 4.1.2. Meeting Invite Disclaimer
- 4.2. Barnard College
- 4.2.1. Zoom Meeting Recordings
- 4.3. University of British Columbia
- 5. Best Practices and Key Takeaways for Meeting Recording Disclaimers
With the proliferation of privacy laws worldwide and a significant class-action lawsuit against the popular Zoom video conferencing platform, the need for recording disclaimers is growing.
In the following article, we'll take a look at recording laws, risks and ramifications of ignoring these laws, ways to obtain user consent, best practices for creating your own recording disclaimers, and then we'll provide some clear examples.
Our Disclaimer Generator can generate a legal disclaimer for your business, website or mobile app. Just follow these steps:
- At Step 1, select where your Disclaimer will be used.
- At Step 2, add in information about your website/app and business.
- Answer some questions about your business practices.
Enter an email address where you'd like to receive your Disclaimer and click "Generate."
Done! You'll be able to instantly access and download your new Disclaimer.
Meeting Recording Laws
Many corporations are using video conferencing for meetings with remote employees. This is a great way to save on time and money. But it also comes with the requirement of enhanced legal compliance.
As you may know, video conferencing platforms like Zoom allow you to set up virtual business meetings with colleagues, potential partners, and more. Further, the platform (like many others) enables you to record your sessions.
When the Coronavirus pandemic struck, Zoom became one of the top go-to video conferencing platforms, causing the corporate workflow structure to shift dramatically.
However, along with the convenience that video conferencing platforms provide, came potential liability. For example, Zoom-bombing was a major problem that emerged in the early stages of the pandemic.
For those who don't know, Zoom-bombing is when uninvited individuals disrupt Zoom meetings by hacking into calls. These hackers can then view and attend the conference and sometimes share undesirable content with everyone else in the meeting.
Although Zoom released security updates that included new safety features and controls as a result of Zoom bombing and other privacy concerns, it wasn't enough to meet the demands of privacy regulations like The Electronic Communications Privacy Act (ECPA) of 1986, which provides guidance for recording calls.
That guidance applies to video conference calls because the ECPA regulates the acquisition and use of aural transfers (any transfer containing human voice from the point of origin to the receiver) via electronic communications.
Under the ECPA, it is against the law to record a conversation without consent from at least one party.
Another relevant law is California's Wiretapping Law (California Penal Code section 632), making it a crime to eavesdrop on or record any confidential communication unless all parties to the conversation have provided consent.
On behalf of Zoom's users, New York's attorney general Letitia James was the first to respond to Zoom's data practices. On March 30, 2020, James wrote to Zoom to inquire about Zoom's security measures in light of growing traffic and reliance from key industries.
A second class-action lawsuit was filed in California's Northern District Court a day later, citing similar data-sharing complaints. Further, the suit revealed the misleading nature of Zoom's marketing materials, which claimed that Zoom used "end-to-end encryption for all meetings" while it routinely shared personally identifiable information (PII) with unauthorized third parties such as Facebook.
In the end, Zoom settled the class-action suits against it for $85 million. As part of what seems to be a direct result of these lawsuits, starting in May of 2021, Zoom began requiring businesses to ask for and acquire consent before recording their meetings.
Many other video conferencing platforms are likely to require the same in the near future. Even if they don't, businesses should understand the legal risks they may face if they don't gain user consent before recording video calls and conferences.
You should be aware of specific laws if you record calls of any type, including video conference meetings. Because laws differ by state, it can be challenging to know what compliance entails.
For instance, North Carolina is an example of a one-party consent state. Participants can indicate consent to being recorded if they are informed that the call has been recorded and then "continu[e] with the conversation in the face of that warning."
At the same time, some states, including California, Connecticut, and Florida require all parties to agree to the recording.
Video conference calls can be complicated because participants could be spread across different jurisdictions and have to determine the governing law. Complexity is made worse by the many approaches that are used to determine that.
Various jurisdictions use the location of the recording device as a way to determine the law. Others apply the law in the state where the person being recorded is located.
Regardless, no matter where your company conducts business, you should always obtain consent before recording any video conferencing meeting that common sense tells you might be "confidential" or "private."
Companies must notify those participating in online meetings to obtain that consent properly. Those who continue with the call after they've been given notice may be considered to have provided implied consent to recording the call.
Notice that the call is going to be recorded can be given through emails, banners, or other means. However, the most common and most accepted method is through the use of a meeting recording disclaimer.
Many platforms offer built-in support for acquiring consent.
Zoom, as discussed above, now informs participants when Zoom records a video conference through the use of a disclaimer. When a user joins an existing meeting, or the host begins recording, the recording disclaimer is displayed.
Why Use Meeting Recording Disclaimers?
Recording consent disclaimers solve several issues. For instance, there are laws in the United States concerning the unauthorized recording of conversations. Many other countries have them, too.
In fact, violations of laws like the General Data Protection Regulation (GDPR) of the European Union or the Canadian Personal Information Protection and Electronic Documents Acts (PIPEDA) can lead to severe civil and criminal litigation.
Recording disclaimers allow you to obtain implied consent, which is sufficient in most states in America if not in Europe. It's highly recommended that companies consult with an attorney to determine precisely what constitutes consent in the regions in which they intend to do business.
For example, is it sufficient to display an icon on a screen for a conference that indicates "recording"..? Should the person leading the meeting declare that everything is being recorded?
Is it necessary for everyone to affirmatively give consent when they are on the line? If so, how should they do that? Should they provide verbal consent? Should they type that they consent in the chat?
Is it enough to attend the meeting? How about individuals who join a video conference after it's begun? Is it possible they could later claim they were illegally recorded?
Should you use a pre-made disclaimer, such as those now provided by Zoom?
Note that it's not just Zoom that provides pre-meeting disclaimers. Other video conferencing applications allow companies to embed a recording disclaimer within the meeting invitation.
Understanding What is Being Recorded
It's not just video and audio data that is recorded during video conferencing calls. Recordings of meetings can include information about the host and participants and documents circulated through screen sharing and chats.
Different parts of a company's retention policy could cover that data. Moreover, if there is ever litigation, different data types could create collection issues.
How Secure are Recorded Meetings?
You can mitigate risk, but you cannot eliminate it entirely. Experts at computer and internet security can theoretically hack even the most secure video conference meeting.
Zoom, as previously discussed, was accused of misrepresenting its encryption level for video conferencing meetings.
Zoom claimed it used "end-to-end encryption for video meetings" to protect against external attackers and prevent Zoom from accessing video conference contents. However, Zoom was actually using transport encryption.
That means Zoom had access to unencrypted audio or video from meetings.
Of course, each platform has its own security issues and settings. No matter what platform you use, it is essential to review the security features in order to determine if there are any risks.
It's also yet another reason to use a recording disclaimer and obtain consent from users before conducting an online meeting.
Examples of Meeting Recording Disclaimers
Most of the big video conferencing platforms have a recording disclaimer, which is displayed before a user enters a meeting. You've seen Zoom's already. Here are some of the others.
Microsoft Teams Disclaimer
Every recording of a Microsoft Teams meeting is accompanied by a notice to attendees that a recording is being made. This disclaimer notice links to the Privacy Notice that online participants can view. The meeting organizer also controls who has the right to record:
RingCentral Meetings Disclaimer
According to RingCentral's documentation, RingCentral Meetings users can modify recording settings under the Recording tab. Before a recording begins, you can show participants a customizable disclaimer:
Cisco Webex Meetings Disclaimer
Cisco Webex Site administrators can place a disclaimer that appears whenever a host begins a meeting, or a participant joins one. It also shows up when a Cisco Webex session recording starts:
Now that you've seen some examples of formats and styles, let's take a look at what the specific wording and content of the disclaimers can be.
Sample Meeting Recording Disclaimer Text
Not all video conferencing disclaimers have to say the exact same things. As you can see, most platforms allow the host to customize the disclaimer message. Here's how a few organizations have chosen to word theirs.
Gateway Regional School District
The Gateway Regional School District in Huntington, Massachusetts, has a few different video conferencing disclaimers, which it uses for different situations. Interestingly, its recording disclaimers aim to ensure that recordings do not occur:
Virtual Live Session Disclaimer
"The Gateway School District is using remote learning opportunities through the use of video communication. It is important that we continue to respect the privacy and intellectual property rights of our school community - our teachers and our students. By participating in remote learning, you agree that you may not save, record, share or post this session or any photos from this session without prior permission. Staff also agree that they will not save, record, share or post this session or any photos from this session without prior permission. The rules in school apply to this remote classroom experience. Students must treat each other with respect during their time together and must obey school rules. If you or your parents do not agree to these rules, please disconnect from any sessions and contact your school principal to receive an alternative learning packet."
Meeting Invite Disclaimer
"By participating in the meeting, all parties agree to the following: The parties hereby agree to hold the IEP/504 Team meeting remotely. The parties acknowledge and agree that the IEP Team meeting is being held remotely due to Governor Baker's Executive Order dated March 15, 2020, which prohibits in-person instruction and educational operations until May 4, 2020, while schools are closed due to the Executive Order. By participating in the remote IEP/504 meeting, the participants agree not to save, record, share or post the IEP/504 meeting. The parties acknowledge that, due to rapidly evolving events in connection with the current state of emergency, they have not been able to fully determine the extent to which the remote meeting platform complies with Massachusetts student privacy and digital privacy laws, as well as the Family Education Rights and Privacy Act. The District will take all reasonable measures to preserve your privacy and the privacy of your child, and each of our educators will continue to maintain the privacy of your child's student record information. The Parents/Guardians agree to excuse the District from the strict performance of IEP/504 timelines which are not feasible pursuant to governmental directives arising from or related to COVID-19 pandemic issues.)."
Barnard College at Columbia University does the exact opposite. The text of its recording disclaimers states the following:
Zoom Meeting Recordings
"RECORDING NOTICE: This online event enables an attendee to participate through a personal device's microphone and/or camera. An attendee may elect not to participate through use of a microphone and/or camera. The election of an attendee to use a microphone and/or camera constitutes a release and waiver of rights in the capture of the attendee's image, likeness, and/or voice for the exclusive use by Barnard College."
University of British Columbia
The University of British Columbia staff that use Zoom know that the platform already provides recording notifications to participants. However, online instructions urge staff members to:
"Ask participants for consent when a recording starts," and "Ask the host to confirm before starting a recording."
Instructions then suggest that it's recommended to check both options.
Best Practices and Key Takeaways for Meeting Recording Disclaimers
Videoconferencing is an integral part of how most do business today. Remote meetings are considered essential and will likely continue to be so for the foreseeable future. However, there are significant privacy and legal issues to address if your company must record its online meetings. Therefore, you must take proactive steps to ensure that your business complies with relevant laws.
Meeting organizers must ensure that all participants are informed about the fact that recording will take place, and you should acquire consent before pressing "record," especially as some users may be calling from another country or two-party consent states.
Failure to obtain consent before a recording can result in civil damages or, in certain cases, criminal penalties. Remember that most video conferencing platforms like Zoom have a consent feature, making providing notice easy.
However, it is still best to verbally notify all members before pressing the red button in addition to the platform's written notification.
For more information on how to securely implement and use Zoom, read our feature article: How to Securely Implement and Use Zoom.