Why Zoom and Microsoft can't be used legally in the EU

2 min read
May 3, 2023

Did you hear that a few days ago, the annual "Oscars for Surveillance" known as the Big Brother Awards 2023 were announced in Germany? These are not necessarily prizes that companies would display or be proud of, as they are negative awards for data sinners.

A jury of five data protection and IT legal experts proclaimed the winners in five categories and also revealed some alarming facts about the data handling and privacy policies of Zoom and Microsoft.

Eine Säule eingekleidet mit BBA-Geschenkpapier.

Isn't Zoom secure?

Zoom Video Communications, Inc. won the “Communications” category". Despite claiming compliance with the GDPR, the US-based company is legally obliged to share data with intelligence services. A significant part of Zoom's development occurs in China, subjecting it to Chinese control and censorship as well.

Zoom's privacy statement states, “We collect this data to provide you with the best experience with our Products…” However, Zoom is not GDPR-compliant, and the place of jurisdiction is California. This means that data shared on Zoom, including meeting and user metadata, always ends up in the US-based “Public Zoom Cloud.”

Microsoft among data sinners

Microsoft, on the other hand, received the Big Brother Award 2023 in the "Lifetime Achievement" category for its market dominance and for forcing people, companies, and government agencies to regularly transmit data as part of their digital activities. Microsoft 365 has been deemed impossible to align with data protection regulations by the Conference of German Data Protection Commissioners.

Although Microsoft is building and extending 17 data centres in Europe to attract more trust, this does not change the fact that US government agencies demand access to this data via the Cloud Act and the Foreign Intelligence Surveillance Act. These laws oblige Microsoft to provide the US security agencies with any data they hold, including that overseas or in Europe, and to remain silent about having done so.

Alternative to Zoom and Microsoft

As a European company, we urge you to consider the risks associated with using Zoom and Microsoft products and services and to explore privacy-friendly alternatives for your communication and data storage needs.


GDPR-compliant Video Conferencing

Digital Samba is entirely developed and hosted in Europe, fully data agnostic, GDPR-compliant, and highly secure, thanks to E2EE.

That's why, at Digital Samba, after 20 years of experience, we have focused exclusively on developing the first video conferencing API & SDK specifically designed to meet the stringent requirements of the European market.

Digital Samba is entirely developed and hosted in Europe, fully data agnostic, GDPR-compliant, and highly secure, thanks to E2EE. We currently serve a range of customers, including those in:

  • education/e-learning
  • telemedicine video consultations
  • virtual events
  • arbitration, and mediation
  • other industries.

Our pre-built JavaScript video conferencing component can be seamlessly integrated into your application or website using our modern API/SDK. This makes it an ideal choice for projects requiring not only high-performance and scalable video conferencing but also a secure and reliable solution as part of a larger feature set.

Interested in discovering why opting for GDPR-compliant video conferencing is crucial? Just shoot us a message and we'll gladly share more information with you.

Embed GDPR-compliant video conferencing into your app
Talk to the team


Get Email Notifications